Overview

URL email.mail.usbfund.com/c/eJyNkdtugzAMhp8G7kA5AIOLXEyq-hrIMU6bjQSUQ6u-_dK1nXo5KVL8-4v12w4pPgzdNI0dF_WiNPsYuME6pi3QHMgozmUn67NiHJEmEt0wIe9MbwwhDRzNWGJkVKcA-A16pTnddlKVEAhuB3vyJaxXdU5pj5X8rMSxnOv12uaoTfZLi5srmUiYAy3NJTbZv8RqPTWbabAIm-6l8piTm-OWA1IlDxpu5E9wokoMd-DKu-wKeJk35MCuT_rXkTz8w-5tJLsoLns51VYJJgRnrOeTlIK3kiNJqTUb-TRCj1XH7obvw9VBfZ0hBBsLjN6W1A7eUvyFSaHT8_O6QJgfRkkln-bH9h-_kXPpouxyASMXGDVAp4v8AZWglVo
IP34.127.83.42
ASNGOOGLE
Location United States
Report completed2022-10-06 05:50:45 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-06 2 email.mail.usbfund.com/c/eJyNkdtugzAMhp8G7kA5AIOLXEyq-hrIMU6bjQSUQ6u-_dK1nX (...) Malware
2022-10-06 2 www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/js/jquery.cook (...) Malware
2022-10-06 2 www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/js/tracking.mi (...) Malware
2022-10-06 2 www.usbfund.com/wp-content/themes/usb/js/accounting.min.js Malware
2022-10-06 2 www.usbfund.com/wp-content/themes/usb/js/site.js Malware
2022-10-06 2 www.usbfund.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 Malware
2022-10-06 2 www.usbfund.com/wp-content/themes/usb/js/plugins.js Malware
2022-10-06 2 www.usbfund.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Malware
2022-10-06 2 www.usbfund.com/fonts/socicon.woff Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (87)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ocsp.usertrust.com (1) 899 2012-05-21 15:43:18 UTC 2022-10-06 04:46:13 UTC 172.64.155.188
mnemonic passive DNS pixel.tapad.com (2) 400 2012-10-01 07:23:01 UTC 2022-10-05 14:35:52 UTC 35.227.248.159
mnemonic passive DNS ocsp.godaddy.com (1) 698 2012-05-20 19:28:57 UTC 2022-10-05 10:10:40 UTC 192.124.249.41
mnemonic passive DNS js.hsforms.net (1) 7264 2013-09-26 02:52:40 UTC 2022-10-05 17:13:41 UTC 104.17.182.73
mnemonic passive DNS 511-lvj-854.mktoresp.com (1) 0 2016-11-21 23:15:54 UTC 2022-10-05 20:15:57 UTC 199.15.214.243 Domain (mktoresp.com) ranked at: 2732
mnemonic passive DNS googleads.g.doubleclick.net (1) 42 2021-02-20 15:43:32 UTC 2022-10-06 04:25:51 UTC 142.250.74.162
mnemonic passive DNS aa.agkn.com (2) 431 2017-01-30 05:01:07 UTC 2022-10-06 04:41:12 UTC 3.120.204.36
mnemonic passive DNS ocsp.sectigo.com (3) 487 2018-12-17 11:31:55 UTC 2022-10-05 19:52:13 UTC 172.64.155.188
mnemonic passive DNS forms.soundestlink.com (2) 16969 2016-03-10 06:08:55 UTC 2022-10-05 17:40:07 UTC 104.18.27.48
mnemonic passive DNS snap.licdn.com (1) 1044 2014-10-06 08:43:45 UTC 2022-10-05 07:32:13 UTC 23.36.76.121
mnemonic passive DNS omnisrc.com (1) 48023 2017-10-18 09:33:08 UTC 2022-10-06 02:47:55 UTC 104.18.5.28
mnemonic passive DNS code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2022-10-05 07:49:36 UTC 69.16.175.10
mnemonic passive DNS process.iconnode.com (1) 63404 2017-01-30 21:39:31 UTC 2022-10-06 00:53:43 UTC 13.248.238.122
mnemonic passive DNS tag.getdrip.com (1) 20100 2018-08-25 09:40:26 UTC 2022-10-06 03:47:45 UTC 54.230.111.55
mnemonic passive DNS ce.lijit.com (1) 812 2012-05-22 05:45:01 UTC 2022-10-05 18:04:07 UTC 216.52.2.19
mnemonic passive DNS js.hs-analytics.net (1) 2411 2013-09-26 02:22:44 UTC 2022-10-05 13:16:13 UTC 104.17.70.176
mnemonic passive DNS js.hs-scripts.com (2) 2571 2016-08-09 10:18:36 UTC 2022-10-05 13:16:12 UTC 104.17.210.204
mnemonic passive DNS sc.cdnma.com (1) 84971 2017-01-29 16:49:37 UTC 2022-10-05 20:15:56 UTC 54.230.111.12
mnemonic passive DNS www.googleadservices.com (1) 107 2012-07-21 05:05:30 UTC 2022-10-06 04:36:36 UTC 216.58.207.194
mnemonic passive DNS fei.pro-market.net (2) 2658 2012-10-30 06:46:59 UTC 2022-10-05 18:04:07 UTC 107.178.240.89
mnemonic passive DNS www.checkbca.org (31) 541438 2015-08-11 23:57:00 UTC 2022-10-05 20:15:55 UTC 207.137.0.213
mnemonic passive DNS status.geotrust.com (3) 3662 2017-12-01 08:55:31 UTC 2022-10-05 11:59:59 UTC 93.184.220.29
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-10-06 05:29:05 UTC 54.230.111.118
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-06 04:55:14 UTC 34.160.144.191
mnemonic passive DNS ocsp.pki.goog (18) 175 2017-06-14 07:23:31 UTC 2022-10-05 06:59:18 UTC 142.250.74.3
mnemonic passive DNS wt.soundestlink.com (1) 17559 2018-02-06 08:21:20 UTC 2022-10-05 17:40:07 UTC 104.18.27.48
mnemonic passive DNS i.simpli.fi (1) 3482 2012-05-30 00:30:03 UTC 2022-10-05 18:29:52 UTC 169.50.137.179
mnemonic passive DNS stags.bluekai.com (1) 471 2012-06-27 19:59:37 UTC 2022-10-05 18:04:07 UTC 23.38.201.22
mnemonic passive DNS ocsp.sca1b.amazontrust.com (13) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.118
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-10-06 05:42:08 UTC 142.250.74.174
mnemonic passive DNS omnisnippet1.com (1) 16560 2021-04-01 18:46:48 UTC 2022-10-05 17:40:08 UTC 104.18.40.169
mnemonic passive DNS px.ads.linkedin.com (2) 522 2017-08-08 16:28:50 UTC 2022-10-06 04:55:54 UTC 13.107.42.14
mnemonic passive DNS serve.albacross.com (1) 64177 2017-09-21 06:16:03 UTC 2022-10-06 05:47:19 UTC 54.230.111.94
mnemonic passive DNS us-u.openx.net (1) 357 2013-08-30 19:43:55 UTC 2022-10-06 04:47:01 UTC 34.98.64.218
mnemonic passive DNS fonts.googleapis.com (3) 8877 2013-06-10 20:14:26 UTC 2022-10-06 04:51:10 UTC 142.250.74.10
mnemonic passive DNS r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-10-06 04:46:31 UTC 23.36.77.32
mnemonic passive DNS email.mail.usbfund.com (1) 0 2022-07-06 20:38:09 UTC 2022-10-06 03:10:21 UTC 34.127.83.42 Unknown ranking
mnemonic passive DNS forms.hsforms.com (2) 5160 2018-03-07 15:21:13 UTC 2022-10-05 17:12:54 UTC 104.16.88.5
mnemonic passive DNS tags.clickagy.com (1) 44715 2018-09-26 07:45:45 UTC 2022-10-06 03:47:46 UTC 172.64.153.115
mnemonic passive DNS new-collect.albacross.com (1) 53310 2020-08-29 10:59:45 UTC 2022-10-05 22:05:58 UTC 52.48.206.34
mnemonic passive DNS widget.trustpilot.com (1) 6018 2017-09-05 07:45:53 UTC 2022-10-05 14:13:58 UTC 54.230.111.50
mnemonic passive DNS www.usbfund.com (31) 0 2017-02-10 14:01:41 UTC 2022-10-05 20:15:54 UTC 50.87.170.174 Unknown ranking
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-10-05 23:51:52 UTC 142.250.74.164
mnemonic passive DNS www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-10-06 05:14:22 UTC 142.250.74.3
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-06 05:02:20 UTC 35.165.41.15
mnemonic passive DNS sync.intentiq.com (1) 1476 2020-05-11 16:09:42 UTC 2022-10-06 05:02:16 UTC 54.230.111.126
mnemonic passive DNS pixel.rubiconproject.com (1) 314 2012-10-09 03:17:38 UTC 2022-10-05 14:50:27 UTC 213.19.162.90
mnemonic passive DNS beacon.cdnma.com (1) 72077 2019-06-19 21:00:32 UTC 2022-10-06 01:52:35 UTC 3.226.49.253
mnemonic passive DNS fonts.gstatic.com (6) 0 2014-08-29 13:43:22 UTC 2022-10-06 04:51:09 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-10-05 11:39:01 UTC 216.239.32.36 Domain (google-analytics.com) ranked at: 8401
mnemonic passive DNS um.simpli.fi (21) 744 2012-05-22 05:45:01 UTC 2022-10-05 18:04:07 UTC 35.204.74.118
mnemonic passive DNS ib.adnxs.com (2) 241 2012-05-23 22:36:14 UTC 2022-10-05 14:50:27 UTC 37.252.172.249
mnemonic passive DNS eb2.3lift.com (1) 402 2014-09-24 15:03:42 UTC 2022-10-05 17:50:32 UTC 76.223.111.18
mnemonic passive DNS prism.app-us1.com (1) 8479 2019-01-09 06:40:26 UTC 2022-10-05 17:53:18 UTC 104.17.145.91
mnemonic passive DNS sendlane.com (1) 82414 2014-12-13 15:20:03 UTC 2022-10-05 20:16:19 UTC 104.16.166.6
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-05 05:01:05 UTC 34.117.237.239
mnemonic passive DNS assets.anytrack.io (1) 73313 2020-04-27 16:14:57 UTC 2022-10-05 20:15:55 UTC 54.230.111.87
mnemonic passive DNS koi-3qnetrwct6.marketingautomation.services (1) 0 2018-10-02 20:17:26 UTC 2022-10-05 20:15:55 UTC 130.211.21.179 Domain (marketingautomation.services) ranked at: 12857
mnemonic passive DNS d.agkn.com (2) 524 2015-04-16 13:00:43 UTC 2022-10-05 18:04:07 UTC 52.30.100.208
mnemonic passive DNS bcp.crwdcntrl.net (2) 699 2020-02-08 17:13:11 UTC 2022-10-05 18:17:12 UTC 52.30.246.43
mnemonic passive DNS ocsp.sca1b.amazontrust.com (13) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.100
mnemonic passive DNS aorta.clickagy.com (2) 2306 2020-07-29 17:59:06 UTC 2022-10-06 03:47:46 UTC 3.214.87.107
mnemonic passive DNS hubspot-forms-static-embed.s3.amazonaws.com (1) 236210 2020-01-07 14:59:18 UTC 2022-10-05 21:08:49 UTC 54.231.133.249
mnemonic passive DNS www.linkedin.com (1) 608 2014-04-09 13:16:08 UTC 2022-10-05 11:39:14 UTC 13.107.42.14
mnemonic passive DNS track.sendlane.com (1) 270591 2017-01-30 16:03:15 UTC 2022-10-06 04:31:02 UTC 23.250.2.183
mnemonic passive DNS rec.smartlook.com (1) 17636 2017-01-30 04:27:35 UTC 2022-10-06 04:11:12 UTC 185.76.9.26
mnemonic passive DNS speedyfox.io (1) 268478 2019-02-15 09:24:11 UTC 2022-10-05 20:16:19 UTC 23.253.41.115
mnemonic passive DNS loadm.exelator.com (1) 1042 2012-05-22 07:59:51 UTC 2022-10-05 18:04:07 UTC 34.254.143.3
mnemonic passive DNS ocsp.digicert.com (9) 86 2012-05-21 07:02:23 UTC 2022-10-06 05:20:05 UTC 93.184.220.29
mnemonic passive DNS www.googletagmanager.com (2) 75 2012-12-25 14:52:06 UTC 2022-10-06 05:00:29 UTC 142.250.74.168
mnemonic passive DNS scripts.iconnode.com (1) 40696 2017-10-11 16:27:18 UTC 2022-10-06 03:38:59 UTC 54.230.111.63
mnemonic passive DNS shield.sitelock.com (1) 65503 2012-07-12 10:25:01 UTC 2022-10-05 20:15:55 UTC 45.60.14.54
mnemonic passive DNS js.hs-banner.com (1) 2426 2020-03-26 17:45:21 UTC 2022-10-05 16:23:05 UTC 172.64.154.85
mnemonic passive DNS track.hubspot.com (1) 2528 2012-12-25 23:30:42 UTC 2022-10-05 13:16:13 UTC 104.19.154.83
mnemonic passive DNS cm.g.doubleclick.net (2) 202 2013-05-30 23:19:45 UTC 2022-10-06 01:08:18 UTC 216.58.207.194
mnemonic passive DNS d.impactradius-event.com (1) 2612 2017-02-01 08:42:43 UTC 2022-10-05 18:44:37 UTC 35.186.249.72
mnemonic passive DNS trackcmp.net (1) 8111 2019-03-11 21:16:11 UTC 2022-10-06 04:27:15 UTC 172.64.145.151
mnemonic passive DNS munchkin.marketo.net (2) 3550 2012-12-17 00:39:54 UTC 2022-10-05 17:56:40 UTC 88.221.99.189
mnemonic passive DNS id.rlcdn.com (1) 618 2018-09-04 15:59:44 UTC 2022-10-06 04:44:52 UTC 35.244.174.68
mnemonic passive DNS simplifi.partners.tremorhub.com (1) 7073 2019-08-12 15:15:44 UTC 2022-10-06 04:35:02 UTC 23.23.58.205
mnemonic passive DNS ws.zoominfo.com (1) 8735 2019-11-13 21:26:54 UTC 2022-10-05 18:06:24 UTC 104.16.168.82
mnemonic passive DNS ajax.googleapis.com (1) 12905 2013-08-16 09:51:31 UTC 2022-10-05 23:40:29 UTC 216.58.207.202
mnemonic passive DNS ocsp.globalsign.com (2) 2075 2012-05-25 06:20:55 UTC 2022-10-06 04:46:52 UTC 104.18.20.226
mnemonic passive DNS sync.search.spotxchange.com (2) 523 2014-05-29 23:15:03 UTC 2022-10-06 04:46:49 UTC 185.94.180.126
mnemonic passive DNS sync.bfmio.com (1) 1205 2017-01-30 04:50:02 UTC 2022-10-05 18:04:07 UTC 34.206.126.93
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-06 04:25:36 UTC 34.120.237.76
mnemonic passive DNS diffuser-cdn.app-us1.com (1) 8451 2019-06-13 03:58:17 UTC 2022-10-05 18:14:10 UTC 104.17.145.91


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 34.127.83.42

Date UQ / IDS / BL URL IP
2022-12-02 05:15:10 +0000
0 - 0 - 3 email.notify.thinkific.com/c/eJwVjktuxCAQBU9j (...) 34.127.83.42
2022-12-01 14:41:51 +0000
0 - 0 - 1 email.mail.usbfund.com/c/eJxNUF2LwyAQ_DXxLSF- (...) 34.127.83.42
2022-12-01 12:26:32 +0000
0 - 0 - 9 email.mail.usbfund.com/c/eJyNkd2OwiAQhZ-m3LXh (...) 34.127.83.42
2022-12-01 12:26:22 +0000
0 - 0 - 1 email.mail.usbfund.com/c/eJxNUMuKwzAM_JrkluBH (...) 34.127.83.42
2022-12-01 12:26:23 +0000
0 - 0 - 1 email.mail.usbfund.com/c/eJxNUMuKwzAM_JrkluBX (...) 34.127.83.42

Last 5 reports on ASN: GOOGLE

Date UQ / IDS / BL URL IP
2022-12-04 14:31:04 +0000
0 - 0 - 15 bgeneralfw3com.loginbfwsignin3.repl.co/ 34.149.204.188
2022-12-04 14:29:24 +0000
0 - 0 - 2 m2milf.blogspot.de/search/label/REINAS%20NALGONAS 142.250.74.161
2022-12-04 14:27:13 +0000
0 - 0 - 2 borsacik.blogspot.com.es/search/label/bilan%C3%A7o 142.250.74.161
2022-12-04 14:25:51 +0000
0 - 0 - 6 landinglandlady1712.blogspot.de/2011/09/jenni (...) 172.217.21.161
2022-12-04 14:25:04 +0000
0 - 0 - 2 adigitalphotos.blogspot.com/search/label/Flickr 172.217.21.161

Last 5 reports on domain: usbfund.com

Date UQ / IDS / BL URL IP
2022-12-03 13:10:21 +0000
0 - 0 - 10 www.usbfund.com/15-best-blogs-cash-flow/?utm_ (...) 50.87.170.174
2022-12-03 11:13:07 +0000
0 - 0 - 8 email.mail.usbfund.com/c/eJxNkUluwzAMRU9j7xRo (...) 34.86.85.56
2022-12-03 11:13:08 +0000
0 - 0 - 1 email.mail.usbfund.com/c/eJxNkEluwzAMRU9j7xxo (...) 34.86.85.56
2022-12-03 04:04:06 +0000
0 - 0 - 8 email.mail.usbfund.com/c/eJxNUdtuwyAM_ZrkjYoA (...) 34.86.85.56
2022-12-03 04:04:08 +0000
0 - 0 - 11 email.mail.usbfund.com/c/eJxNkMtuwyAQRb_G7Ih4 (...) 34.86.85.56

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-12-03 13:10:21 +0000
0 - 0 - 10 www.usbfund.com/15-best-blogs-cash-flow/?utm_ (...) 50.87.170.174
2022-12-03 11:13:07 +0000
0 - 0 - 8 email.mail.usbfund.com/c/eJxNkUluwzAMRU9j7xRo (...) 34.86.85.56
2022-12-03 04:04:06 +0000
0 - 0 - 8 email.mail.usbfund.com/c/eJxNUdtuwyAM_ZrkjYoA (...) 34.86.85.56
2022-12-03 04:04:08 +0000
0 - 0 - 11 email.mail.usbfund.com/c/eJxNkMtuwyAQRb_G7Ih4 (...) 34.86.85.56
2022-12-02 22:07:15 +0000
0 - 0 - 10 www.usbfund.com/get-a-small-business-loan/?ut (...) 50.87.170.174


JavaScript

Executed Scripts (85)


Executed Evals (3)

#1 JavaScript::Eval (size: 300, repeated: 1) - SHA256: d41e1dcde991113b31463b01bf26258e4a9ff50dc530bd1a66eb61d1c685bb7f

                                        (function() {
    var a = (new Date).getTime();
    "undefined" !== typeof performance && "function" === typeof performance.now && (a += performance.now());
    return "xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g, function(c) {
        var b = (a + 16 * Math.random()) % 16 | 0;
        a = Math.floor(a / 16);
        return ("x" === c ? b : b & 3 | 8).toString(16)
    })
})();
                                    

#2 JavaScript::Eval (size: 618, repeated: 1) - SHA256: f9a86e5f4e4fa64ebc8b4d07c63565ebd86c6f37b904d41386a202915afcb249

                                        (function() {
    var f = 17,
        g = 14,
        h = 13;
    return function(a) {
        var d, b, e;
        "number" === typeof f && a.set("dimension" + f, a.get("clientId"));
        "number" === typeof g && a.set("dimension" + g, a.get("hitType"));
        if ("number" === typeof h) {
            var k = "_" + a.get("trackingId") + "_sendHitTask";
            var l = window[k] = window[k] || a.get("sendHitTask");
            a.set("sendHitTask", function(c) {
                try {
                    d = c.get("HPl"), b = c.get("HPl"), e = "\x26cd" + h, -1 < b.indexOf(e + "\x3d") ? console.log("GA error: tried to send hPL in assigned CD") : (b += e + "\x3d", b += b.length + b.length.toString().length,
                        c.set("HPl", b, !0)), l(c)
                } catch (m) {
                    console.error("Error sending hPL to GA " + d), c.set("HPl", d, !0), l(c)
                }
            })
        }
    }
})();
                                    

#3 JavaScript::Eval (size: 311, repeated: 1) - SHA256: 83b34ed574c9630f2d800fa605bcc5d84e287907f47456c7bd1be0deabd38901

                                        (function() {
    var a = new Date,
        d = -a.getTimezoneOffset(),
        e = 0 <= d ? "+" : "-",
        b = function(c) {
            c = Math.abs(Math.floor(c));
            return (10 > c ? "0" : "") + c
        };
    return a.getFullYear() + "-" + b(a.getMonth() + 1) + "-" + b(a.getDate()) + "T" + b(a.getHours()) + ":" + b(a.getMinutes()) + ":" + b(a.getSeconds()) + "." + b(a.getMilliseconds()) + e + b(d / 60) + ":" + b(d % 60)
})();
                                    

Executed Writes (0)



HTTP Transactions (242)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6564
Expires: Thu, 06 Oct 2022 07:39:57 GMT
Date: Thu, 06 Oct 2022 05:50:33 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.118
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 86Gl6Mce4iB2PhiQkCDl2TMgHm6b_ZGVngqY4wxGfGogym-kwypFGA==
Age: 50595


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /c/eJyNkdtugzAMhp8G7kA5AIOLXEyq-hrIMU6bjQSUQ6u-_dK1nXo5KVL8-4v12w4pPgzdNI0dF_WiNPsYuME6pi3QHMgozmUn67NiHJEmEt0wIe9MbwwhDRzNWGJkVKcA-A16pTnddlKVEAhuB3vyJaxXdU5pj5X8rMSxnOv12uaoTfZLi5srmUiYAy3NJTbZv8RqPTWbabAIm-6l8piTm-OWA1IlDxpu5E9wokoMd-DKu-wKeJk35MCuT_rXkTz8w-5tJLsoLns51VYJJgRnrOeTlIK3kiNJqTUb-TRCj1XH7obvw9VBfZ0hBBsLjN6W1A7eUvyFSaHT8_O6QJgfRkkln-bH9h-_kXPpouxyASMXGDVAp4v8AZWglVo HTTP/1.1 
Host: email.mail.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         34.127.83.42
HTTP/1.1 302 Found
Content-Type: text/html
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Length: 678
Date: Thu, 06 Oct 2022 05:50:33 GMT
Location: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
X-Robots-Tag: noindex
X-Xss-Protection: 1; mode=block


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (368)
Size:   678
Md5:    e022423dddec4795139b6497ba891d19
Sha1:   3fd84219ffb7028091df06d1f7130feca3a0132a
Sha256: 9a28a034cb2656579f4e93bc9e7c48397ccbfa335404aa8b445ddae1d551c33f

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A9FB1F7ADE7C8A79D2EE83E9B7215E66DC89AC733B11079297A8F4B9ACEAE1F5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12879
Expires: Thu, 06 Oct 2022 09:25:12 GMT
Date: Thu, 06 Oct 2022 05:50:33 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: fVwv7MLV07TiBF/JyQ6w6CmLM5o2+6RCDGJUnv64h840iYJneKrfc/zf2yLIaSox2MMWLgJOnAQ=
x-amz-request-id: 0H5HSY9CX6H39EB8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 06 Oct 2022 04:58:37 GMT
age: 3117
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 06 Oct 2022 05:50:34 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.118
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Thu, 06 Oct 2022 05:29:41 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 06 Oct 2022 05:58:53 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4CTrPE5Bshe_gFp7jkZyjpQ0W-ndClGRsCnSUsLN0aBqUQ2M4cpueQ==
Age: 1253


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6493
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 05:50:34 GMT
Last-Modified: Thu, 06 Oct 2022 04:02:21 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5D03E84DFEDDE1BC836202A7EA934791F2783DA178177D24AE5BF0C2728937ED"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 06 Oct 2022 11:50:34 GMT
Date: Thu, 06 Oct 2022 05:50:34 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pi8z5CRg1R3oNeOtB8KWtA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.165.41.15
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GSNbvEXsQsW2LYLllS9raR+x+W0=

                                        
                                            GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1 
Host: widget.trustpilot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.50
HTTP/2 200 OK
content-type: application/x-javascript
                                        
content-length: 6124
date: Thu, 06 Oct 2022 05:16:11 GMT
last-modified: Mon, 30 May 2022 14:38:02 GMT
etag: "5add60196e5f96a414fb4b9586764e5d"
x-amz-server-side-encryption: AES256
cache-control: max-age=86400
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NB_jKj9Jv5oK2pLT1S7TeT4qTN95NeFdCRmEPFQrYevFj0Lhv2XvtA==
age: 2065
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Size:   6124
Md5:    5add60196e5f96a414fb4b9586764e5d
Sha1:   633f471b3c2fcedeef9cad90cb5bf56f5fe55588
Sha256: 5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
                                        
                                            GET /jquery-migrate-1.2.1.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 06 Oct 2022 05:50:35 GMT
content-encoding: gzip
content-length: 5783
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-40ed"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1665035435.dop017.sk1.t,1665035435.cds257.sk1.hn,1665035435.cds216.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   5783
Md5:    ab50f392b13415af57f9720f4d24e981
Sha1:   8bee0d6d15bc0bf62197f6a33493df7494bf42c2
Sha256: 3c7ae468bcd5eefaf92cfac278a5a998f871e0aaa190f87b0f56fd79f93d00b7
                                        
                                            GET /secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
link: <https://www.usbfund.com/wp-json/>; rel="https://api.w.org/", <https://www.usbfund.com/wp-json/wp/v2/posts/2701>; rel="alternate"; type="application/json", <https://www.usbfund.com/?p=2701>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Thu, 06 Oct 2022 05:50:34 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   22514
Md5:    152bb0529c5deb0cb1952250ca72482a
Sha1:   91e37d3c3a43a0cfb653d32ddf1cf0f71d8a5995
Sha256: a2db92b23efe8b541b2060a5cbc3ce2ffced65214f34158d6282010d63efdfbe
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 05:50:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 05:50:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/usb/css/grid.css HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sat, 28 Sep 2019 00:35:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 10146
date: Thu, 06 Oct 2022 05:50:35 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  assembler source, ASCII text, with very long lines (3536), with CRLF line terminators
Size:   10146
Md5:    8ca3e3908b8e627dd53a2bde9ab330b4
Sha1:   dfc94081f2e0acfbc95cb633810897271692e5db
Sha256: 5a17844298059c3adb2103842f6893bf6a798221afa1c7a3217c610fc4aebeec
                                        
                                            GET /ajax/libs/jquery/2.1.4/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.202
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29725
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 06:17:19 GMT
expires: Fri, 29 Sep 2023 06:17:19 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 603196
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32025)
Size:   29725
Md5:    83b3b5729cdff3976db52c51831e96b8
Sha1:   d23dc823e37f58e5366340be755730f3fa9a850d
Sha256: 675fa88b39008a09994460a93b310a7d4593735009a9b24b6f176c347ad12421
                                        
                                            GET /wp-content/plugins/AffiliateWP-master/assets/css/forms.min.css HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sat, 28 Sep 2019 00:24:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1141
date: Thu, 06 Oct 2022 05:50:35 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3296), with no line terminators
Size:   1141
Md5:    e4f0e46d63eb641d8cfe1579ff0217cb
Sha1:   37e2ef45ef74f0a3b869d447b4d9e22d0b424945
Sha256: 6b7e532056e7c449a8e080eb2967563fdb20ce9cfdcb95216205a769b65033c4
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 05:50:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 05:50:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/AffiliateWP-master/assets/js/jquery.cookie.min.js?ver=1.4.0 HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sat, 28 Sep 2019 00:24:32 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 758
date: Thu, 06 Oct 2022 05:50:35 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1667), with no line terminators
Size:   758
Md5:    94c6b3b214659c68b42fb0c428cac279
Sha1:   eb3a852e1bcf8a32ac304dc89995ffdeaf623033
Sha256: 8cdab12fffba1162b02761c8e7631003efebf03e3af5ca9072023ffda52353ad

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/AffiliateWP-master/assets/js/tracking.min.js?ver=2.1.6.1 HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sat, 28 Sep 2019 00:24:33 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1315
date: Thu, 06 Oct 2022 05:50:35 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2972), with no line terminators
Size:   1315
Md5:    da0e82022a32e0c42e125fe915cf9955
Sha1:   1c583a11b9e444a26cfd1443d3dade9c6f9e996a
Sha256: e205081b6febab912d75f2aa70bc3ae2af58bb7d2b1e44927f17cb7631374ff0

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 05:50:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtag/js?id=UA-210860007-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 06 Oct 2022 05:50:35 GMT
expires: Thu, 06 Oct 2022 05:50:35 GMT
cache-control: private, max-age=900
last-modified: Thu, 06 Oct 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42480
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2039)
Size:   42480
Md5:    5386ee7d88cf475783fc0c98a1cdcb11
Sha1:   bf183534dde589edd152809c25af7ddcff88edaa
Sha256: 356c090715d64c1f81fc6d3b7a840d406ca628b6987bc761365a0827ba96fadc
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 05:50:35 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 10 Oct 2022 03:21:27 GMT
ETag: "ec4a3edefdf00fc9930cf99ce6b36bb8c14967f0"
Last-Modified: Thu, 06 Oct 2022 03:21:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755c1ed01a2ab517-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    d734165db1766d78c4799f309e0ec3bb
Sha1:   ec4a3edefdf00fc9930cf99ce6b36bb8c14967f0
Sha256: 6356b8685fbd2ecfe0d8f6c5b252f5ae578440c6c25799f84c412f0a5fae6c4f
                                        
                                            GET /gtm.js?id=GTM-NW5DZCL HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 06 Oct 2022 05:50:35 GMT
expires: Thu, 06 Oct 2022 05:50:35 GMT
cache-control: private, max-age=900
last-modified: Thu, 06 Oct 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 53789
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7865)
Size:   53789
Md5:    82c3121f0a762cb4eaf244aa790b2acb
Sha1:   0121e0ed817f2bf6d0e24e74db8b91022bcb1636
Sha256: 36999831c3819e84d48ffd9ba824fa95e0a629524aef25072dd02387a3db9d25
                                        
                                            GET /1y0o6qdBqYHr.js HTTP/1.1 
Host: assets.anytrack.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.87
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
content-length: 103
access-control-allow-origin: *
date: Thu, 06 Oct 2022 05:50:35 GMT
cache-control: public, max-age=600
etag: W/"67-d1P+A0oIQ3cJVPaXn2gw/5qC+Yc"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lZTJFAA85ZCGDR18IwmCKu4PQKFpVaMEgpWEbnxp6wqEtkDveixdPg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   103
Md5:    69b5271584dd67a9e6ae79216fe30110
Sha1:   7753fe034a0843770954f6979f6830ff9a82f987
Sha256: b55a87e172f834369dfb6a2176712509026e5b3de676343ccdc64410245081d9
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 11 Oct 2021 18:27:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 4618
date: Thu, 06 Oct 2022 05:50:35 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   4618
Md5:    acdb97105af28a7066790c6748ae2e1e
Sha1:   65794d2c5a9d04f747faf370bc8bacd330e69e5a
Sha256: dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.100
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 05:50:35 GMT
Last-Modified: Thu, 06 Oct 2022 05:09:12 GMT
Server: ECS (dcb/7F14)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: QM4mTP3YI5Vs1BURg3tZQgs57I73SzC8FfrULj8e3VjvqtmKPAHckg==
Age: 2483

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 05:50:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /?display_custom_css=css&ver=6.0.2 HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: text/css;charset=UTF-8
                                        
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 541
date: Thu, 06 Oct 2022 05:50:35 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   541
Md5:    0e67503cdf8a23b7d3aaff6f35c76b72
Sha1:   63edc0c8bf04ceec8dc3c8c44bd129b89adeb61a
Sha256: d765ab66c61ec9c967f9f2e4b649326eb28a6f8dfb0fe064b4ed1cf9af1f18b6
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 05:50:35 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 14:09:21 GMT
Expires: Wed, 12 Oct 2022 14:09:20 GMT
Etag: "16593fb816a725eab4ace2f613739c12cb1c815c"
Cache-Control: max-age=547724,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755c1ecfed25b4ff-OSL

                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 05:50:35 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 10 Oct 2022 03:21:27 GMT
ETag: "ec4a3edefdf00fc9930cf99ce6b36bb8c14967f0"
Last-Modified: Thu, 06 Oct 2022 03:21:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 0
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755c1ed16b58b517-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    d734165db1766d78c4799f309e0ec3bb
Sha1:   ec4a3edefdf00fc9930cf99ce6b36bb8c14967f0
Sha256: 6356b8685fbd2ecfe0d8f6c5b252f5ae578440c6c25799f84c412f0a5fae6c4f
                                        
                                            GET /wp-content/themes/usb/images/logo_icon.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:36:10 GMT
accept-ranges: bytes
content-length: 2165
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Thu, 06 Oct 2022 05:50:35 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 53 x 52, 8-bit/color RGBA, non-interlaced\012- data
Size:   2165
Md5:    50946e7f85431c547526705a530f893f
Sha1:   573eff13df4dc4f2e6e0e1db1a9339d79e22ce3c
Sha256: 05bc3e4202452433d51079e0d6e348cb850ea55330da7786c1d5c7290d13400a
                                        
                                            GET /wp-content/uploads/featured-logo-01.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:14:38 GMT
accept-ranges: bytes
content-length: 3311
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Thu, 06 Oct 2022 05:50:35 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 164 x 75, 8-bit/color RGBA, non-interlaced\012- data
Size:   3311
Md5:    30427e02eea1cec61004e2fdb293e4d2
Sha1:   d3ba51be6c31147f379670d59cab54ec01b3b448
Sha256: 32161c4a44a1dcdddeeb852e2b6eea070839630ac3a719ac79a503cfd4d3892d
                                        
                                            GET /wp-content/uploads/featured-logo-06.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:14:38 GMT
accept-ranges: bytes
content-length: 2693
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Thu, 06 Oct 2022 05:50:35 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 175 x 75, 8-bit/color RGBA, non-interlaced\012- data
Size:   2693
Md5:    b7b5570d5d29fd453a5e65063849fcb1
Sha1:   b07b87612c74febb32961e10ed154dc2efdf19cb
Sha256: 886d709e142c957b0d93269a57fccc13800907c8ab90acc1f18c8bec259d3992
                                        
                                            GET /wp-content/uploads/featured-logo-05.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:15:03 GMT
accept-ranges: bytes
content-length: 3721
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Thu, 06 Oct 2022 05:50:35 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 135 x 75, 8-bit/color RGBA, non-interlaced\012- data
Size:   3721
Md5:    646b30b6704a2457b04bb12da4144c97
Sha1:   acadca7b80819db2100f2cf8341acdf47a2eb773
Sha256: b6e64d31c4f5ab917ad1cddfe7fa745e7c4bfc2d5af33cfdaa8130eb14247bc8
                                        
                                            GET /wp-content/uploads/featured-logo-04.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:15:18 GMT
accept-ranges: bytes
content-length: 5757
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Thu, 06 Oct 2022 05:50:35 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 123 x 75, 8-bit/color RGBA, non-interlaced\012- data
Size:   5757
Md5:    e94a0244f1a51d7565de08744375bd07
Sha1:   dde753e74a85c5f094dda6661ada486fdae50422
Sha256: 47bff975ef1626c064613532b237bd114911cdc835effdccb0d124c1432c17b2
                                        
                                            GET /wp-content/uploads/featured-logo-02.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:13:58 GMT
accept-ranges: bytes
content-length: 5795
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Thu, 06 Oct 2022 05:50:35 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 93 x 75, 8-bit/color RGBA, non-interlaced\012- data
Size:   5795
Md5:    d2bfb41e522705be8e4a48895b996bca
Sha1:   df2507b75f1c0362bd168ea7ecf829f11469a926
Sha256: 968570479e59e9ff339d5c1d25e4c15011f8cb5ad243776b8cf62f51d28b0903
                                        
                                            GET /wp-content/uploads/us-business-funding-logo-small.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:14:51 GMT
accept-ranges: bytes
content-length: 2020
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Thu, 06 Oct 2022 05:50:35 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size:   2020
Md5:    a5a71307aefd12c55fd16f36356f9a83
Sha1:   679b01f07d71f673b74fde71a5a0a9da8a8e486d
Sha256: a2e02fabad9f481343e4e8050843b371e239956a637488eb7d2a9deff98245de
                                        
                                            GET /wp-content/themes/usb/images/logo_text.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:36:10 GMT
accept-ranges: bytes
content-length: 6307
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Thu, 06 Oct 2022 05:50:35 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 250 x 52, 8-bit/color RGBA, non-interlaced\012- data
Size:   6307
Md5:    198c7fed73cadb12c23066fcad4e33e8
Sha1:   1f2616bb88b86ec79f3ce8cbbf74b3392c0b46bc
Sha256: 0053eb54a0f54484a915313939d858e1844208d2d0c4b410ce30e25d9cbc09ba
                                        
                                            GET /wp-content/themes/usb/js/accounting.min.js HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sat, 28 Sep 2019 00:35:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1345
date: Thu, 06 Oct 2022 05:50:35 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3019)
Size:   1345
Md5:    05f645a76aff3fc02e18295a07c54e09
Sha1:   509581a5e2e4760e2163d704d21b2604329b514e
Sha256: c7834a5ef896adfc8b40eb2a1db07bd867fe84da57ad234bfa487cfbc610a16a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/accredited-business-usbfunding.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:15:06 GMT
accept-ranges: bytes
content-length: 2244
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Thu, 06 Oct 2022 05:50:35 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 180 x 75, 8-bit colormap, non-interlaced\012- data
Size:   2244
Md5:    3befe9c6fb5e6602893570b99d3920aa
Sha1:   1e7c1d352448864975a23135097e59593ae71456
Sha256: d59962c29e3487892da60ef799f75523576b6f006d54fc3dd43bb6993588f1dc
                                        
                                            GET /wp-content/uploads/featured-logo-03.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:15:13 GMT
accept-ranges: bytes
content-length: 3840
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Thu, 06 Oct 2022 05:50:35 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 83 x 75, 8-bit/color RGBA, non-interlaced\012- data
Size:   3840
Md5:    ea461093328a47d28ed34df6be0ad850
Sha1:   5fad4dd9e9daea5b1cac739624cbd673c20fe7c2
Sha256: 37ea654d17c80dfb22d0ad091907b6d4009c76c4671728321fd51376a8df7cce
                                        
                                            GET /wp-content/uploads/norton-secured.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:14:45 GMT
accept-ranges: bytes
content-length: 3017
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Thu, 06 Oct 2022 05:50:35 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 180 x 75, 8-bit colormap, non-interlaced\012- data
Size:   3017
Md5:    7d05b62893199c911ab6f798ec8127d2
Sha1:   e7dc7368c55a2fbccb17a82c1a25de39cea2907d
Sha256: 0b691c8e6d1b07ce3e066744ccfbf643d61f013ce51503b0a3ceb7a356562ed6
                                        
                                            GET /wp-content/themes/usb/js/site.js HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sat, 28 Sep 2019 00:35:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 4830
date: Thu, 06 Oct 2022 05:50:35 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   4830
Md5:    ba21d11b60199ed26dfb2a2d8352065a
Sha1:   3e78915e922b60ca87f5860c67b99861de96830c
Sha256: c000c3cc081106de80fb4995e40b363752494290c9090e0980a5b4a4cfc37c49

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 17 Aug 2022 11:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 5321
date: Thu, 06 Oct 2022 05:50:35 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15660)
Size:   5321
Md5:    710f8b142ea44c0682dc2c30f318f065
Sha1:   49144e9b3a76d3d383b1d4359cf7a25e947f4233
Sha256: 708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /A870624-b043-4b58-adb6-a8c4d22ccc5b1.js HTTP/1.1 
Host: d.impactradius-event.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.186.249.72
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
x-guploader-uploadid: ADPycdtJhnbaTlt14WliLlvut_s-z7pXWqIJYzLjWHaYw5v28PrC9vZj7osIx7ZWkpgKhekCgdeVgv1J3ZhzBzu7KLDnXg
x-goog-generation: 1581997649126919
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 12876
content-encoding: gzip
x-goog-hash: crc32c=PZt+Nw==, md5=gz6cJDHxap5OWQ2MGKARaQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 12876
server: UploadServer
date: Thu, 06 Oct 2022 05:50:35 GMT
expires: Thu, 06 Oct 2022 05:55:35 GMT
cache-control: public,max-age=900,s-maxage=300
last-modified: Tue, 18 Feb 2020 03:47:29 GMT
etag: "833e9c2431f16a9e4e590d8c18a01169"
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  C source, ASCII text, with very long lines (40914), with no line terminators
Size:   12876
Md5:    833e9c2431f16a9e4e590d8c18a01169
Sha1:   d932b0dc73f5dbe2f30c5991fbc95d598a7d6855
Sha256: ba6dea3209c3bf545ed7db2f134ab8d241599d778988697a345124a4aa8d491a
                                        
                                            GET /100980.js HTTP/1.1 
Host: scripts.iconnode.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.63
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 7683
last-modified: Mon, 26 Sep 2022 18:10:24 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Thu, 06 Oct 2022 05:50:36 GMT
cache-control: max-age=0
etag: "05a6d57113e7870d8851ed0faf8ca12f"
x-cache: RefreshHit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0V92C2YLSba7jwBIO8MQ0ihkcBaHJMbjVfHZiPaehazJ135os8WFYw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (46582), with no line terminators
Size:   7683
Md5:    05a6d57113e7870d8851ed0faf8ca12f
Sha1:   315c52641f469ec7e571648d5333982579cb6da3
Sha256: 0f4d04e15b0a5cb9f2e59f3cc9a7b36d522db0e7712454d1f962e77723348eb3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 05:50:36 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 14:09:21 GMT
Expires: Wed, 12 Oct 2022 14:09:20 GMT
Etag: "16593fb816a725eab4ace2f613739c12cb1c815c"
Cache-Control: max-age=547723,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755c1ed25fbdb4ff-OSL

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 05:50:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 05:50:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /shield/usbfund.com HTTP/1.1 
Host: shield.sitelock.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.60.14.54
HTTP/1.1 200 OK
Content-Type: image/png; charset=ISO-8859-1
                                        
Content-Length: 10531
Date: Thu, 06 Oct 2022 05:49:57 GMT
Server: lighttpd
Set-Cookie: nlbi_275317=0I3wDcHoxEp8ZItamBeFbAAAAAAvjh+9ifIuEjUO5pdET1Ye; path=/; Domain=.sitelock.com visid_incap_275317=7Tso5d/VSW+sfMu+Gtkz06tsPmMAAAAAQUIPAAAAAAB3vlqFwnz+RBzMz8J7eiBT; expires=Fri, 06 Oct 2023 01:12:22 GMT; HttpOnly; path=/; Domain=.sitelock.com incap_ses_7235_275317=n+E7cq8Bxi9MzRJFpuJnZKtsPmMAAAAAtrLGfN7yYqo/m75TS8trfg==; path=/; Domain=.sitelock.com
X-CDN: Imperva
X-Iinfo: 9-13082248-13080100 2NNN RT(1665035435773 21) q(0 0 0 -1) r(2 2)


--- Additional Info ---
Magic:  PNG image data, 117 x 67, 8-bit/color RGBA, non-interlaced\012- data
Size:   10531
Md5:    159b07bac862c143231cda821826cbfe
Sha1:   301a7f2301fa47b47f281572d518e961db4cd094
Sha256: cc1edab0307e6025f90b41a4750105a8d79929d11ffb79089b0b5afc71001892
                                        
                                            OPTIONS /embed/v3/form/540751/8e06fd82-42e9-4211-9f65-32b7dbc43b43/json?hutk= HTTP/1.1 
Host: forms.hsforms.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Referer: https://www.usbfund.com/
Origin: https://www.usbfund.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.88.5
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
date: Thu, 06 Oct 2022 05:50:36 GMT
content-length: 18
x-trace: 2BC9867FB8E3C0B7A15DFA673A3132B9D4893F41B4000000000000000000
allow: HEAD,GET,OPTIONS
vary: origin
x-hubspot-correlation-id: 92d2363f-2b88-4808-8699-2386313b2a77
access-control-allow-origin: https://www.usbfund.com
access-control-allow-methods: OPTIONS, GET
access-control-allow-headers: x-requested-with
access-control-allow-credentials: false
access-control-max-age: 180
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 755c1ed3ffffb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   18
Md5:    cc7fd95a87ea3721ce1853bf3c4dd75e
Sha1:   7f687f7881adf0fc407378d375a61b8f198c0912
Sha256: 0f06a4c8d34690d4e42c81f232a5bdfe9fcbde8a54b5ccd0609a313e90da0879
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:21 GMT
expires: Thu, 05 Oct 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 36975
last-modified: Wed, 11 May 2022 19:24:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size:   15740
Md5:    b9c29351c46f3e8c8631c4002457f48a
Sha1:   e57e59c5780995ff2937ab2b511a769212974a87
Sha256: f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
                                        
                                            GET /wp-content/uploads/bg-section-header.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: _gcl_au=1.1.2094491169.1665035436; __ss=1665035435736; __ss_referrer=https%3A//www.usbfund.com/secured-vs-unsecured-line-of-credit/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; _ga_YYEX7W0G95=GS1.1.1665035435.1.0.1665035435.0.0.0; _ga=GA1.1.1625848231.1665035436; wc_visitor=100980-d536ca01-f60e-17be-d905-c1a511e15611; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-d536ca01-f60e-17be-d905-c1a511e15611+..+; wc_client_current=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-d536ca01-f60e-17be-d905-c1a511e15611+..+; IR_gbd=usbfund.com; IR_7486=1665035435888%7C0%7C1665035435888%7C%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:14:58 GMT
accept-ranges: bytes
content-length: 22531
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Thu, 06 Oct 2022 05:50:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1920 x 149, 8-bit colormap, non-interlaced\012- data
Size:   22531
Md5:    65b13235e26653c77b0ed328dfdb8dc2
Sha1:   2dcc21d12b909058345b01f087062f6b59f4f05c
Sha256: acba6ce2f083bf3e78176be5f1c68dfbeb67e609472b4f8c034ba8676d0995b2
                                        
                                            GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 22:59:07 GMT
expires: Wed, 04 Oct 2023 22:59:07 GMT
cache-control: public, max-age=31536000
age: 111089
last-modified: Tue, 19 Apr 2022 18:53:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15528, version 1.0\012- data
Size:   15528
Md5:    595fe3fc0b85f3cc9ef5aed2d519abc5
Sha1:   96e76de44987e9dec2f97f1e5eb7a18c738daf5d
Sha256: 747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
                                        
                                            GET /wp-content/uploads/icon-arrow-down-white.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: _gcl_au=1.1.2094491169.1665035436; __ss=1665035435736; __ss_referrer=https%3A//www.usbfund.com/secured-vs-unsecured-line-of-credit/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; _ga_YYEX7W0G95=GS1.1.1665035435.1.0.1665035435.0.0.0; _ga=GA1.1.1625848231.1665035436; wc_visitor=100980-d536ca01-f60e-17be-d905-c1a511e15611; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-d536ca01-f60e-17be-d905-c1a511e15611+..+; wc_client_current=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-d536ca01-f60e-17be-d905-c1a511e15611+..+; IR_gbd=usbfund.com; IR_7486=1665035435888%7C0%7C1665035435888%7C%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:15:12 GMT
accept-ranges: bytes
content-length: 172
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Thu, 06 Oct 2022 05:50:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 14 x 14, 8-bit gray+alpha, non-interlaced\012- data
Size:   172
Md5:    26d3bceaf73fad28fb322b6646860f78
Sha1:   1b70241f618df47a01729534d376a57c57bd8c07
Sha256: 0077bc52b60eb51d8785f3aa812a2cdcce59acd3a0b70a801b82c563787e1a7c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 05:50:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:08 GMT
expires: Thu, 05 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 36988
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 22:17:40 GMT
expires: Wed, 04 Oct 2023 22:17:40 GMT
cache-control: public, max-age=31536000
age: 113576
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data
Size:   15660
Md5:    d7b0b953a50fddaa88089b5b787cf719
Sha1:   2f85bc568b27659a3d6452f58f9fd7678450326d
Sha256: e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
                                        
                                            GET /client/ss.js?ver=1.1.1 HTTP/1.1 
Host: koi-3qnetrwct6.marketingautomation.services
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         130.211.21.179
HTTP/2 200 OK
content-type: application/javascript
                                        
server: openresty
date: Thu, 06 Oct 2022 05:50:35 GMT
last-modified: Wed, 05 Oct 2022 15:18:15 GMT
vary: Accept-Encoding
etag: W/"633da037-2fc8"
expires: Thu, 13 Oct 2022 05:50:35 GMT
cache-control: max-age=604800, public
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   20896
Md5:    90a1ecf9921d6ccbd476ba8c05c767d9
Sha1:   cb4a98eaad9ff9680b1194d497b7933bd371a1e2
Sha256: ab6d862be0373eaecea185bd7a23a34bd43474936e5c2fcc462cd8543e736474
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.100
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 05:50:36 GMT
Last-Modified: Thu, 06 Oct 2022 05:06:37 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: sPJm_UQRUhsxta04GvQPFmvVHINerdZBkND7lvYZfc-kxV-pWX0uIA==
Age: 2639

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:40:23 GMT
expires: Thu, 05 Oct 2023 19:40:23 GMT
cache-control: public, max-age=31536000
age: 36613
last-modified: Wed, 11 May 2022 19:24:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Size:   15752
Md5:    b20371a6daf29d4a1f2e85dbbf40fb20
Sha1:   0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
Sha256: 7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2169
Expires: Thu, 06 Oct 2022 06:26:45 GMT
Date: Thu, 06 Oct 2022 05:50:36 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2169
Expires: Thu, 06 Oct 2022 06:26:45 GMT
Date: Thu, 06 Oct 2022 05:50:36 GMT
Connection: keep-alive

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:08 GMT
expires: Thu, 05 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 36988
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 05:50:36 GMT
Last-Modified: Thu, 06 Oct 2022 05:06:37 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lkEM0PBEDax7_sUH7bKYtsAhCQOgmMhOc9MaioFk_S29KnmHswjKQw==
Age: 2639

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff35d320d-221e-46f6-ac6e-9c5b6e8ac6bc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12752
x-amzn-requestid: 3c32a029-08d0-4f98-a0e0-48a7e05242b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6sHXXIAMF-PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-176be5177b67ddc068060b19;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: Fd-GenFshXS_4xdPngkYUddRi9jbvCOMHWmoGBHS-0hXW_DjEHYY3Q==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 04:38:21 GMT
etag: "59ab1c451c388f7b57da52bf518eff15e0c584ff"
age: 4335
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12752
Md5:    23e10c01392e4958e4a4f19573290da9
Sha1:   59ab1c451c388f7b57da52bf518eff15e0c584ff
Sha256: ece0b872f33166fcc2816595fdf1348664d985131bc943cd4a543524dede0274
                                        
                                            GET /wp-content/plugins/formidable/css/formidableforms.css HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Tue, 30 Aug 2022 16:10:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Thu, 06 Oct 2022 05:50:35 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   29373
Md5:    c03bf8aa269a09a7c18f2b3edab074e8
Sha1:   d1530b45188a4b5bb5d23a8e5cd61c49f18ef287
Sha256: 7f9aec1399ef046d5c7ec26eb0c261c9c9375d60ffbb4b018b82b2258bf62065
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4140
x-amzn-requestid: 13fcd792-1fcc-44b5-aa9e-d2773a60fe77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uHrbIAMFbqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-5b5f5d781b9d651b68c04f2e;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: wfnbRpTKni8hbAmJXO9vdisV6ZPoRP-eBb3wP4RzPS7MlXvp7282dw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:36:41 GMT
age: 29635
etag: "26694f34166345ee5693653e0101db6b910e68ba"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4140
Md5:    dbba56f647bf5989ca51863632bbebfc
Sha1:   26694f34166345ee5693653e0101db6b910e68ba
Sha256: ec5cc38f2a77e8e655aeeb7a376cf882ccb7163e4ef9d1ce4633ab4754e48765
                                        
                                            GET /5627136.js?integration=WordPress&ver=8.16.28 HTTP/1.1 
Host: js.hs-scripts.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.210.204
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
                                        
date: Thu, 06 Oct 2022 05:50:35 GMT
x-trace: 2B73D8B4756C768F12202BE57C35BFB40A522E8C18000000000000000000
cache-control: public, max-age=60
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 0871119f-3ef8-48fd-a8db-d38cee9a8a9d
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-origin: https://www.usbfund.com
last-modified: Wed, 05 Oct 2022 20:15:55 GMT
cf-cache-status: EXPIRED
expires: Thu, 06 Oct 2022 05:51:35 GMT
server: cloudflare
cf-ray: 755c1ed01f2ab4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (492)
Size:   532
Md5:    104024b5b6429bca681071e5d09cfc09
Sha1:   9eeb601ada94fa222f1a468773f8ae73c249caad
Sha256: fe0c22b516082f8716c476eba715d1a817b60a0ec204c3218dca5431fea1f04c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10809
x-amzn-requestid: db4d1d2a-05b8-403e-a7ca-8b8a6a0a4087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQb-HrTIAMFtNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfab2-74f184406a48e42c0ecc4ec9;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: tv80OXQUu13gDuuFESnEnXMuFdNBmGc1y592euL7QnfZW5PwJym9-g==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:53:39 GMT
age: 28617
etag: "8c7ecefe6908387e2128dc849a6ba857991ba0ab"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10809
Md5:    a508ac9cd743bec987b2a24454418265
Sha1:   8c7ecefe6908387e2128dc849a6ba857991ba0ab
Sha256: afb2c2b51f2ce445ada599068901551beee594b15c152ed7551ab7a8835dde6d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda182b7-6bc8-4aea-82c3-d9fa08748b61.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7385
x-amzn-requestid: f3b30c95-2f19-4d70-b358-ff7e1e1c56f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uHJrIAMF3WA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-5211c3087ea4f0023b32b284;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: uka14Zb4NhZEmseL9817VqWrplnl8Yrmnp3oTVs6OeMjdCLI89QoVg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:36:41 GMT
age: 29635
etag: "b0205176a58913f57056b91674097bfb58046e97"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7385
Md5:    e5a5ee14d41747f46e71f04782e1a3d3
Sha1:   b0205176a58913f57056b91674097bfb58046e97
Sha256: b3bae0b56b50374cb85fc7fe4c9b551383d1969bf31e7adccb867e3467c59269
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5b87135-538c-4c9f-b146-1da5b13ce157.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8360
x-amzn-requestid: bd55219f-b8e2-4a03-a301-02cf9eab03e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZKLC-H0TIAMF2Uw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333f212-7f1cc90d1e28f8170ce2f219;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 07:04:50 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UlO0u-eW8URZYj0kBAv35fJSQZ527l3IEUC28xUJlUVm9e7x5uaAiA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:44:49 GMT
age: 29147
etag: "e98c870fd29b56fa4c3847008bedc0f01f222744"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8360
Md5:    a7bcc50ecfeeca47de68cb437e966f29
Sha1:   e98c870fd29b56fa4c3847008bedc0f01f222744
Sha256: 47a82bb40ead4346323b68c886cb88528cb2162666e9549b2ab215b86a499985
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.100
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 05:50:36 GMT
Last-Modified: Thu, 06 Oct 2022 04:15:13 GMT
Server: ECS (nyb/1D33)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UaSY5NWcEbv3aLmoZRD9CQbvLKbOh8Qo4nVWNw23l2J-CvktZopkpg==
Age: 5723

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 05:50:36 GMT
Last-Modified: Thu, 06 Oct 2022 05:08:27 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ldQXxaBomQp6ei6qQ41nfEJonpSGKR6XEI-Gs_dq7CSOE0ncGpnLRA==
Age: 2529

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 05:50:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9044
x-amzn-requestid: 127bce04-9f75-4bb1-bbe7-33bf1694d96c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZdZPmHG5oAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ba263-3896085b3b73ff5403237206;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 03:02:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: E4yZTPRLFdK717YfwjOIFOJDi0wYpyA736dQELeM5iPLvGDXBosEWg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 04:27:43 GMT
age: 4973
etag: "ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9044
Md5:    70ea26af79226e9ff06d6198e2c019dc
Sha1:   ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57
Sha256: f9393e7b8cbaedc8e1ef87fd89c617cf102f58813d84d866ff68e3124f94d44c
                                        
                                            GET /wp-content/themes/usb/js/plugins.js HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sat, 28 Sep 2019 00:35:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Thu, 06 Oct 2022 05:50:35 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (17791), with CRLF line terminators
Size:   33699
Md5:    49a62128fe6fda072034a47b9e6a37a5
Sha1:   6bd121a4013528c695a158155da793869f162580
Sha256: e015854d201f7518a465d90fb030817d76cd9a9a9f21edb13eeeb94286f42a2b

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /pixel.gif?clkgypv=jstag HTTP/1.1 
Host: aorta.clickagy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         3.214.87.107
HTTP/2 302 Found
content-type: application/json
                                        
date: Thu, 06 Oct 2022 05:50:36 GMT
content-length: 0
location: https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=c:e89ffb6bcf0539ea582ee4fc6cd90fbb&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D
server: Aorta/20220929.37e3bd418
x-aorta-host: 3fe0cc47631f
x-aorta-region: us-east-1
access-control-allow-credentials: true
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
access-control-expose-headers: Set-Cookie
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin:
access-control-max-age: 31536000
cache-control: no-cache, no-store, must-revalidate
expect: 0
X-Firefox-Spdy: h2

                                        
                                            POST /g/collect?v=2&tid=G-YYEX7W0G95&gtm=2oea50&_p=368591737&cid=1625848231.1665035436&ul=en-us&sr=1280x1024&_s=1&sid=1665035435&sct=1&seg=0&dl=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&dt=Secured%20Vs%20Unsecured%20Line%20of%20Credit%20-%20US%20Business%20Funding&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debud_mode=false HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         216.239.32.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://www.usbfund.com
date: Thu, 06 Oct 2022 05:50:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 11 Oct 2021 18:27:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Thu, 06 Oct 2022 05:50:35 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   983138
Md5:    b3132c0534bd632e4eb89e5855b5a149
Sha1:   18805e8d541690699c4c875536760edc4929678c
Sha256: 4a9a79496fd1ab7dd0d9f903532426e0dec8130613e638abefc5b0c6ef0f2331

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /fonts/socicon.woff HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: _gcl_au=1.1.2094491169.1665035436; __ss=1665035435736; __ss_referrer=https%3A//www.usbfund.com/secured-vs-unsecured-line-of-credit/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; _ga_YYEX7W0G95=GS1.1.1665035435.1.0.1665035435.0.0.0; _ga=GA1.1.1625848231.1665035436; wc_visitor=100980-d536ca01-f60e-17be-d905-c1a511e15611; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-d536ca01-f60e-17be-d905-c1a511e15611+..+; wc_client_current=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-d536ca01-f60e-17be-d905-c1a511e15611+..+; IR_gbd=usbfund.com; IR_7486=1665035435888%7C0%7C1665035435888%7C%7C
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: font/woff
                                        
last-modified: Fri, 27 Sep 2019 21:47:06 GMT
accept-ranges: bytes
content-length: 31444
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Thu, 06 Oct 2022 05:50:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 31444, version 1.0\012- data
Size:   31444
Md5:    dcbd1f9c4275862f002f21619e96b8f4
Sha1:   a97cd865925e5102ae7c25aa5dd09112ccf50651
Sha256: a680b776319127695950fd7c490b17cd15120d683bde57845707a2f7dc0f1a74

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /data.js?rnd=62fe5c0e6ad95 HTTP/1.1 
Host: tags.clickagy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.153.115
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 06 Oct 2022 05:50:35 GMT
last-modified: Fri, 16 Sep 2022 04:12:14 GMT
x-amz-version-id: voLTTawX.GcVEDQiIRYzY2txm8P5Ii8i
content-encoding: gzip
etag: W/"9d3ea74a65932cc93f95029e15978232"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6g6KEnTw5oocDKhMGuRzGBmFMuB58-KO0Kq49FNXOnZD4PAx9SbZjA==
age: 36220
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 755c1ed2b94a0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (38960), with no line terminators
Size:   13603
Md5:    af82d3009030b678825bea5a0011ff20
Sha1:   2405ed0632a8c89426c8a23f647947912e00ae12
Sha256: ad3107b8ac89abaab96613373131afea22ab806aa7e17f04f042e272174a6cda
                                        
                                            GET /wp-content/uploads/Secured-vs.-Unsecured-Line-of-Credit-1.jpg HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.2094491169.1665035436; __ss=1665035435736; __ss_referrer=https%3A//www.usbfund.com/secured-vs-unsecured-line-of-credit/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; _ga_YYEX7W0G95=GS1.1.1665035435.1.0.1665035435.0.0.0; _ga=GA1.1.1625848231.1665035436; wc_visitor=100980-d536ca01-f60e-17be-d905-c1a511e15611; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-d536ca01-f60e-17be-d905-c1a511e15611+..+; wc_client_current=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-d536ca01-f60e-17be-d905-c1a511e15611+..+; IR_gbd=usbfund.com; IR_7486=1665035435888%7C0%7C1665035435888%7C%7C; __ss_tk=202210%7C633e6cab939e1f310c18f12e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Tue, 10 May 2022 05:40:53 GMT
accept-ranges: bytes
content-length: 12869
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Thu, 06 Oct 2022 05:50:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 720x405, components 3\012- data
Size:   12869
Md5:    4adc359bff7fdd1a69434369f1c0521d
Sha1:   2734ab7daa6ede9f1c5e2b35a254cf0ff5fcb311
Sha256: cdb37540ad321262b2812f3fb87b16a35f0e660769c3c99c4dd12c3614a42b5a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CF843F8C39D390AA07DDDAFBD407D13E5719E716B382DE0A9627AC326D764251"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9612
Expires: Thu, 06 Oct 2022 08:30:48 GMT
Date: Thu, 06 Oct 2022 05:50:36 GMT
Connection: keep-alive

                                        
                                            GET /REST/webTracking/v1/event?timestamp=1665035436543&brandID=60034c978a48f7337bc1a105&shopType=api&shopHostname=www.usbfund.com&url=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&utmCampaign=secured-vs-unsecured-line-of-credit&utmMedium=campaign-email&utmSource=bayengage&title=Secured%20Vs%20Unsecured%20Line%20of%20Credit%20-%20US%20Business%20Funding&anonymousID=YSfSR6ZpBaLSJo-20221006055036&sessionID=aKtiaGfk7klfOd-20221006055036&type=pageview HTTP/1.1 
Host: wt.soundestlink.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.27.48
HTTP/2 200 OK
content-type: image/gif
                                        
date: Thu, 06 Oct 2022 05:50:36 GMT
content-length: 42
x-envoy-upstream-service-time: 2
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 755c1ed6d901b512-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 05:50:36 GMT
Last-Modified: Thu, 06 Oct 2022 05:07:17 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fVPqlhRZeM2vuJruFg1npyKd6ccmaN7tUXl3R0SJe5KsVsdmwmRmWA==
Age: 2599

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3926
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 05:50:36 GMT
Last-Modified: Thu, 06 Oct 2022 04:45:10 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3926
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 05:50:36 GMT
Last-Modified: Thu, 06 Oct 2022 04:45:10 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.100
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 05:50:36 GMT
Last-Modified: Thu, 06 Oct 2022 04:06:33 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: c2CudoqBDQJmC_QFsLqenzWvRychokmw-wkdC1wb1h4VIilZ0Epayw==
Age: 6243

                                        
                                            GET /t_prism_sitemessages.php?trackid=224499963&prismid=e0b575c7-e1a8-4e49-91aa-0d6124fe2725&url=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit HTTP/1.1 
Host: trackcmp.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.145.151
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
                                        
date: Thu, 06 Oct 2022 05:50:36 GMT
content-length: 0
x-powered-by: PHP/7.1.33
cache-control: no-cache, private
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 755c1ed7a898b509-OSL
X-Firefox-Spdy: h2

                                        
                                            GET /CompanyWidget.aspx?ID=100094667&WidgetType=1 HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         207.137.0.213
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
location: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
date: Thu, 06 Oct 2022 05:50:36 GMT
content-length: 196
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   196
Md5:    e4450c4791dadbc8f0fe8409a9b278ec
Sha1:   70f8e597f291a8a247c4f1bbbc4586e300f75723
Sha256: e350fe60679b3272336147b700171d459374f3a66c6e228673a94ec0d9239b7e
                                        
                                            POST /keyword/ HTTP/1.1 
Host: process.iconnode.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 1013
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         13.248.238.122
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Thu, 06 Oct 2022 05:50:36 GMT
content-length: 37
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://www.usbfund.com
access-control-allow-credentials: true
access-control-max-age: 86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   37
Md5:    fac2c1e20a128685cdcba772a8c9b296
Sha1:   f127be1ffc01fdd3ea9089f3ab40865696e1b17c
Sha256: 3061414be1c4f3e0684da28abcf00646a28a40fda5a9a12e6948628b6d5a6991
                                        
                                            GET /track/event?event_id=xWMCUM2gF97YD&uri=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&cb=j6a1khgnfd13cgyudggc HTTP/1.1 
Host: track.sendlane.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.250.2.183
HTTP/1.1 204 No Content
                                        
Date: Thu, 06 Oct 2022 05:50:36 GMT
Server: Apache
Cache-Control: no-cache, private, max-age=2592000
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 59
Set-Cookie: track_session=eyJpdiI6IitrcGs2SktYaUVETFBjbkFpZFNta1E9PSIsInZhbHVlIjoicXIzNWgwbjJ1ck1ickMwa3ArQThBdWxvRE5EekU3dXRiSmpNWWhzZE5uRkhNTnNEYmdoNWR6OEpMNDk4RzhELzNlN3RvREU3WStxL2VyTFd0Mks3NUkzaTNnQTBUblMyV3F2OG1jTFQ1SndEdFNwODJXQjBlcC9sNmQ1QkJBclciLCJtYWMiOiI1Y2UxODQwMjc2YWI5OTdmYTc4ZWQxYzY2ZGU5MzY3YzE5ZjBjMjI4ODNmNTI1MTNjOTc0NGU3ZTRkZmQ0NWQ2IiwidGFnIjoiIn0%3D; expires=Thu, 06-Oct-2022 07:50:36 GMT; Max-Age=7200; path=/; domain=sendlane.com; secure; httponly; samesite=lax
Expires: Sat, 05 Nov 2022 05:50:36 GMT
Connection: close

                                        
                                            GET /9726461.js HTTP/1.1 
Host: tag.getdrip.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.55
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 8
last-modified: Fri, 20 May 2022 20:08:53 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 06 Oct 2022 05:50:37 GMT
etag: "de2e1607e500ee465eca3ec4505c0859"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OcXFKIy_Zr9EjNWfGzRT3HJvQIQdKhBPJ88a3dSeSvXalWmwfcvP-Q==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   8
Md5:    de2e1607e500ee465eca3ec4505c0859
Sha1:   cfd432c8178796a4af548a7ed62f09bdf5fbb897
Sha256: 295bdad3ed86f4eeb0249f30e724344ec7be85582094013a85403ecbb77a0047
                                        
                                            GET /prod/540751/8e06fd82-42e9-4211-9f65-32b7dbc43b43.json.gz HTTP/1.1 
Host: hubspot-forms-static-embed.s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.231.133.249
HTTP/1.1 403 Forbidden
Content-Type: application/xml
                                        
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 5YTYBA8D9VCNWVBH
x-amz-id-2: 3fPMzzWwD+y3ktXV7HRUjqFs7dL5StdJ4A4S0HEpX5y3wa3Gcy7g7RjoVBo9Hjjz/fAexiXDMS8=
Transfer-Encoding: chunked
Date: Thu, 06 Oct 2022 05:50:36 GMT
Server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text
Size:   243
Md5:    3b0269f4fed5d774f33a8831083eec31
Sha1:   6c501a11ce4a25b8516e13213bc4eac4c953d730
Sha256: e2bab0a2628958dd8dcd56127f4e1d08d7346be61117a4f02598b48c1ecde76b
                                        
                                            GET /REST/forms/v1/renderedForms?v=2022-10-06T05&brandID=60034c978a48f7337bc1a105 HTTP/1.1 
Host: forms.soundestlink.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Origin: https://www.usbfund.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.27.48
HTTP/2 200 OK
content-type: application/json
                                        
date: Thu, 06 Oct 2022 05:50:37 GMT
content-length: 2
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=600, public
expires: Sun, 06 Nov 2022 05:50:36 GMT
last-modified: Thu, 06 Oct 2022 05:50:36 GMT
x-envoy-upstream-service-time: 3
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 755c1ed8bbb9b4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   2
Md5:    d751713988987e9331980363e24189ce
Sha1:   97d170e1550eee4afc0af065b78cda302a97674c
Sha256: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
                                        
                                            GET /companywidget.aspx?ID=100094667&WidgetType=1 HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=vv3iruljb1r4q3dzgms51nf0; path=/; secure; HttpOnly; SameSite=Lax
date: Thu, 06 Oct 2022 05:50:36 GMT
content-length: 6794
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (604), with CRLF line terminators
Size:   6794
Md5:    942807f1f0ac40a4d329b71eeb1519cf
Sha1:   5c3b93261a73b69838b6524d71cd4f15cd0f10b6
Sha256: f8df5ccf1a1f0a17db9f9bb0c86b6afe4acf2442ced90d5728675d51d28d6158
                                        
                                            GET /track.js HTTP/1.1 
Host: serve.albacross.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 08 Apr 2021 13:13:21 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Thu, 06 Oct 2022 05:49:31 GMT
Cache-Control: max-age=120
ETag: W/"b769e9b4f23be6c9bab7c715fdf2526a"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: eSCuaJEDtdmEufYiFZP08OHdiTjYuCwgHKiREomvtRhr_ABoIMiWAg==
Age: 68


--- Additional Info ---
Magic:  ASCII text, with very long lines (10418)
Size:   4085
Md5:    e062066a14a30b3ed3b72c5b31f21ffe
Sha1:   064e97457f03f59e40134ea46a21ba6e98a90c68
Sha256: 7bc78e48c07227b97701737a2799c978d37ff3f2350b02043ce69464de7399de
                                        
                                            GET /li.lms-analytics/insight.min.js HTTP/1.1 
Host: snap.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.121
HTTP/2 200 OK
content-type: application/x-javascript;charset=utf-8
                                        
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=66838
date: Thu, 06 Oct 2022 05:50:37 GMT
content-length: 3063
x-cdn: AKAM
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7751)
Size:   3063
Md5:    57efbbeb3e1d23c82b677511c67c8b0e
Sha1:   f927ba115ef4be362694c22850ddbdd1c1b054d1
Sha256: 873b38d80c8ff1ffcac23ecdb7fb2d17413ae3c217236d8e1e24574b1c4707c6
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 06 Oct 2022 04:41:09 GMT
expires: Thu, 06 Oct 2022 06:41:09 GMT
cache-control: public, max-age=7200
age: 4168
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            GET /munchkin.js HTTP/1.1 
Host: munchkin.marketo.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         88.221.99.189
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Accept-Ranges: bytes
ETag: "92b41a298690c047b0c4602dd843cba4:1662686319.691662"
Last-Modified: Fri, 09 Sep 2022 01:18:39 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 06 Oct 2022 05:50:37 GMT
Content-Length: 728
Connection: keep-alive
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"


--- Additional Info ---
Magic:  ASCII text, with very long lines (521)
Size:   728
Md5:    51a92d8c69733d719447dea0416ed039
Sha1:   69f4c1e0b7ebba812bc096708d57627927dff265
Sha256: cb483c0ea4012ac512bcba6204b37622b388c1aefd4ae9028f60abb965f23d29
                                        
                                            GET /stylesheets/font-awesome.min.css HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: no-cache
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 18:58:59 GMT
accept-ranges: bytes
etag: "809bbc5d6cd3d81:0"
vary: Accept-Encoding
date: Thu, 06 Oct 2022 05:50:36 GMT
content-length: 6965
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (30837)
Size:   6965
Md5:    775375b17c16dc85854ba29bbba28807
Sha1:   91c2f8c2838211a85090f061340b6c0c24e763af
Sha256: e05c4f03a6c957e6b769e9ac46b9b6d7f1de8f46f49fc894be7c7493aaf4e033
                                        
                                            GET /stylesheets/jquery.selectBox.css HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
cache-control: no-cache
location: https://www.checkbca.org/stylesheets/jquery.selectbox.css
date: Thu, 06 Oct 2022 05:50:36 GMT
content-length: 180
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   180
Md5:    65d99af646ca7622a01fc0d3eb7a6b6d
Sha1:   a6b71820c0572f17c183b5669255346947bc3492
Sha256: 425fea6b4acfc8c48eee414af2be035b5c77a87742cf0bb46b136d07e0c29f6a
                                        
                                            GET /stylesheets/style.css HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: no-cache
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 18:58:59 GMT
accept-ranges: bytes
etag: "809bbc5d6cd3d81:0"
vary: Accept-Encoding
date: Thu, 06 Oct 2022 05:50:36 GMT
content-length: 10891
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  assembler source, Unicode text, UTF-8 text, with very long lines (548), with CRLF line terminators
Size:   10891
Md5:    cef167427944e3fb4d6831c227b30bd0
Sha1:   5900baa9671ec663d3f990e38e7bb763f7edee64
Sha256: ad26247de1e0e4f3e40fd860a147df0ed041f06e75dc48f7e1ac3684ac7920f1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6144
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 05:50:37 GMT
Last-Modified: Thu, 06 Oct 2022 04:08:14 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 727

                                        
                                            GET /inShop/forms.js?v=2022-10-06T05 HTTP/1.1 
Host: omnisnippet1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.40.169
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 06 Oct 2022 05:50:36 GMT
last-modified: Thu, 29 Sep 2022 14:16:25 GMT
etag: W/"6335a8b9-206e2"
expires: Thu, 06 Oct 2022 05:04:16 GMT
cache-control: max-age=3600
x-envoy-upstream-service-time: 1
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 3035
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 755c1ed81d33b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32022)
Size:   47116
Md5:    4f1dacb8dcce12ea98addc9a61e2a09e
Sha1:   b6a66312e5a69ee9c9172aa345a3a4042d89522f
Sha256: 1de000bc3dab366bac31491e2f59cfc64fd35569bd4da24c9dfa98498e8c45c1
                                        
                                            GET /wp-content/uploads/cropped-iconusbfund-32x32.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.2094491169.1665035436; __ss=1665035435736; __ss_referrer=https%3A//www.usbfund.com/secured-vs-unsecured-line-of-credit/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; _ga_YYEX7W0G95=GS1.1.1665035435.1.0.1665035435.0.0.0; _ga=GA1.1.1625848231.1665035436; wc_visitor=100980-d536ca01-f60e-17be-d905-c1a511e15611; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-d536ca01-f60e-17be-d905-c1a511e15611+..+; wc_client_current=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-d536ca01-f60e-17be-d905-c1a511e15611+..+; IR_gbd=usbfund.com; IR_7486=1665035435888%7C0%7C1665035435888%7C%7C; __ss_tk=202210%7C633e6cab939e1f310c18f12e; soundestID=20221006055036-88fvx8LOMndjR8cLqcrZs2flyXgRsKebR52DaZN2rPGldJiFe; omnisendAnonymousID=YSfSR6ZpBaLSJo-20221006055036; omnisendSessionID=aKtiaGfk7klfOd-20221006055036; prism_224499963=e0b575c7-e1a8-4e49-91aa-0d6124fe2725; soundest-views=1; wc_swap=9493560881+..+9494611140+..+68836
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:14:07 GMT
accept-ranges: bytes
content-length: 1438
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Thu, 06 Oct 2022 05:50:37 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   1438
Md5:    331f8022f00882988b3dd50a45511040
Sha1:   295b137770dedf8de5101ba30c05f515e21b6fb0
Sha256: f83bb7fbb6ab6b05a6129fdc513d6edeb3b9029b0cbe6cf3eae361ad56c58cf5
                                        
                                            GET /wp-content/uploads/cropped-iconusbfund-192x192.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.2094491169.1665035436; __ss=1665035435736; __ss_referrer=https%3A//www.usbfund.com/secured-vs-unsecured-line-of-credit/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; _ga_YYEX7W0G95=GS1.1.1665035435.1.0.1665035435.0.0.0; _ga=GA1.1.1625848231.1665035436; wc_visitor=100980-d536ca01-f60e-17be-d905-c1a511e15611; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-d536ca01-f60e-17be-d905-c1a511e15611+..+; wc_client_current=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-d536ca01-f60e-17be-d905-c1a511e15611+..+; IR_gbd=usbfund.com; IR_7486=1665035435888%7C0%7C1665035435888%7C%7C; __ss_tk=202210%7C633e6cab939e1f310c18f12e; soundestID=20221006055036-88fvx8LOMndjR8cLqcrZs2flyXgRsKebR52DaZN2rPGldJiFe; omnisendAnonymousID=YSfSR6ZpBaLSJo-20221006055036; omnisendSessionID=aKtiaGfk7klfOd-20221006055036; prism_224499963=e0b575c7-e1a8-4e49-91aa-0d6124fe2725; soundest-views=1; wc_swap=9493560881+..+9494611140+..+68836
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:15:06 GMT
accept-ranges: bytes
content-length: 19606
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Thu, 06 Oct 2022 05:50:37 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   19606
Md5:    273b22a347363c8bfaa20ddcca897d53
Sha1:   0bf5106cb96db26030ae4bee997db3aef8914130
Sha256: 3c673a54e1fea64b6b57dc31365058249f665f327b0e032746b310a2f6a2c0b2
                                        
                                            GET /162/munchkin.js HTTP/1.1 
Host: munchkin.marketo.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         88.221.99.189
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Accept-Ranges: bytes
ETag: "75daf56f6191efe42577301908659c29:1656637152.894482"
Last-Modified: Fri, 01 Jul 2022 00:59:12 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=8640000
Expires: Sat, 14 Jan 2023 05:50:37 GMT
Date: Thu, 06 Oct 2022 05:50:37 GMT
Content-Length: 4677
Connection: keep-alive
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"


--- Additional Info ---
Magic:  ASCII text, with very long lines (606)
Size:   4677
Md5:    3e9baed982956735f6e0a0e756d97ed9
Sha1:   9223be6a494a10959101a7942419df7b05b84d73
Sha256: 930a508ed0ea6b4861d19c0738360182514010913c4ebfe9352064ae5006f8a1
                                        
                                            GET /WebResource.axd?d=pynGkmcFUV13He1Qd6_TZBAd-3g2iBrrqGpefWWgmRAZw8TONzGF-aV_9TjkbkyCvwDWnstKlAYe583il9NLzw2&t=637823077705833095 HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public
content-encoding: gzip
expires: Thu, 05 Oct 2023 05:26:19 GMT
last-modified: Tue, 08 Mar 2022 11:42:50 GMT
vary: Accept-Encoding
date: Thu, 06 Oct 2022 05:50:36 GMT
content-length: 23086
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   23086
Md5:    20180537e2ac64e5c60143ac90c84998
Sha1:   82d03de61c4dededbc9fd79d8c3a8e18d3b43744
Sha256: 0999cb5dfb2dcd76a944ef880be49f8e2d66fc60d00817e2b251ba0a67090cbf
                                        
                                            GET /Scripts/WebForms/MsAjax/MicrosoftAjax.js HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
cache-control: no-cache
location: https://www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
date: Thu, 06 Oct 2022 05:50:36 GMT
content-length: 188
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   188
Md5:    6f83537ac9d2567aa0049ad8d28282d8
Sha1:   7e4975fe0edee16d97ab1f59dd7473a95902f30e
Sha256: c614ae1fc44d88ab3555782295fd0de23f7b1062ef93e0777530a9ff2fdb2fe6
                                        
                                            GET /Scripts/WebForms/MsAjax/MicrosoftAjaxWebForms.js HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
cache-control: no-cache
location: https://www.checkbca.org/scripts/webforms/msajax/microsoftajaxwebforms.js
date: Thu, 06 Oct 2022 05:50:36 GMT
content-length: 196
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   196
Md5:    95d708e49ef3d81c5832e354dbdafb01
Sha1:   ddb6aa6d1990a59c42331129fef517bb9101fad1
Sha256: 429e36746d58356e8d7fd50c755f2ec8de5fcf67bc3980f782eef9c14e89db18
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 05:50:37 GMT
Server: ECS (dcb/7F81)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: POF9PyVd2aL8sQilLSeaq01luRKyDRdotmOnIawif_wMNRVDawTGTQ==

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 05:50:37 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 13:42:54 GMT
Expires: Wed, 12 Oct 2022 13:42:53 GMT
Etag: "d2913d670acf488ba2460758095e8238c1d47966"
Cache-Control: max-age=546135,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755c1edaae05b4ff-OSL

                                        
                                            GET /scripts/jquery-3.3.1.min.js HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: no-cache
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Thu, 06 Oct 2022 05:50:36 GMT
content-length: 30394
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   30394
Md5:    a263be51483c81a54aa8c85104a93e55
Sha1:   555a54a73531c553bd2aede6abc25c128b63312e
Sha256: b2f13ad730928958c09d89e6e32bb6a227c0260d032a39ca464d998a59e57a66
                                        
                                            GET /scripts/jquery.simplemodal.1.4.4.min.js HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: no-cache
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Thu, 06 Oct 2022 05:50:36 GMT
content-length: 3081
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (626), with CRLF, LF line terminators
Size:   3081
Md5:    487fda8eb4e12565909588706300e2fb
Sha1:   9224d8c027d499bb7ec852c2bf3c580e593f5d5b
Sha256: 664736273b9cff9b035c3c682e6ea5e1220468bf24d3199d45148b0a45e101dc
                                        
                                            GET /711861.gif HTTP/1.1 
Host: id.rlcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.244.174.68
HTTP/2 451 Unavailable For Legal Reasons
                                        
date: Thu, 06 Oct 2022 05:50:37 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            GET /pixel/10751/?che=1665035437292&ip=91.90.42.154&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D216803104296000372923 HTTP/1.1 
Host: d.agkn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.30.100.208
HTTP/1.1 302 Found
                                        
Cache-Control: no-cache, must-revalidate
Date: Thu, 06 Oct 2022 05:50:37 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=216803104296000372923
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Server: Apache-Coyote/1.1
Set-Cookie: ab=0001%3Awk4JCvkZ%2BuemFn0%2BLUJ6Z3oFnpdyS0eG;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure u=C|0AAAq0SktKtEpLQAAAAAA;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /recorder.js HTTP/1.1 
Host: rec.smartlook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.76.9.26
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 06 Oct 2022 05:50:37 GMT
access-control-allow-origin: *
cache-control: public, max-age=600
etag: W/"633c0afc-7492"
last-modified: Tue, 04 Oct 2022 10:29:16 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-accel-expires: @1665035500
server: CDN77-Turbo
x-77-nzt: AblMCRQbRZn/GQIAAA
x-77-nzt-ray: Q4xALB8Mwbc
x-cache: HIT
x-age: 537
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (29842), with no line terminators
Size:   9411
Md5:    abe32c2a9cd171a482c7f22465795951
Sha1:   3dbd2725896abd16208b6363e081910381f5e665
Sha256: 040b3c9dd696f3e2801d1f0e6e45759fbd9b46d75034ae7b0e8f51f6028a1257
                                        
                                            GET /inshop/launcher-v2.js HTTP/1.1 
Host: omnisrc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.5.28
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 06 Oct 2022 05:50:36 GMT
last-modified: Thu, 29 Sep 2022 14:16:25 GMT
etag: W/"6335a8b9-de42"
expires: Thu, 06 Oct 2022 06:23:51 GMT
cache-control: max-age=3600
x-envoy-upstream-service-time: 1
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 1527
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 755c1ed63b37b506-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32138)
Size:   19898
Md5:    5a762ed813da40677efa8fcbed82b17c
Sha1:   8df23b7a2613f8ad56508a630675ec0c851ee71e
Sha256: 3730e6ff40512a588ec0e5c97f0af48ff36928be89ccca8d64f03130d2f90acf
                                        
                                            GET /scripts/jquery.selectBox.js HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
cache-control: no-cache
location: https://www.checkbca.org/scripts/jquery.selectbox.js
date: Thu, 06 Oct 2022 05:50:36 GMT
content-length: 175
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   175
Md5:    46da262b5b1399dfbf30fac73e57a298
Sha1:   c176cf3cfa6da6a0748c497591ff3619467d6434
Sha256: 4089029c368f61bcc5e6be36c952e1c440e0e20475e247b8316c6ce57ea7cc99
                                        
                                            GET /scripts/scripts.js HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: no-cache
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 18:58:56 GMT
accept-ranges: bytes
etag: "0d8f25b6cd3d81:0"
vary: Accept-Encoding
date: Thu, 06 Oct 2022 05:50:36 GMT
content-length: 4272
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   4272
Md5:    3b38a1caac14cc0685da48549e84da3b
Sha1:   2ce4f852dced2ddee12614640dcfeb0f3a96ae48
Sha256: 4e45d270791d6d30c782e95c1763ef0a1ac7b934d5cb703b651f3c6434c8b22b
                                        
                                            GET /collect?v=2&fmt=js&pid=58092&time=1665035437230&url=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit HTTP/1.1 
Host: px.ads.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         13.107.42.14
HTTP/2 302 Found
                                        
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D58092%26time%3D1665035437230%26url%3Dhttps%253A%252F%252Fwww.usbfund.com%252Fsecured-vs-unsecured-line-of-credit%252F%253Futm_source%253Dbayengage%2526utm_medium%253Dcampaign-email%2526utm_campaign%253Dsecured-vs-unsecured-line-of-credit%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQJoveIvi6WGSgAAAYOr2IW9csktrfs6yQfPAuBQrovtkKGyjU-ub-siLw4dM6DfBEdB0Sqir8zJ4A; Max-Age=2592000; Expires=Sat, 05 Nov 2022 05:50:37 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure AnalyticsSyncHistory=AQKsYyFrgvqCmAAAAYOr2IW9GTTCFtNQNBJI2MF3mj1bruVen3CGGTLXBs5R_C8PbO2IUosss3b8HX7Wcggj4A; Max-Age=2592000; Expires=Sat, 05 Nov 2022 05:50:37 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure bcookie="v=2&ddedc0cb-1edd-43c5-8ef7-bb7d82a481a8"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 06-Oct-2023 05:50:37 GMT; SameSite=None lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2355:u=1:x=1:i=1665035437:t=1665121837:v=2:sig=AQENSgcad8OGR-bE8YpcvPM1mDdy-mFr"; Expires=Fri, 07 Oct 2022 05:50:37 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXqV0XKQks7byiXaDaa5A==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 992E41A745A948A9973A546CD184F360 Ref B: OSL30EDGE0517 Ref C: 2022-10-06T05:50:37Z
date: Thu, 06 Oct 2022 05:50:36 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /pixel.gif?clkgypv=pxl&ch=128&cm=216803104296000372923 HTTP/1.1 
Host: aorta.clickagy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         3.214.87.107
HTTP/2 302 Found
content-type: application/json
                                        
date: Thu, 06 Oct 2022 05:50:37 GMT
content-length: 0
location: https://idsync.rlcdn.com/420246.gif?partner_uid=c:e89ffb6bcf0539ea582ee4fc6cd90fbb
server: Aorta/20220929.37e3bd418
x-aorta-host: 6680b3b46556
x-aorta-region: us-east-1
access-control-allow-credentials: true
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
access-control-expose-headers: Set-Cookie
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin:
access-control-max-age: 31536000
cache-control: no-cache, no-store, must-revalidate
expect: 0
X-Firefox-Spdy: h2

                                        
                                            GET /images/widget_member_seal.png HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: no-cache
last-modified: Sat, 09 May 2020 03:31:08 GMT
accept-ranges: bytes
etag: "8a855647b225d61:0"
date: Thu, 06 Oct 2022 05:50:36 GMT
content-length: 4897
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Size:   4897
Md5:    b16b18a3bc55b39e53d58026662582b1
Sha1:   f1ef3e2605c0eb6afd312dcc7b354b4d0dee54a2
Sha256: fb715daa7fae403543290995b70576747818581d044e57b5ac072fd27c84e1bf
                                        
                                            GET /stylesheets/jquery.selectbox.css HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: no-cache
content-encoding: gzip
last-modified: Fri, 02 Aug 2019 17:52:06 GMT
accept-ranges: bytes
etag: "0a783ff5a49d51:0"
vary: Accept-Encoding
date: Thu, 06 Oct 2022 05:50:36 GMT
content-length: 844
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2823), with no line terminators
Size:   844
Md5:    ef6ac3dc00cd170fb2e40e76489dc10d
Sha1:   02964dcc31527690062facef2f5ca2c0cf24ea23
Sha256: 06e4f8e3d1d4e68a23c9fd4927304906f912307b71f80025f6b74dfe3945d813
                                        
                                            GET /scripts/webforms/msajax/microsoftajax.js HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: no-cache
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 18:58:58 GMT
accept-ranges: bytes
etag: "05245d6cd3d81:0"
vary: Accept-Encoding
date: Thu, 06 Oct 2022 05:50:37 GMT
content-length: 24320
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65262), with CRLF line terminators
Size:   24320
Md5:    1aa546445a52ff5e781cb1e335f445c4
Sha1:   a8071c7d8f7c2798100ceed7ef5842a587cc41d2
Sha256: 6a3e80b4cc602560e187e061ff5070fdda5c608125956f878f417b01867f6b09
                                        
                                            GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D58092%26time%3D1665035437230%26url%3Dhttps%253A%252F%252Fwww.usbfund.com%252Fsecured-vs-unsecured-line-of-credit%252F%253Futm_source%253Dbayengage%2526utm_medium%253Dcampaign-email%2526utm_campaign%253Dsecured-vs-unsecured-line-of-credit%26liSync%3Dtrue HTTP/1.1 
Host: www.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.107.42.14
HTTP/2 302 Found
                                        
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=58092&time=1665035437230&url=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None bcookie="v=2&64f136d6-7083-4830-88ab-ac467a21e6f2"; Domain=.linkedin.com; Expires=Fri, 06-Oct-2023 05:50:37 GMT; Path=/; Secure; SameSite=None bscookie="v=1&20221006055037afdb21a5-227e-420b-84ac-c77f1b32faf6AQHqkiDoqIXT1zMaSqi-k0t5q8Slyliy"; Domain=.www.linkedin.com; Expires=Fri, 06-Oct-2023 05:50:37 GMT; Path=/; HttpOnly; Secure; SameSite=None li_gc=MTswOzE2NjUwMzU0Mzc7MjswMjFiAxVm330GCqoRernom0M/I/YsfNeR0LSqDvv9bczO7A==; Domain=.linkedin.com; Expires=Tue, 04 Apr 2023 05:50:37 GMT; Path=/; Secure; SameSite=None lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2355:u=1:x=1:i=1665035437:t=1665121837:v=2:sig=AQENSgcad8OGR-bE8YpcvPM1mDdy-mFr"; Expires=Fri, 07 Oct 2022 05:50:37 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXqV0XNTrRmEKHUA9lyLg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 7CA7E093AD3B4BD29167EEB0BD2F9BF7 Ref B: OSL30EDGE0517 Ref C: 2022-10-06T05:50:37Z
date: Thu, 06 Oct 2022 05:50:36 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /scripts/webforms/msajax/microsoftajaxwebforms.js HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: no-cache
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 18:58:59 GMT
accept-ranges: bytes
etag: "809bbc5d6cd3d81:0"
vary: Accept-Encoding
date: Thu, 06 Oct 2022 05:50:37 GMT
content-length: 9603
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (39257), with CRLF line terminators
Size:   9603
Md5:    211aa6b9096a11187131cbc6c3ab6d16
Sha1:   380ff6b00fc93d78031319a6d1b0e78f2a9e6017
Sha256: 4f1ec7256c84b77776b8c75fd59dca0c6b5560fa3a5010a290e46b6b5d8d4f5f
                                        
                                            GET /scripts/jquery.selectbox.js HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: no-cache
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Thu, 06 Oct 2022 05:50:37 GMT
content-length: 4192
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (15896), with no line terminators
Size:   4192
Md5:    786f2eb7bf72098ca18b9afd6d127237
Sha1:   5e75cb575c23f13e064a913cbe55570670e718ab
Sha256: d8a1f1df33bbe0f528bfd53be5c1388890220e54c5aaa7281b889a1e5dde3189
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 05:50:37 GMT
Last-Modified: Thu, 06 Oct 2022 04:05:34 GMT
Server: ECS (dcb/7EA3)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5hXYeI6X7N32GBam6RL_rgl0fIuvv1gKtBMZwZ-ycmWnmL29VxOi7w==
Age: 6303

                                        
                                            GET /collect?v=2&fmt=js&pid=58092&time=1665035437230&url=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&liSync=true HTTP/1.1 
Host: px.ads.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.107.42.14
HTTP/2 200 OK
content-type: application/javascript
                                        
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure bcookie="v=2&86f0ea49-4908-4b29-885b-c1ddc3fcf5da"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 06-Oct-2023 05:50:37 GMT; SameSite=None lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2398:u=1:x=1:i=1665035437:t=1665121837:v=2:sig=AQHXj-8uV4x1KgnOfxZE1OBN_QuUJ330"; Expires=Fri, 07 Oct 2022 05:50:37 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXqV0XQNeKuwbXtE+VK/A==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: B20C8081377E4855B55EE43B18236FE0 Ref B: OSL30EDGE0517 Ref C: 2022-10-06T05:50:37Z
date: Thu, 06 Oct 2022 05:50:36 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6239
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 05:50:38 GMT
Last-Modified: Thu, 06 Oct 2022 04:06:39 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /companywidget.aspx?ID=100094667&WidgetType=1 HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=zzvznq5tf3ystg1pw1w0hvbd; path=/; secure; HttpOnly; SameSite=Lax
date: Thu, 06 Oct 2022 05:50:37 GMT
content-length: 6794
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (604), with CRLF line terminators
Size:   6794
Md5:    33d5dd8143ebb65c053f022b70199b30
Sha1:   abf48c522e9cd9fc33f1e692b871d58b26636e2e
Sha256: fa443ac283ccbb42b0d42aff607fc6e6d53ea4df932ab9985bced6963877c41b
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FD3C74843ACCEDB73F2C48517195A38D319ECFB5FFF912C79144B688F18FA7DA"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14002
Expires: Thu, 06 Oct 2022 09:44:00 GMT
Date: Thu, 06 Oct 2022 05:50:38 GMT
Connection: keep-alive

                                        
                                            GET /stylesheets/font-awesome.min.css HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Wed, 28 Sep 2022 18:58:59 GMT
If-None-Match: "809bbc5d6cd3d81:0"
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 304 Not Modified
                                        
cache-control: no-cache
date: Thu, 06 Oct 2022 05:50:37 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /stylesheets/jquery.selectBox.css HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
cache-control: no-cache
location: https://www.checkbca.org/stylesheets/jquery.selectbox.css
date: Thu, 06 Oct 2022 05:50:37 GMT
content-length: 180
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   180
Md5:    65d99af646ca7622a01fc0d3eb7a6b6d
Sha1:   a6b71820c0572f17c183b5669255346947bc3492