Overview

URL www.usbfund.com/blog/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=how-to-write-a-business-plan-to-get-approved-for-a-loan
IP50.87.170.174
ASNUNIFIEDLAYER-AS-1
Location United States
Report completed2022-10-04 05:43:24 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-04 2 www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/js/tracking.mi (...) Malware
2022-10-04 2 www.usbfund.com/wp-content/themes/usb/js/site.js Malware
2022-10-04 2 www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/js/jquery.cook (...) Malware
2022-10-04 2 www.usbfund.com/wp-content/themes/usb/js/accounting.min.js Malware
2022-10-04 2 www.usbfund.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 Malware
2022-10-04 2 www.usbfund.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Malware
2022-10-04 2 www.usbfund.com/fonts/socicon.woff Malware
2022-10-04 2 www.usbfund.com/fonts/socicon.ttf Malware
2022-10-04 2 www.usbfund.com/fonts/socicon.woff2 Malware
2022-10-04 2 www.usbfund.com/wp-content/themes/usb/js/plugins.js Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (79)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ib.adnxs.com (2) 241 2012-05-23 22:36:14 UTC 2022-10-03 12:29:59 UTC 185.89.211.132
mnemonic passive DNS pixel.tapad.com (2) 400 2012-10-01 07:23:01 UTC 2022-10-03 14:42:13 UTC 35.227.248.159
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-03 09:28:24 UTC 54.189.157.130
mnemonic passive DNS loadm.exelator.com (1) 1042 2012-05-22 07:59:51 UTC 2022-10-03 17:18:15 UTC 34.254.143.3
mnemonic passive DNS tag.getdrip.com (1) 20100 2018-08-25 09:40:26 UTC 2022-10-04 05:14:59 UTC 143.204.55.121
mnemonic passive DNS track.hubspot.com (1) 2528 2012-12-25 23:30:42 UTC 2022-10-04 04:31:36 UTC 104.19.154.83
mnemonic passive DNS www.googleadservices.com (1) 107 2012-07-21 05:05:30 UTC 2022-10-04 05:30:23 UTC 142.250.74.162
mnemonic passive DNS eb2.3lift.com (1) 402 2014-09-24 15:03:42 UTC 2022-10-03 10:04:49 UTC 13.248.245.213
mnemonic passive DNS simplifi.partners.tremorhub.com (1) 7073 2019-08-12 15:15:44 UTC 2022-10-03 22:48:08 UTC 34.203.60.99
mnemonic passive DNS js.hs-analytics.net (1) 2411 2013-09-26 02:22:44 UTC 2022-10-04 04:35:12 UTC 104.17.68.176
mnemonic passive DNS js.hs-banner.com (1) 2426 2020-03-26 17:45:21 UTC 2022-10-04 04:35:12 UTC 172.64.154.85
mnemonic passive DNS ocsp.digicert.com (8) 86 2012-05-21 07:02:23 UTC 2022-10-04 02:06:24 UTC 93.184.220.29
mnemonic passive DNS omnisrc.com (1) 48023 2017-10-18 09:33:08 UTC 2022-10-03 17:33:34 UTC 104.18.4.28
mnemonic passive DNS googleads.g.doubleclick.net (1) 42 2021-02-20 15:43:32 UTC 2022-10-04 02:32:55 UTC 142.250.74.98
mnemonic passive DNS koi-3qnetrwct6.marketingautomation.services (2) 0 2018-10-02 20:17:26 UTC 2022-09-13 20:46:12 UTC 130.211.21.179 Domain (marketingautomation.services) ranked at: 12857
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-04 04:18:32 UTC 34.120.237.76
mnemonic passive DNS fonts.gstatic.com (6) 0 2014-08-29 13:43:22 UTC 2022-10-03 23:48:04 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS track.sendlane.com (1) 270591 2017-01-30 16:03:15 UTC 2022-10-03 22:04:34 UTC 23.250.2.183
mnemonic passive DNS munchkin.marketo.net (2) 3550 2012-12-17 00:39:54 UTC 2022-10-03 13:05:32 UTC 88.221.99.189
mnemonic passive DNS beacon.cdnma.com (1) 72077 2019-06-19 21:00:32 UTC 2022-10-01 00:52:08 UTC 3.226.49.253
mnemonic passive DNS sync.search.spotxchange.com (2) 523 2014-05-29 23:15:03 UTC 2022-10-03 11:38:34 UTC 185.94.180.126
mnemonic passive DNS d.agkn.com (1) 524 2015-04-16 13:00:43 UTC 2022-10-03 23:49:13 UTC 34.248.212.187
mnemonic passive DNS aa.agkn.com (1) 431 2017-01-30 05:01:07 UTC 2022-10-03 13:54:11 UTC 34.250.137.124
mnemonic passive DNS region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-10-03 09:10:55 UTC 216.239.32.36 Domain (google-analytics.com) ranked at: 8401
mnemonic passive DNS ws.zoominfo.com (1) 8735 2019-11-13 21:26:54 UTC 2022-10-04 05:19:22 UTC 104.16.168.82
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-03 09:28:24 UTC 34.117.237.239
mnemonic passive DNS code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2022-10-04 03:58:00 UTC 69.16.175.10
mnemonic passive DNS ajax.googleapis.com (1) 12905 2013-08-16 09:51:31 UTC 2022-10-04 03:44:22 UTC 142.250.74.42
mnemonic passive DNS fonts.googleapis.com (3) 8877 2013-06-10 20:14:26 UTC 2022-10-04 02:04:45 UTC 142.250.74.10
mnemonic passive DNS ocsp.godaddy.com (2) 698 2012-05-20 19:28:57 UTC 2022-10-03 06:33:58 UTC 192.124.249.24
mnemonic passive DNS r3.o.lencr.org (13) 344 2020-12-02 08:52:13 UTC 2022-10-03 07:33:36 UTC 23.36.76.226
mnemonic passive DNS process.iconnode.com (2) 63404 2017-01-30 21:39:31 UTC 2022-10-03 07:07:08 UTC 76.223.116.242
mnemonic passive DNS trackcmp.net (1) 8111 2019-03-11 21:16:11 UTC 2022-10-03 21:41:29 UTC 104.18.42.105
mnemonic passive DNS serve.albacross.com (1) 64177 2017-09-21 06:16:03 UTC 2022-10-03 10:48:34 UTC 143.204.55.5
mnemonic passive DNS px.ads.linkedin.com (2) 522 2017-08-08 16:28:50 UTC 2022-10-04 04:31:36 UTC 13.107.42.14
mnemonic passive DNS stags.bluekai.com (1) 471 2012-06-27 19:59:37 UTC 2022-10-04 04:17:46 UTC 23.38.201.22
mnemonic passive DNS www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-10-03 09:28:40 UTC 142.250.74.3
mnemonic passive DNS tags.clickagy.com (1) 44715 2018-09-26 07:45:45 UTC 2022-10-04 02:29:52 UTC 104.18.30.205
mnemonic passive DNS www.googletagmanager.com (2) 75 2012-12-25 14:52:06 UTC 2022-10-03 20:08:49 UTC 142.250.74.168
mnemonic passive DNS c.cdnma.com (1) 0 2012-07-26 22:50:15 UTC 2022-10-01 00:52:07 UTC 143.204.55.64 Domain (cdnma.com) ranked at: 61392
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-10-04 05:10:46 UTC 142.250.74.174
mnemonic passive DNS forms.soundestlink.com (1) 16969 2016-03-10 06:08:55 UTC 2022-10-03 17:33:25 UTC 104.18.26.48
mnemonic passive DNS ocsp.usertrust.com (1) 899 2012-05-21 15:43:18 UTC 2022-10-03 07:10:33 UTC 104.18.32.68
mnemonic passive DNS pixel.rubiconproject.com (1) 314 2012-10-09 03:17:38 UTC 2022-10-03 08:26:15 UTC 213.19.162.90
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-10-04 03:36:29 UTC 142.250.74.164
mnemonic passive DNS ce.lijit.com (1) 812 2012-05-22 05:45:01 UTC 2022-10-03 23:10:41 UTC 72.251.249.14
mnemonic passive DNS omnisnippet1.com (2) 16560 2021-04-01 18:46:48 UTC 2022-10-03 10:53:22 UTC 104.18.21.138
mnemonic passive DNS ocsp.sca1b.amazontrust.com (11) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.88
mnemonic passive DNS diffuser-cdn.app-us1.com (1) 8451 2019-06-13 03:58:17 UTC 2022-10-04 00:43:26 UTC 104.17.145.91
mnemonic passive DNS www.checkbca.org (31) 541438 2015-08-11 23:57:00 UTC 2022-09-14 15:32:37 UTC 207.137.0.213
mnemonic passive DNS ocsp.sectigo.com (2) 487 2018-12-17 11:31:55 UTC 2022-10-03 22:00:40 UTC 172.64.155.188
mnemonic passive DNS scripts.iconnode.com (2) 40696 2017-10-11 16:27:18 UTC 2022-10-03 07:07:08 UTC 54.230.111.124
mnemonic passive DNS shield.sitelock.com (1) 65503 2012-07-12 10:25:01 UTC 2022-10-03 19:45:54 UTC 45.60.14.54
mnemonic passive DNS new-collect.albacross.com (1) 53310 2020-08-29 10:59:45 UTC 2022-10-03 06:24:54 UTC 52.30.141.124
mnemonic passive DNS widget.trustpilot.com (2) 6018 2017-09-05 07:45:53 UTC 2022-10-03 13:18:20 UTC 143.204.55.80
mnemonic passive DNS us-u.openx.net (1) 357 2013-08-30 19:43:55 UTC 2022-10-03 07:14:31 UTC 35.244.159.8
mnemonic passive DNS um.simpli.fi (21) 744 2012-05-22 05:45:01 UTC 2022-10-03 22:48:07 UTC 35.204.74.118
mnemonic passive DNS 511-lvj-854.mktoresp.com (1) 0 2016-11-21 23:15:54 UTC 2022-09-13 20:46:15 UTC 199.15.214.243 Domain (mktoresp.com) ranked at: 2732
mnemonic passive DNS bcp.crwdcntrl.net (2) 699 2020-02-08 17:13:11 UTC 2022-10-03 23:10:32 UTC 34.251.218.252
mnemonic passive DNS d.impactradius-event.com (1) 2612 2017-02-01 08:42:43 UTC 2022-10-04 05:31:37 UTC 35.186.249.72
mnemonic passive DNS ocsp.globalsign.com (2) 2075 2012-05-25 06:20:55 UTC 2022-10-03 09:28:50 UTC 104.18.21.226
mnemonic passive DNS tag.simpli.fi (1) 5216 2016-08-25 21:56:15 UTC 2022-10-03 22:48:06 UTC 169.50.137.176
mnemonic passive DNS sync.intentiq.com (1) 1476 2020-05-11 16:09:42 UTC 2022-10-03 22:48:08 UTC 143.204.55.23
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-03 08:07:24 UTC 34.160.144.191
mnemonic passive DNS cdnjs.cloudflare.com (1) 235 2020-10-20 10:17:36 UTC 2022-10-04 04:47:48 UTC 104.17.24.14
mnemonic passive DNS assets.anytrack.io (1) 73313 2020-04-27 16:14:57 UTC 2022-10-03 16:21:09 UTC 54.230.111.122
mnemonic passive DNS aorta.clickagy.com (2) 2306 2020-07-29 17:59:06 UTC 2022-10-04 05:03:40 UTC 54.162.244.84
mnemonic passive DNS status.geotrust.com (3) 3662 2017-12-01 08:55:31 UTC 2022-10-03 09:35:04 UTC 93.184.220.29
mnemonic passive DNS www.linkedin.com (1) 608 2014-04-09 13:16:08 UTC 2022-10-04 04:38:48 UTC 13.107.42.14
mnemonic passive DNS sync.bfmio.com (1) 1205 2017-01-30 04:50:02 UTC 2022-10-03 22:52:33 UTC 52.55.178.75
mnemonic passive DNS ocsp.pki.goog (21) 175 2017-06-14 07:23:31 UTC 2022-10-03 07:14:52 UTC 142.250.74.3
mnemonic passive DNS js.hs-scripts.com (1) 2571 2016-08-09 10:18:36 UTC 2022-10-03 13:24:10 UTC 104.17.210.204
mnemonic passive DNS sendlane.com (1) 82414 2014-12-13 15:20:03 UTC 2022-10-02 16:38:28 UTC 104.16.167.6
mnemonic passive DNS id.rlcdn.com (1) 618 2018-09-04 15:59:44 UTC 2022-10-04 04:20:44 UTC 35.244.174.68
mnemonic passive DNS speedyfox.io (1) 268478 2019-02-15 09:24:11 UTC 2022-09-29 16:09:23 UTC 162.242.174.138
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-04 00:45:50 UTC 143.204.55.115
mnemonic passive DNS cm.g.doubleclick.net (2) 202 2013-05-30 23:19:45 UTC 2022-10-03 23:27:31 UTC 216.58.207.194
mnemonic passive DNS fei.pro-market.net (2) 2658 2012-10-30 06:46:59 UTC 2022-10-03 22:42:05 UTC 107.178.240.89
mnemonic passive DNS www.usbfund.com (44) 0 2017-02-10 14:01:41 UTC 2022-10-04 04:34:04 UTC 50.87.170.174 Unknown ranking


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 50.87.170.174

Date UQ / IDS / BL URL IP
2022-12-03 13:10:21 +0000
0 - 0 - 10 www.usbfund.com/15-best-blogs-cash-flow/?utm_ (...) 50.87.170.174
2022-12-02 22:07:15 +0000
0 - 0 - 10 www.usbfund.com/get-a-small-business-loan/?ut (...) 50.87.170.174
2022-12-02 19:05:28 +0000
0 - 0 - 9 www.usbfund.com/15-best-blogs-cash-flow/?utm_ (...) 50.87.170.174
2022-12-02 19:05:19 +0000
0 - 0 - 9 www.usbfund.com/get-a-small-business-loan/?ut (...) 50.87.170.174
2022-12-02 19:04:49 +0000
0 - 0 - 10 www.usbfund.com/?utm_source=bayengage&utm_med (...) 50.87.170.174

Last 5 reports on ASN: UNIFIEDLAYER-AS-1

Date UQ / IDS / BL URL IP
2022-12-09 06:55:32 +0000
0 - 0 - 7 instafede.com/mp4sync-crack-free-for-windows 162.241.253.18
2022-12-09 06:54:56 +0000
7 - 0 - 4 ralozada.com/wellsfargo/secure/indexs.php?ssl (...) 108.167.157.121
2022-12-09 06:54:53 +0000
7 - 0 - 4 ralozada.com/wellsfargo/secure/indexs.php?ssl (...) 108.167.157.121
2022-12-09 06:54:53 +0000
7 - 0 - 4 ralozada.com/wellsfargo/secure/indexs.php?ssl (...) 108.167.157.121
2022-12-09 06:44:19 +0000
0 - 0 - 1 terramarbrands.com/online/fc81ccc6239806a0b0f (...) 162.241.103.53

Last 5 reports on domain: usbfund.com

Date UQ / IDS / BL URL IP
2022-12-05 09:28:33 +0000
0 - 0 - 10 email.mail.usbfund.com/c/eJxNkN2KwyAQhZ8muUtJ (...) 34.86.85.56
2022-12-05 07:07:17 +0000
0 - 0 - 1 email.mail.usbfund.com/c/eJxNkNlqxCAUhp8m3mVw (...) 34.127.83.42
2022-12-05 07:07:19 +0000
0 - 0 - 1 email.mail.usbfund.com/c/eJxNkN1qxCAQhZ8m3iX4 (...) 34.127.83.42
2022-12-05 07:07:05 +0000
0 - 0 - 11 email.mail.usbfund.com/c/eJxNkN1uwyAMhZ8m3KXi (...) 34.127.83.42
2022-12-05 07:07:07 +0000
0 - 0 - 1 email.mail.usbfund.com/c/eJxNkN2KwyAQhZ8m3qX4 (...) 34.127.83.42

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-12-05 09:28:33 +0000
0 - 0 - 10 email.mail.usbfund.com/c/eJxNkN2KwyAQhZ8muUtJ (...) 34.86.85.56
2022-12-05 07:07:05 +0000
0 - 0 - 11 email.mail.usbfund.com/c/eJxNkN1uwyAMhZ8m3KXi (...) 34.127.83.42
2022-12-05 07:07:03 +0000
0 - 0 - 9 email.mail.usbfund.com/c/eJxdkdtqAyEQhp9G7zZ4 (...) 34.127.83.42
2022-12-05 07:07:01 +0000
0 - 0 - 8 email.mail.usbfund.com/c/eJxNkUmOwyAQRU9j74iY (...) 34.127.83.42
2022-12-05 07:06:52 +0000
0 - 0 - 9 email.mail.usbfund.com/c/eJxlkdtqAyEQhp9mvTO4 (...) 34.127.83.42


JavaScript

Executed Scripts (85)


Executed Evals (3)

#1 JavaScript::Eval (size: 618, repeated: 1) - SHA256: f9a86e5f4e4fa64ebc8b4d07c63565ebd86c6f37b904d41386a202915afcb249

                                        (function() {
    var f = 17,
        g = 14,
        h = 13;
    return function(a) {
        var d, b, e;
        "number" === typeof f && a.set("dimension" + f, a.get("clientId"));
        "number" === typeof g && a.set("dimension" + g, a.get("hitType"));
        if ("number" === typeof h) {
            var k = "_" + a.get("trackingId") + "_sendHitTask";
            var l = window[k] = window[k] || a.get("sendHitTask");
            a.set("sendHitTask", function(c) {
                try {
                    d = c.get("HPl"), b = c.get("HPl"), e = "\x26cd" + h, -1 < b.indexOf(e + "\x3d") ? console.log("GA error: tried to send hPL in assigned CD") : (b += e + "\x3d", b += b.length + b.length.toString().length,
                        c.set("HPl", b, !0)), l(c)
                } catch (m) {
                    console.error("Error sending hPL to GA " + d), c.set("HPl", d, !0), l(c)
                }
            })
        }
    }
})();
                                    

#2 JavaScript::Eval (size: 300, repeated: 1) - SHA256: d41e1dcde991113b31463b01bf26258e4a9ff50dc530bd1a66eb61d1c685bb7f

                                        (function() {
    var a = (new Date).getTime();
    "undefined" !== typeof performance && "function" === typeof performance.now && (a += performance.now());
    return "xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g, function(c) {
        var b = (a + 16 * Math.random()) % 16 | 0;
        a = Math.floor(a / 16);
        return ("x" === c ? b : b & 3 | 8).toString(16)
    })
})();
                                    

#3 JavaScript::Eval (size: 311, repeated: 1) - SHA256: 83b34ed574c9630f2d800fa605bcc5d84e287907f47456c7bd1be0deabd38901

                                        (function() {
    var a = new Date,
        d = -a.getTimezoneOffset(),
        e = 0 <= d ? "+" : "-",
        b = function(c) {
            c = Math.abs(Math.floor(c));
            return (10 > c ? "0" : "") + c
        };
    return a.getFullYear() + "-" + b(a.getMonth() + 1) + "-" + b(a.getDate()) + "T" + b(a.getHours()) + ":" + b(a.getMinutes()) + ":" + b(a.getSeconds()) + "." + b(a.getMilliseconds()) + e + b(d / 60) + ":" + b(d % 60)
})();
                                    

Executed Writes (0)



HTTP Transactions (254)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 04:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9_Lk3eqLEMaJ9gFgT8YUnMjozMVQJ3XuJeP-LC9rDSTuUuT6guMuAw==
Age: 3369


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11142
Expires: Tue, 04 Oct 2022 08:48:55 GMT
Date: Tue, 04 Oct 2022 05:43:13 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A9FB1F7ADE7C8A79D2EE83E9B7215E66DC89AC733B11079297A8F4B9ACEAE1F5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9221
Expires: Tue, 04 Oct 2022 08:16:54 GMT
Date: Tue, 04 Oct 2022 05:43:13 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: mPzvURHiXb5qsXf+wKlPAhuGUDDbmGuEgA14JJ0OT9jw3z6wiFI8kdMISD9oT3W/b992F0oMaTc=
x-amz-request-id: CYZNV117XKWJ5ATD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 04 Oct 2022 04:51:06 GMT
age: 3127
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 04 Oct 2022 05:43:13 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 05:29:33 GMT
Expires: Tue, 04 Oct 2022 06:11:15 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OXT68UjvccpPFI_vjolnDy-Dciv5-wv2Bp68sMIoLBcpKZcWjy2KFg==
Age: 820


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /blog/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=how-to-write-a-business-plan-to-get-approved-for-a-loan HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         50.87.170.174
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 04 Oct 2022 05:43:13 GMT
Server: Apache
Link: <https://www.usbfund.com/wp-json/>; rel="https://api.w.org/", <https://www.usbfund.com/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json", <https://www.usbfund.com/?p=8>; rel=shortlink
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1827), with CRLF, LF line terminators
Size:   24588
Md5:    913f98b38361cd819c65c10cb71ecfd0
Sha1:   4778564783e7fd9950135769ed68cd75e4f6077d
Sha256: 0e9a108740250c6afce12ebc2662d715b0fc41ca30c2e67462b5e3adf5733fb4
                                        
                                            GET /100980.js HTTP/1.1 
Host: scripts.iconnode.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.usbfund.com/

                                         
                                         54.230.111.124
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: CloudFront
Date: Tue, 04 Oct 2022 05:43:14 GMT
Content-Length: 167
Connection: keep-alive
Location: https://scripts.iconnode.com/100980.js
X-Cache: Redirect from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: oaw79GoF_XCCnAXGbrBqeTMxXCjnsakAngN5FOs88grAGuu5o6ceoQ==


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   167
Md5:    f5d40b7259645010f9a248858ad14178
Sha1:   b3051d17a6ec8c9e166bf09a62b48261ab86957b
Sha256: 7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
                                        
                                            GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1 
Host: widget.trustpilot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.usbfund.com/

                                         
                                         143.204.55.80
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: CloudFront
Date: Tue, 04 Oct 2022 05:43:14 GMT
Content-Length: 167
Connection: keep-alive
Location: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
X-Cache: Redirect from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6nuG6RiGR-LFJvJRPIo55wgQ4ojDKphjdGX4BaU-Oj10EA5cHK1CcA==


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   167
Md5:    f5d40b7259645010f9a248858ad14178
Sha1:   b3051d17a6ec8c9e166bf09a62b48261ab86957b
Sha256: 7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
                                        
                                            GET /jquery-migrate-1.2.1.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 04 Oct 2022 05:43:14 GMT
content-encoding: gzip
content-length: 5783
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-40ed"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664862194.dop222.sk1.t,1664862194.cds252.sk1.hn,1664862194.cds216.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   5783
Md5:    ab50f392b13415af57f9720f4d24e981
Sha1:   8bee0d6d15bc0bf62197f6a33493df7494bf42c2
Sha256: 3c7ae468bcd5eefaf92cfac278a5a998f871e0aaa190f87b0f56fd79f93d00b7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 05:43:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 05:43:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 05:43:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 05:43:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5665
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 05:43:14 GMT
Last-Modified: Tue, 04 Oct 2022 04:08:49 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /ajax/libs/jquery/2.1.4/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.42
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29725
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 02 Oct 2022 22:46:19 GMT
expires: Mon, 02 Oct 2023 22:46:19 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 111415
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32025)
Size:   29725
Md5:    83b3b5729cdff3976db52c51831e96b8
Sha1:   d23dc823e37f58e5366340be755730f3fa9a850d
Sha256: 675fa88b39008a09994460a93b310a7d4593735009a9b24b6f176c347ad12421
                                        
                                            GET /ajax/libs/jquery.isotope/2.2.2/isotope.pkgd.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 04 Oct 2022 05:43:14 GMT
content-length: 9848
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-9f8f"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 525910
expires: Sun, 24 Sep 2023 05:43:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h27LBI2WyDZh1VgXdPDqGkeVEBwyM6WimU5wKabjbkXqq8oQBK3cGfJrF7cNDMLtWW1ZW7grt8ncNXFs8s5KtboE5nQgOl6s5QY2MIqLIyI92c6USBSz5A1ivF43d%2ByT0iCnZXBm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 754b9949ebebb4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32031)
Size:   9848
Md5:    09a6e971ba878fc57f74c9d02bb1b325
Sha1:   f22686b1be7aea58b35cbb5ee8bf19b45ca8ee35
Sha256: bb48c49e6fe5580c21d0f86f49bd7206f029990c3d06648f4ca9f1c976afc270
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 05:43:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1 
Host: widget.trustpilot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.80
HTTP/2 200 OK
content-type: application/x-javascript
                                        
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Tue, 04 Oct 2022 05:35:19 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vJTNdsolJ3pFmmejdrJfNee6eZrVwCDEBHWGmhk7qGXBwGdrcRryAQ==
age: 476
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Size:   6124
Md5:    5add60196e5f96a414fb4b9586764e5d
Sha1:   633f471b3c2fcedeef9cad90cb5bf56f5fe55588
Sha256: 5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
                                        
                                            GET /A870624-b043-4b58-adb6-a8c4d22ccc5b1.js HTTP/1.1 
Host: d.impactradius-event.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.usbfund.com/

                                         
                                         35.186.249.72
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
X-GUploader-UploadID: ADPycdvEtq2JvJSp6WMDb74xgJghn-zZrCtr9lzfVUM6XfwaQeePd5tWuSfglzmlFN4sXzdYyPkCnSbvZ8qNwmz0NORrURk5NUK4
Date: Tue, 04 Oct 2022 05:43:14 GMT
Cache-Control: public,max-age=900,s-maxage=300
Expires: Tue, 04 Oct 2022 05:48:14 GMT
Last-Modified: Tue, 18 Feb 2020 03:47:29 GMT
ETag: "833e9c2431f16a9e4e590d8c18a01169"
x-goog-generation: 1581997649126919
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 12876
Content-Encoding: gzip
x-goog-hash: crc32c=PZt+Nw==, md5=gz6cJDHxap5OWQ2MGKARaQ==
x-goog-storage-class: MULTI_REGIONAL
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 12876
Server: UploadServer


--- Additional Info ---
Magic:  C source, ASCII text, with very long lines (40914), with no line terminators
Size:   12876
Md5:    833e9c2431f16a9e4e590d8c18a01169
Sha1:   d932b0dc73f5dbe2f30c5991fbc95d598a7d6855
Sha256: ba6dea3209c3bf545ed7db2f134ab8d241599d778988697a345124a4aa8d491a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 05:43:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 05:43:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtag/js?id=UA-210860007-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 04 Oct 2022 05:43:14 GMT
expires: Tue, 04 Oct 2022 05:43:14 GMT
cache-control: private, max-age=900
last-modified: Tue, 04 Oct 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42378
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2039)
Size:   42378
Md5:    26b3fc81d7c8ace825f230348439e2ee
Sha1:   72f65c608d8e5a7e087bb39c15464580da1df6b9
Sha256: d7206d945bda2db3f1a2ca722ae3cc70c6d29b44d3ee179997cc9c8e393d47bc
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 05:43:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtm.js?id=GTM-NW5DZCL HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 04 Oct 2022 05:43:14 GMT
expires: Tue, 04 Oct 2022 05:43:14 GMT
cache-control: private, max-age=900
last-modified: Tue, 04 Oct 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 53685
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7865)
Size:   53685
Md5:    aa8ff02d156aa738d78a150f820f19d5
Sha1:   fa99bdf12aec10eeea00b77500eb256ef4884362
Sha256: 09d644bfd49dc3c11c04a3043f323b54877e0edeac68bcf7276836a73b072bd4
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.88
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 05:43:14 GMT
Last-Modified: Tue, 04 Oct 2022 04:41:01 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: v6NOXRx9DprWRC1NxIVUboU_rN7c1v8RjRymZC6dyfnBCfd2rJARxg==
Age: 3733

                                        
                                            GET /5627136.js HTTP/1.1 
Host: js.hs-scripts.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.usbfund.com/

                                         
                                         104.17.210.204
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=utf-8
                                        
Date: Tue, 04 Oct 2022 05:43:14 GMT
Content-Length: 530
Connection: keep-alive
X-Trace: 2B23100F4CC3C9EF95F2F86C9FF7A00C2927D326BA000000000000000000
Cache-Control: public, max-age=60
Vary: origin, Accept-Encoding
X-HubSpot-Correlation-Id: 477857a5-70b6-4fdd-9127-e9aad48e6878
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: http://www.usbfund.com
Last-Modified: Tue, 04 Oct 2022 05:43:14 GMT
CF-Cache-Status: MISS
Expires: Tue, 04 Oct 2022 05:44:14 GMT
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 754b99492c45b4f1-OSL


--- Additional Info ---
Magic:  ASCII text, with very long lines (492)
Size:   530
Md5:    9ad8329275cf5efa5de0e5384cebb3d1
Sha1:   3bc19288b0547115e0b66720d8d7efe63952f110
Sha256: c66cd312c8b608811485cfbe49bf0dd56aed6a9199d51a479e53215c330e25fa
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 05:43:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.88
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 05:43:14 GMT
Last-Modified: Tue, 04 Oct 2022 04:56:32 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HUYu7i20gXNU5YvK0j4XCs-xeGOufLZ5GNGlQa83ru9eqy5fBX_L1g==
Age: 2802

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4KFgl9CjvFnOVV3gJpaGqA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.189.157.130
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CyzeqJQIsfTYlkPkIrRy7fPO5zo=

                                        
                                            GET /1y0o6qdBqYHr.js HTTP/1.1 
Host: assets.anytrack.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.122
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
content-length: 103
access-control-allow-origin: *
date: Tue, 04 Oct 2022 05:43:14 GMT
cache-control: public, max-age=600
etag: W/"67-d1P+A0oIQ3cJVPaXn2gw/5qC+Yc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: D9FcgAFt1MxHYiXBH9dEOBkqDATSjKUEdlibpURpgGTuexRj4BD0WA==
age: 302
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   103
Md5:    69b5271584dd67a9e6ae79216fe30110
Sha1:   7753fe034a0843770954f6979f6830ff9a82f987
Sha256: b55a87e172f834369dfb6a2176712509026e5b3de676343ccdc64410245081d9
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A93E0D9EA7EC5F6A81755153EE1D3D6BEBF736EF533B621D3CC899DA5F2DF39C"
Last-Modified: Sun, 02 Oct 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 04 Oct 2022 11:43:14 GMT
Date: Tue, 04 Oct 2022 05:43:14 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A93E0D9EA7EC5F6A81755153EE1D3D6BEBF736EF533B621D3CC899DA5F2DF39C"
Last-Modified: Sun, 02 Oct 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21557
Expires: Tue, 04 Oct 2022 11:42:31 GMT
Date: Tue, 04 Oct 2022 05:43:14 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5D03E84DFEDDE1BC836202A7EA934791F2783DA178177D24AE5BF0C2728937ED"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 04 Oct 2022 11:43:14 GMT
Date: Tue, 04 Oct 2022 05:43:14 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A93E0D9EA7EC5F6A81755153EE1D3D6BEBF736EF533B621D3CC899DA5F2DF39C"
Last-Modified: Sun, 02 Oct 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21585
Expires: Tue, 04 Oct 2022 11:42:59 GMT
Date: Tue, 04 Oct 2022 05:43:14 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A93E0D9EA7EC5F6A81755153EE1D3D6BEBF736EF533B621D3CC899DA5F2DF39C"
Last-Modified: Sun, 02 Oct 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21538
Expires: Tue, 04 Oct 2022 11:42:12 GMT
Date: Tue, 04 Oct 2022 05:43:14 GMT
Connection: keep-alive

                                        
                                            GET /client/ss.js?ver=1.1.1 HTTP/1.1 
Host: koi-3qnetrwct6.marketingautomation.services
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.usbfund.com/

                                         
                                         130.211.21.179
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: openresty
Date: Tue, 04 Oct 2022 05:43:14 GMT
Last-Modified: Tue, 27 Sep 2022 14:24:23 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
ETag: W/"63330797-2fc8"
Expires: Tue, 11 Oct 2022 05:43:14 GMT
Cache-Control: max-age=604800, public
Content-Encoding: gzip
Via: 1.1 google


--- Additional Info ---
Magic:  ASCII text, with very long lines (12232), with no line terminators
Size:   4976
Md5:    6e78f6bf52bb5e54f8f46ca735f69bff
Sha1:   60930ffcdc3803038d38a1d80349719ee586a6ef
Sha256: 645bf1afba1ef352d3b47b1b312da88171be66a9a4cc8fe463e79767dc11f126
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 05:43:14 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 08 Oct 2022 02:58:14 GMT
ETag: "2859016a67c641ea99e29533145edf43767e4f87"
Last-Modified: Tue, 04 Oct 2022 02:58:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 375
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754b994d6f2c0b69-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    26f4b0183f04d5fe41b0d01bce1f1807
Sha1:   2859016a67c641ea99e29533145edf43767e4f87
Sha256: 10868976ecf05950c5a909fd6c5bdb3a5d1d43f29f86b86fdbb1c27cdc6a901b
                                        
                                            GET /100980.js HTTP/1.1 
Host: scripts.iconnode.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.124
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 7683
last-modified: Mon, 26 Sep 2022 18:10:24 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:43:15 GMT
cache-control: max-age=0
etag: "05a6d57113e7870d8851ed0faf8ca12f"
x-cache: RefreshHit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: i7L0M_fVhewIuZk0fL6be8as0NAFkxXs3N8gi5MsYraKgJWRbmLcQg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (46582), with no line terminators
Size:   7683
Md5:    05a6d57113e7870d8851ed0faf8ca12f
Sha1:   315c52641f469ec7e571648d5333982579cb6da3
Sha256: 0f4d04e15b0a5cb9f2e59f3cc9a7b36d522db0e7712454d1f962e77723348eb3
                                        
                                            GET /wp-content/themes/usb/css/grid.css HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sat, 28 Sep 2019 00:35:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 10146
date: Tue, 04 Oct 2022 05:43:14 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  assembler source, ASCII text, with very long lines (3536), with CRLF line terminators
Size:   10146
Md5:    8ca3e3908b8e627dd53a2bde9ab330b4
Sha1:   dfc94081f2e0acfbc95cb633810897271692e5db
Sha256: 5a17844298059c3adb2103842f6893bf6a798221afa1c7a3217c610fc4aebeec
                                        
                                            GET /wp-content/plugins/AffiliateWP-master/assets/js/tracking.min.js?ver=2.1.6.1 HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sat, 28 Sep 2019 00:24:33 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1315
date: Tue, 04 Oct 2022 05:43:14 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2972), with no line terminators
Size:   1315
Md5:    da0e82022a32e0c42e125fe915cf9955
Sha1:   1c583a11b9e444a26cfd1443d3dade9c6f9e996a
Sha256: e205081b6febab912d75f2aa70bc3ae2af58bb7d2b1e44927f17cb7631374ff0

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 11 Oct 2021 18:27:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 4618
date: Tue, 04 Oct 2022 05:43:14 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   4618
Md5:    acdb97105af28a7066790c6748ae2e1e
Sha1:   65794d2c5a9d04f747faf370bc8bacd330e69e5a
Sha256: dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
                                        
                                            GET /wp-content/themes/usb/js/site.js HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sat, 28 Sep 2019 00:35:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 4830
date: Tue, 04 Oct 2022 05:43:14 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   4830
Md5:    ba21d11b60199ed26dfb2a2d8352065a
Sha1:   3e78915e922b60ca87f5860c67b99861de96830c
Sha256: c000c3cc081106de80fb4995e40b363752494290c9090e0980a5b4a4cfc37c49

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/AffiliateWP-master/assets/js/jquery.cookie.min.js?ver=1.4.0 HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sat, 28 Sep 2019 00:24:32 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 758
date: Tue, 04 Oct 2022 05:43:14 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1667), with no line terminators
Size:   758
Md5:    94c6b3b214659c68b42fb0c428cac279
Sha1:   eb3a852e1bcf8a32ac304dc89995ffdeaf623033
Sha256: 8cdab12fffba1162b02761c8e7631003efebf03e3af5ca9072023ffda52353ad

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/usb/js/accounting.min.js HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sat, 28 Sep 2019 00:35:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1345
date: Tue, 04 Oct 2022 05:43:14 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3019)
Size:   1345
Md5:    05f645a76aff3fc02e18295a07c54e09
Sha1:   509581a5e2e4760e2163d704d21b2604329b514e
Sha256: c7834a5ef896adfc8b40eb2a1db07bd867fe84da57ad234bfa487cfbc610a16a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.usbfund.com/blog/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=how-to-write-a-business-plan-to-get-approved-for-a-loan
Cookie: _gcl_au=1.1.242962579.1664862194; _ga_YYEX7W0G95=GS1.1.1664862194.1.0.1664862194.0.0.0; _ga=GA1.1.1671131896.1664862194; __ss=1664862194284; __ss_referrer=http%3A//www.usbfund.com/blog/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dhow-to-write-a-business-plan-to-get-approved-for-a-loan

                                         
                                         50.87.170.174
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 04 Oct 2022 05:43:14 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 17 Aug 2022 11:46:13 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 5321
Keep-Alive: timeout=5, max=75


--- Additional Info ---
Magic:  ASCII text, with very long lines (15660)
Size:   5321
Md5:    710f8b142ea44c0682dc2c30f318f065
Sha1:   49144e9b3a76d3d383b1d4359cf7a25e947f4233
Sha256: 708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 05:43:15 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 08 Oct 2022 02:58:14 GMT
ETag: "2859016a67c641ea99e29533145edf43767e4f87"
Last-Modified: Tue, 04 Oct 2022 02:58:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 376
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754b994f58100b69-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    26f4b0183f04d5fe41b0d01bce1f1807
Sha1:   2859016a67c641ea99e29533145edf43767e4f87
Sha256: 10868976ecf05950c5a909fd6c5bdb3a5d1d43f29f86b86fdbb1c27cdc6a901b
                                        
                                            GET /wp-content/themes/usb/images/logo_text.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:36:10 GMT
accept-ranges: bytes
content-length: 6307
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Tue, 04 Oct 2022 05:43:14 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 250 x 52, 8-bit/color RGBA, non-interlaced\012- data
Size:   6307
Md5:    198c7fed73cadb12c23066fcad4e33e8
Sha1:   1f2616bb88b86ec79f3ce8cbbf74b3392c0b46bc
Sha256: 0053eb54a0f54484a915313939d858e1844208d2d0c4b410ce30e25d9cbc09ba
                                        
                                            GET /wp-content/plugins/wp-pagenavi/pagenavi-css.css HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Mon, 11 Oct 2021 18:28:51 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 239
date: Tue, 04 Oct 2022 05:43:14 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   239
Md5:    21fec527969cbcfec759744ce51f94c0
Sha1:   827130fb99b0005a5206028abfe82e93610184f2
Sha256: fe2a280a5ffe9f5d3b1bf125035d478e46bae689a2f0cde07d48bef1ba7c74b1
                                        
                                            GET /wp-content/plugins/AffiliateWP-master/assets/css/forms.min.css HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sat, 28 Sep 2019 00:24:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1141
date: Tue, 04 Oct 2022 05:43:14 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3296), with no line terminators
Size:   1141
Md5:    e4f0e46d63eb641d8cfe1579ff0217cb
Sha1:   37e2ef45ef74f0a3b869d447b4d9e22d0b424945
Sha256: 6b7e532056e7c449a8e080eb2967563fdb20ce9cfdcb95216205a769b65033c4
                                        
                                            GET /wp-content/themes/usb/images/logo_icon.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:36:10 GMT
accept-ranges: bytes
content-length: 2165
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Tue, 04 Oct 2022 05:43:14 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 53 x 52, 8-bit/color RGBA, non-interlaced\012- data
Size:   2165
Md5:    50946e7f85431c547526705a530f893f
Sha1:   573eff13df4dc4f2e6e0e1db1a9339d79e22ce3c
Sha256: 05bc3e4202452433d51079e0d6e348cb850ea55330da7786c1d5c7290d13400a
                                        
                                            POST /g/collect?v=2&tid=G-YYEX7W0G95&gtm=2oe9s0&_p=1848540400&cid=1671131896.1664862194&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664862194&sct=1&seg=0&dl=http%3A%2F%2Fwww.usbfund.com%2Fblog%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dhow-to-write-a-business-plan-to-get-approved-for-a-loan&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debud_mode=false HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.usbfund.com
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         216.239.32.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: http://www.usbfund.com
date: Tue, 04 Oct 2022 05:43:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /wp-content/uploads/featured-logo-02.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.usbfund.com/blog/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=how-to-write-a-business-plan-to-get-approved-for-a-loan

                                         
                                         50.87.170.174
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 05:43:15 GMT
Server: Apache
Last-Modified: Sat, 28 Sep 2019 00:13:58 GMT
Accept-Ranges: bytes
Content-Length: 5795
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 93 x 75, 8-bit/color RGBA, non-interlaced\012- data
Size:   5795
Md5:    d2bfb41e522705be8e4a48895b996bca
Sha1:   df2507b75f1c0362bd168ea7ecf829f11469a926
Sha256: 968570479e59e9ff339d5c1d25e4c15011f8cb5ad243776b8cf62f51d28b0903
                                        
                                            GET /wp-content/uploads/Can-You-Get-A-Business-Loan-With-No-Credit-Check-679x382.jpg HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Mon, 06 Jun 2022 09:37:13 GMT
accept-ranges: bytes
content-length: 19358
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Tue, 04 Oct 2022 05:43:14 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 679x382, components 3\012- data
Size:   19358
Md5:    fb3ca2486cd2c7deaeddb60081d18bce
Sha1:   6c5158a041db3024718dbb42b2729d21f0f39a46
Sha256: 2a04e81d85b6cfbbaca9de6010ea4d2fc22669656e2e65e7d39cae6111c0e572
                                        
                                            GET /wp-content/uploads/featured-logo-03.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.usbfund.com/blog/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=how-to-write-a-business-plan-to-get-approved-for-a-loan

                                         
                                         50.87.170.174
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 05:43:15 GMT
Server: Apache
Last-Modified: Sat, 28 Sep 2019 00:15:13 GMT
Accept-Ranges: bytes
Content-Length: 3840
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 83 x 75, 8-bit/color RGBA, non-interlaced\012- data
Size:   3840
Md5:    ea461093328a47d28ed34df6be0ad850
Sha1:   5fad4dd9e9daea5b1cac739624cbd673c20fe7c2
Sha256: 37ea654d17c80dfb22d0ad091907b6d4009c76c4671728321fd51376a8df7cce
                                        
                                            GET /wp-content/uploads/What-is-Working-Capital-Turnover--679x382.jpg HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Thu, 14 Jul 2022 04:23:31 GMT
accept-ranges: bytes
content-length: 22187
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Tue, 04 Oct 2022 05:43:14 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 679x382, components 3\012- data
Size:   22187
Md5:    9026a8a2558f0ee3c46d10c2e0210ef3
Sha1:   05e394cc4fe7067c51203fbacb1c6e402d6caa7b
Sha256: 6f3d93ef79e30cbbd354f9de11740a2e21868b2fe6630331f5e10a8fd25c24ac
                                        
                                            GET /wp-content/uploads/Understand-The-5-Cs-Of-Credit-Before-Applying-For-A-Loan-679x382.jpg HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Fri, 08 Jul 2022 06:00:37 GMT
accept-ranges: bytes
content-length: 24337
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Tue, 04 Oct 2022 05:43:14 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 679x382, components 3\012- data
Size:   24337
Md5:    1f92783104d5025887bc8d79cf5d2c7d
Sha1:   ba646d9764be981b145fcb0ceff3c6fa5c7508dd
Sha256: c58eb683482c85a05cf0af35113d7cfb2cf534fc352fa41946ac2d283a98afa8
                                        
                                            GET /wp-content/uploads/Complete-Guide-On-Working-Capital-Management-679x382.jpg HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Mon, 13 Jun 2022 05:31:00 GMT
accept-ranges: bytes
content-length: 24243
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Tue, 04 Oct 2022 05:43:14 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 679x382, components 3\012- data
Size:   24243
Md5:    be6d8bbad348769e3e51e9bb9c973cbb
Sha1:   13b83f3a72caf202675e2605cdcce5d56788c9d5
Sha256: 9d4c2e0ff0418371c39d41a7557c346c4a64fdb40e385e9a355871b9bbcf5577
                                        
                                            GET /wp-content/uploads/How-to-Write-a-Business-Plan-for-a-Loan-679x382.jpg HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Wed, 06 Jul 2022 08:03:16 GMT
accept-ranges: bytes
content-length: 24605
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Tue, 04 Oct 2022 05:43:14 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 679x382, components 3\012- data
Size:   24605
Md5:    2a83809bb717e17469b9e3ce5a7554a6
Sha1:   d8696ff751095c373795f6dc0fea14aa591a507a
Sha256: c563e96e2c97a8a22e1fc99f27f0925bcceb9136218c2098091869f72078cce1
                                        
                                            GET /wp-content/uploads/Documents-you-need-to-apply-for-a-small-business-loan--679x382.jpg HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Mon, 11 Jul 2022 06:09:16 GMT
accept-ranges: bytes
content-length: 24833
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Tue, 04 Oct 2022 05:43:14 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 679x382, components 3\012- data
Size:   24833
Md5:    976133a8a65fbc0b0d0d282350ade43f
Sha1:   4c407f0c2a2d6c71d9b709377a286daa596410dc
Sha256: b57952e1911dfcb7de4f2de85e84150d03a3130c77818dcb48b56028197b6818
                                        
                                            GET /?display_custom_css=css&ver=6.0.2 HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: text/css;charset=UTF-8
                                        
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 541
date: Tue, 04 Oct 2022 05:43:14 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   541
Md5:    0e67503cdf8a23b7d3aaff6f35c76b72
Sha1:   63edc0c8bf04ceec8dc3c8c44bd129b89adeb61a
Sha256: d765ab66c61ec9c967f9f2e4b649326eb28a6f8dfb0fe064b4ed1cf9af1f18b6
                                        
                                            GET /wp-content/uploads/How-To-Calculate-The-Cost-Of-Debt-679x382.jpg HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Wed, 15 Jun 2022 05:16:08 GMT
accept-ranges: bytes
content-length: 38715
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Tue, 04 Oct 2022 05:43:14 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 679x382, components 3\012- data
Size:   38715
Md5:    ef821f467dcd892644cdc4b84d739ab0
Sha1:   22fa8113338f9fda46495d4cff1d5b2ebd7a3db9
Sha256: 62644a72c682aaff98f95bf9be8bcf1b45fa48d422a78804b98b9f72dbfc4f2c
                                        
                                            GET /shield/usbfund.com HTTP/1.1 
Host: shield.sitelock.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.usbfund.com/

                                         
                                         45.60.14.54
HTTP/1.1 200 OK
Content-Type: image/png; charset=ISO-8859-1
                                        
Content-Length: 10514
Date: Tue, 04 Oct 2022 05:42:37 GMT
Server: lighttpd
Set-Cookie: nlbi_275317=qnmJdU2j8XLgNu5jmBeFbAAAAADBg8Gs7lvs062U3CgVCHgM; path=/; Domain=.sitelock.com visid_incap_275317=2agY/8mIRMqWg5o2iUnxv/LHO2MAAAAAQUIPAAAAAAASyzdc4meDxk8dxKDWo2ky; expires=Tue, 03 Oct 2023 23:26:17 GMT; HttpOnly; path=/; Domain=.sitelock.com incap_ses_7235_275317=HAZobguO+VuG0P1DpuJnZPPHO2MAAAAAbBkGnAgRyTVGQ3wrxyf9xA==; path=/; Domain=.sitelock.com ___utmvmFZVuykvY=mwnjQygxuwf; path=/; Max-Age=900 ___utmvaFZVuykvY=QaNbsuB; path=/; Max-Age=900 ___utmvbFZVuykvY=zZN XuuOzalM: vtU; path=/; Max-Age=900
X-CDN: Imperva
X-Iinfo: 14-122394144-122313794 2NNN RT(1664862194869 0) q(0 0 0 0) r(3 3) U18


--- Additional Info ---
Magic:  PNG image data, 117 x 67, 8-bit/color RGBA, non-interlaced\012- data
Size:   10514
Md5:    b6ddaa1d620687c0a77991f805b2debb
Sha1:   5d627c10e3bc6080a28a725b87b735b9e22586a5
Sha256: d1e252f9845bde386c7c251503ca765700d95e0027d780a4e709aefebf3379bd
                                        
                                            GET /wp-content/uploads/10-Different-Types-of-Business-Loans-679x382.jpg HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Fri, 03 Jun 2022 05:11:25 GMT
accept-ranges: bytes
content-length: 44293
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Tue, 04 Oct 2022 05:43:14 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 679x382, components 3\012- data
Size:   44293
Md5:    e3bb96e544b1d2c3b84785145b9a6131
Sha1:   3fd545af585d9bbd81d76b2f7400edf5e8098ce7
Sha256: f2be74516597138526b147ebd5adef2b135c2e4b14bf4c49d5f7b5ea5b6643d4
                                        
                                            GET /wp-content/uploads/What-Credit-Score-is-Needed-for-Small-Business-Loans-573x382.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Tue, 24 May 2022 07:43:54 GMT
accept-ranges: bytes
content-length: 69202
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Tue, 04 Oct 2022 05:43:14 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 573 x 382, 8-bit colormap, non-interlaced\012- data
Size:   69202
Md5:    f30bddcabb92c95f28b41de4a58b68ae
Sha1:   65297e77ef12ed0eff7bbbc0334ae165304fe44f
Sha256: 4ea67b77707556ff8e8ceea2f3d2c4b5392fb1603d1fbec8ccd426d5ec7d3df3
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 05:43:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 11 Oct 2021 18:27:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Tue, 04 Oct 2022 05:43:14 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   39537
Md5:    55fa3dd807d7075dfe86fd0b2e4204d5
Sha1:   90eb3bf8b926213f41ac14da35996d758ca9160f
Sha256: ad0429a1aeba92a145d995527bb224b662b810f7183ffafb59d5ce6d59c5262b

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/accredited-business-usbfunding.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.usbfund.com/blog/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=how-to-write-a-business-plan-to-get-approved-for-a-loan

                                         
                                         50.87.170.174
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 05:43:15 GMT
Server: Apache
Last-Modified: Sat, 28 Sep 2019 00:15:06 GMT
Accept-Ranges: bytes
Content-Length: 2244
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 180 x 75, 8-bit colormap, non-interlaced\012- data
Size:   2244
Md5:    3befe9c6fb5e6602893570b99d3920aa
Sha1:   1e7c1d352448864975a23135097e59593ae71456
Sha256: d59962c29e3487892da60ef799f75523576b6f006d54fc3dd43bb6993588f1dc
                                        
                                            GET /wp-content/uploads/featured-logo-06.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.usbfund.com/blog/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=how-to-write-a-business-plan-to-get-approved-for-a-loan

                                         
                                         50.87.170.174
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 05:43:15 GMT
Server: Apache
Last-Modified: Sat, 28 Sep 2019 00:14:38 GMT
Accept-Ranges: bytes
Content-Length: 2693
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 175 x 75, 8-bit/color RGBA, non-interlaced\012- data
Size:   2693
Md5:    b7b5570d5d29fd453a5e65063849fcb1
Sha1:   b07b87612c74febb32961e10ed154dc2efdf19cb
Sha256: 886d709e142c957b0d93269a57fccc13800907c8ab90acc1f18c8bec259d3992
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 05:43:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/uploads/norton-secured.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.usbfund.com/blog/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=how-to-write-a-business-plan-to-get-approved-for-a-loan

                                         
                                         50.87.170.174
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 05:43:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 28 Sep 2019 00:14:45 GMT
Accept-Ranges: bytes
Content-Length: 3017
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=75


--- Additional Info ---
Magic:  PNG image data, 180 x 75, 8-bit colormap, non-interlaced\012- data
Size:   3017
Md5:    7d05b62893199c911ab6f798ec8127d2
Sha1:   e7dc7368c55a2fbccb17a82c1a25de39cea2907d
Sha256: 0b691c8e6d1b07ce3e066744ccfbf643d61f013ce51503b0a3ceb7a356562ed6
                                        
                                            GET /wp-content/uploads/featured-logo-04.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.usbfund.com/blog/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=how-to-write-a-business-plan-to-get-approved-for-a-loan

                                         
                                         50.87.170.174
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 05:43:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 28 Sep 2019 00:15:18 GMT
Accept-Ranges: bytes
Content-Length: 5757
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=75


--- Additional Info ---
Magic:  PNG image data, 123 x 75, 8-bit/color RGBA, non-interlaced\012- data
Size:   5757
Md5:    e94a0244f1a51d7565de08744375bd07
Sha1:   dde753e74a85c5f094dda6661ada486fdae50422
Sha256: 47bff975ef1626c064613532b237bd114911cdc835effdccb0d124c1432c17b2
                                        
                                            GET /wp-content/uploads/us-business-funding-logo-small.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.usbfund.com/blog/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=how-to-write-a-business-plan-to-get-approved-for-a-loan

                                         
                                         50.87.170.174
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 05:43:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 28 Sep 2019 00:14:51 GMT
Accept-Ranges: bytes
Content-Length: 2020
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=75


--- Additional Info ---
Magic:  PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size:   2020
Md5:    a5a71307aefd12c55fd16f36356f9a83
Sha1:   679b01f07d71f673b74fde71a5a0a9da8a8e486d
Sha256: a2e02fabad9f481343e4e8050843b371e239956a637488eb7d2a9deff98245de
                                        
                                            GET /wp-content/uploads/featured-logo-01.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.usbfund.com/blog/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=how-to-write-a-business-plan-to-get-approved-for-a-loan

                                         
                                         50.87.170.174
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 05:43:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 28 Sep 2019 00:14:38 GMT
Accept-Ranges: bytes
Content-Length: 3311
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=75


--- Additional Info ---
Magic:  PNG image data, 164 x 75, 8-bit/color RGBA, non-interlaced\012- data
Size:   3311
Md5:    30427e02eea1cec61004e2fdb293e4d2
Sha1:   d3ba51be6c31147f379670d59cab54ec01b3b448
Sha256: 32161c4a44a1dcdddeeb852e2b6eea070839630ac3a719ac79a503cfd4d3892d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 05:43:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 05:43:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:21 GMT
expires: Thu, 28 Sep 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 468534
last-modified: Wed, 11 May 2022 19:24:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size:   15740
Md5:    b9c29351c46f3e8c8631c4002457f48a
Sha1:   e57e59c5780995ff2937ab2b511a769212974a87
Sha256: f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
                                        
                                            GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 22:59:07 GMT
expires: Wed, 27 Sep 2023 22:59:07 GMT
cache-control: public, max-age=31536000
age: 542648
last-modified: Tue, 19 Apr 2022 18:53:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15528, version 1.0\012- data
Size:   15528
Md5:    595fe3fc0b85f3cc9ef5aed2d519abc5
Sha1:   96e76de44987e9dec2f97f1e5eb7a18c738daf5d
Sha256: 747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:40:23 GMT
expires: Thu, 28 Sep 2023 19:40:23 GMT
cache-control: public, max-age=31536000
age: 468172
last-modified: Wed, 11 May 2022 19:24:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Size:   15752
Md5:    b20371a6daf29d4a1f2e85dbbf40fb20
Sha1:   0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
Sha256: 7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 02 Oct 2022 01:31:40 GMT
expires: Mon, 02 Oct 2023 01:31:40 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
age: 187895
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size:   15920
Md5:    3a44e06eb954b96aa043227f3534189d
Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d
Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 468547
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /js/eventing.js HTTP/1.1 
Host: sendlane.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.167.6
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Tue, 04 Oct 2022 05:43:14 GMT
cache-control: public, max-age=60
cf-bgj: minify
etag: W/"711-5900675a88b6e-gzip"
expires: Tue, 04 Oct 2022 05:44:14 GMT
last-modified: Tue, 13 Aug 2019 21:38:21 GMT
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754b9949f838b521-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1809), with no line terminators
Size:   16467
Md5:    e6d107f4900c438d141e2e41b635188e
Sha1:   dbcf0749db4eefdd4c97e624605d311c2c4b0b0c
Sha256: d1fb51a5ff9eb3ca7b995800f9b52be18d83b28b2a53f24f23130ce099ea3085
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 468547
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /wp-content/uploads/bg-section-header.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:14:58 GMT
accept-ranges: bytes
content-length: 22531
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Tue, 04 Oct 2022 05:43:15 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1920 x 149, 8-bit colormap, non-interlaced\012- data
Size:   22531
Md5:    65b13235e26653c77b0ed328dfdb8dc2
Sha1:   2dcc21d12b909058345b01f087062f6b59f4f05c
Sha256: acba6ce2f083bf3e78176be5f1c68dfbeb67e609472b4f8c034ba8676d0995b2
                                        
                                            GET /wp-content/uploads/icon-arrow-down-white.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:15:12 GMT
accept-ranges: bytes
content-length: 172
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Tue, 04 Oct 2022 05:43:15 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 14 x 14, 8-bit gray+alpha, non-interlaced\012- data
Size:   172
Md5:    26d3bceaf73fad28fb322b6646860f78
Sha1:   1b70241f618df47a01729534d376a57c57bd8c07
Sha256: 0077bc52b60eb51d8785f3aa812a2cdcce59acd3a0b70a801b82c563787e1a7c
                                        
                                            POST /google-ads/ HTTP/1.1 
Host: process.iconnode.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Origin: http://www.usbfund.com
Connection: keep-alive
Referer: http://www.usbfund.com/
Content-Length: 0

                                         
                                         76.223.116.242
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 04 Oct 2022 05:43:15 GMT
Content-Length: 0
Connection: keep-alive
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30
Upgrade: h2,h2c
X-Powered-By: PHP/7.4.30
Access-Control-Allow-Origin: http://www.usbfund.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400

                                        
                                            GET /wp-content/uploads/icon-arrow-down-black.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:15:09 GMT
accept-ranges: bytes
content-length: 195
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Tue, 04 Oct 2022 05:43:15 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 14 x 14, 8-bit/color RGBA, non-interlaced\012- data
Size:   195
Md5:    f984736b4b9dfe03bb8831a718c6a238
Sha1:   d95304fa5fed6fdf9020c21ece2b7e35aec4808c
Sha256: 4944824b4a23581a4660857551680fffd806f6fa42e3d9414fb1529ba78651b9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 05:43:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/uploads/featured-logo-05.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.usbfund.com/blog/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=how-to-write-a-business-plan-to-get-approved-for-a-loan

                                         
                                         50.87.170.174
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 05:43:15 GMT
Server: Apache
Last-Modified: Sat, 28 Sep 2019 00:15:03 GMT
Accept-Ranges: bytes
Content-Length: 3721
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 135 x 75, 8-bit/color RGBA, non-interlaced\012- data
Size:   3721
Md5:    646b30b6704a2457b04bb12da4144c97
Sha1:   acadca7b80819db2100f2cf8341acdf47a2eb773
Sha256: b6e64d31c4f5ab917ad1cddfe7fa745e7c4bfc2d5af33cfdaa8130eb14247bc8
                                        
                                            POST /keyword/ HTTP/1.1 
Host: process.iconnode.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 1017
Origin: http://www.usbfund.com
Connection: keep-alive
Referer: http://www.usbfund.com/

                                         
                                         76.223.116.242
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 04 Oct 2022 05:43:15 GMT
Content-Length: 37
Connection: keep-alive
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30
X-Powered-By: PHP/7.4.30
Access-Control-Allow-Origin: http://www.usbfund.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   37
Md5:    04c77605ac74dbe6afefa1ea7610959d
Sha1:   489034618181dafa623bad96ec03fb647318c09d
Sha256: 69c669b88b615dbe84d5cf62aff4f85b275ba49590279ad4eaa699d3de43bff5
                                        
                                            GET /9726461.js HTTP/1.1 
Host: tag.getdrip.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.usbfund.com/

                                         
                                         143.204.55.121
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 8
Connection: keep-alive
Last-Modified: Fri, 20 May 2022 20:08:53 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 04 Oct 2022 05:43:16 GMT
ETag: "de2e1607e500ee465eca3ec4505c0859"
Vary: Accept-Encoding
X-Cache: RefreshHit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zMPO3fxervVSiH75rj5VfcrVqq1aP0iVNGMEID9LTv0lqJrLUpaijw==


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   8
Md5:    de2e1607e500ee465eca3ec4505c0859
Sha1:   cfd432c8178796a4af548a7ed62f09bdf5fbb897
Sha256: 295bdad3ed86f4eeb0249f30e724344ec7be85582094013a85403ecbb77a0047
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1E83A007362AA25CA4A194E1C813646DA514AB272DE462100FE1EDCA49E58FD1"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=576
Expires: Tue, 04 Oct 2022 05:52:51 GMT
Date: Tue, 04 Oct 2022 05:43:15 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10298
Expires: Tue, 04 Oct 2022 08:34:53 GMT
Date: Tue, 04 Oct 2022 05:43:15 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10298
Expires: Tue, 04 Oct 2022 08:34:53 GMT
Date: Tue, 04 Oct 2022 05:43:15 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10298
Expires: Tue, 04 Oct 2022 08:34:53 GMT
Date: Tue, 04 Oct 2022 05:43:15 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10298
Expires: Tue, 04 Oct 2022 08:34:53 GMT
Date: Tue, 04 Oct 2022 05:43:15 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:53 GMT
age: 3622
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4fcdf5f2-fb82-429f-a6f0-8f79d8aa9106.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9455
x-amzn-requestid: c7e1aa21-0afd-4329-a886-ca52e1a30c7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqJXHLUIAMFU1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5708-1905710834041431314b11be;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:41:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: D-2NszpZ31D2YAbZRcPdqN3zZ2ScANt6bokfSbANgnsXBoTF2d__AQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:08:09 GMT
age: 27306
etag: "cf021352d993967e78552b275424ff139e4ef66c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9455
Md5:    50556325e5a38a5dd7802b1391815bcb
Sha1:   cf021352d993967e78552b275424ff139e4ef66c
Sha256: 96fd2e848a45d071e334a8d08c8b89215f80f01f947af6da2efaee72dd16914c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0001afba-471a-49f7-bb38-3d4741a9581b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9708
x-amzn-requestid: 7cfcaf0d-1663-47d7-b08e-be3d0c39e035
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqFjHB5IAMFjYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b56f0-04c5da1940a620507649b822;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V5EjIZq5-ifuD25S3kj8Bl3SbZH10tm6DII-oRZVci4ic7Za7btGFw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:45:44 GMT
age: 25051
etag: "dc7bc4a378c0ddcd81e51046d21ed02b8be11a92"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9708
Md5:    90fead0b9104991552ce689230661d48
Sha1:   dc7bc4a378c0ddcd81e51046d21ed02b8be11a92
Sha256: 94a1a4199f7cb7bc0b48b00aec745e89f2c65dadd905b27879d39347deb44496
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92e2742a-a49a-4d87-a767-7dbb56cff473.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6107
x-amzn-requestid: 6516bfcd-d6a5-4f46-81fa-ef6033e21aa7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqO7GXOoAMF8hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b572c-27fb158e152659380e27c292;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:42:04 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9kLVyQMWmdeqQA58wyOQKBE9yEUxl5DxnG7J8Ozm-xuHD0PW_8SR2g==
via: 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:54:16 GMT
age: 28139
etag: "291232594a2f3170afed3b4814e3a11233d0f05e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6107
Md5:    1f0977129995c466e4710e0ae4304d3e
Sha1:   291232594a2f3170afed3b4814e3a11233d0f05e
Sha256: 80927a148dff4908b799b9f6d167769e68346491092520f5e3638b0f8b5d55a3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tJwzKfs7HnQ7dVcINwnlzxTChXiEi4JPj8jrS8p5KhurRx_o3ZVOZQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:10:59 GMT
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
age: 27136
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11955
Md5:    54b3ef7aa50273b78b59c24511b0c1f9
Sha1:   e2ea2ef6805e391c497e62e101e76a0bdecfce64
Sha256: 296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457
                                        
                                            GET /wp-content/uploads/USBusinessFunding-Home1.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:14:13 GMT
accept-ranges: bytes
content-length: 944072
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Tue, 04 Oct 2022 05:43:15 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1696 x 1131, 8-bit colormap, non-interlaced\012- data
Size:   944072
Md5:    b4b6bd078ef229456fc9d5b22d31ca0e
Sha1:   51cb87382bfb8b0029df296adb021229ad4cf6da
Sha256: 870b85b6771aeb0fc9c84c444ca24919dd6f71e4b34a6bb97003a0a4f34bdfd3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd3966c4-a932-4eb5-a3bf-ca25cde92ccb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5317
x-amzn-requestid: 84ffe752-ae82-4fb6-9b29-9b69a3a3dcdf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHuGEjIAMF8Bw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-3717ba3f22da06bc791b20b6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: RPvILihWx8WSUuIbF2SJ7LFFvmFTqz4jZmMGGhWRbLBosa1mp0o0vg==
via: 1.1 1949caaabae48a894fcd770a3e1384f6.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:54:57 GMT
age: 28098
etag: "4d208807e10e73309811101ef2d26ff33b642585"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5317
Md5:    a0927f94dd9e0cc7272f77972048658c
Sha1:   4d208807e10e73309811101ef2d26ff33b642585
Sha256: 3f184d9ba1588d451dfe5e4dfd84456ce533cbccaf1390ad423e1c6d38c8a35b
                                        
                                            GET /fonts/socicon.woff HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: font/woff
                                        
last-modified: Fri, 27 Sep 2019 21:47:06 GMT
accept-ranges: bytes
content-length: 31444
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Tue, 04 Oct 2022 05:43:15 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 31444, version 1.0\012- data
Size:   31444
Md5:    dcbd1f9c4275862f002f21619e96b8f4
Sha1:   a97cd865925e5102ae7c25aa5dd09112ccf50651
Sha256: a680b776319127695950fd7c490b17cd15120d683bde57845707a2f7dc0f1a74

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /diffuser/diffuser.js HTTP/1.1 
Host: diffuser-cdn.app-us1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.145.91
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 04 Oct 2022 05:43:15 GMT
last-modified: Thu, 21 Oct 2021 17:42:06 GMT
etag: W/"4d482a43613d3966f353ec9d97452e0c"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=300
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 059f85e5e664bc876c915622803d9e28.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: LYgb7O-05A19YisedsHdW7Gqa3Bw46pjlPKvIkZSVBpaULKohYEzzQ==
cf-cache-status: HIT
age: 153
server: cloudflare
cf-ray: 754b9952def4b500-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5418
Md5:    bf31d89306fb7567a76e84b68ab598d7
Sha1:   ba29322bbcd78e16c1792bd084cd3a52d5626bc8
Sha256: 015cbfa2f3e26e3edc60d86aec41d68643133df4bad40b4be9a07f030b8cade6
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3814
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 05:43:15 GMT
Last-Modified: Tue, 04 Oct 2022 04:39:41 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3815
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 05:43:16 GMT
Last-Modified: Tue, 04 Oct 2022 04:39:41 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /track/event?event_id=xWMCUM2gF97YD&uri=http%3A%2F%2Fwww.usbfund.com%2Fblog%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dhow-to-write-a-business-plan-to-get-approved-for-a-loan&cb=8jdfkjw435q84llvkwvg HTTP/1.1 
Host: track.sendlane.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.250.2.183
HTTP/1.1 204 No Content
                                        
Date: Tue, 04 Oct 2022 05:43:15 GMT
Server: Apache
Cache-Control: no-cache, private, max-age=2592000
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 59
Set-Cookie: track_session=eyJpdiI6IkFQVWkyMW0yZDhkVVZzbHc2Z0JDN3c9PSIsInZhbHVlIjoidXJOSFUreU95MFA2MVYyVHFhZjhhUWk5V2pjQ0tVQUJzWWN2M2VRRXA4UzBlSEVNNitRRE1GQ0VqOGhVcUQ5eXJYeUU1WWlvMHRsRWd2dXNMb1hoNmxHRWRFa3NKY0NYSXcxaHppQk5SdTlhbU5ESHllM1ZEWDMrVHZwcWZZOTQiLCJtYWMiOiJmOTU0MTIzMDlmYjdjNTQ4ZDBlN2NiYmViODJmN2NhODA1ZmUwYjhhNjkyMzE3OTllMmYwOTJjNmFlYTIwMGFkIiwidGFnIjoiIn0%3D; expires=Tue, 04-Oct-2022 07:43:16 GMT; Max-Age=7200; path=/; domain=sendlane.com; secure; httponly; samesite=none
Expires: Thu, 03 Nov 2022 05:43:15 GMT
Connection: close

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.88
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 05:43:16 GMT
Last-Modified: Tue, 04 Oct 2022 03:54:12 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: b5MwxQfZJP0vNqCufmAOKSlacE4WXo8QL0k5VaQpi5Zy2XlpxUpqvw==
Age: 6544

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.88
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 05:43:16 GMT
Last-Modified: Tue, 04 Oct 2022 04:22:28 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _bItKX0c4hhZOqZdZ43U8GmcAu1_IPipWfoAkCss9o_73WUAMD-hfA==
Age: 4848

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.88
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 05:43:16 GMT
Last-Modified: Tue, 04 Oct 2022 04:33:19 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yLz_4Ih5QDA-LRTXvdTaP4fKOIHhaRPGJ63Sry0kf1NbLsVnV5B2Dg==
Age: 4197

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.88
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 05:43:16 GMT
Last-Modified: Tue, 04 Oct 2022 04:47:35 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6_AWroW7a3W3HIR8qbCi0qDTUCQ_ATZtUR8-T58Dq1RLpwLwansWrQ==
Age: 3341

                                        
                                            GET /CompanyWidget.aspx?ID=100094667&WidgetType=1 HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         207.137.0.213
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
location: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
date: Tue, 04 Oct 2022 05:43:15 GMT
content-length: 196
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   196
Md5:    e4450c4791dadbc8f0fe8409a9b278ec
Sha1:   70f8e597f291a8a247c4f1bbbc4586e300f75723
Sha256: e350fe60679b3272336147b700171d459374f3a66c6e228673a94ec0d9239b7e
                                        
                                            GET /t_prism_sitemessages.php?trackid=224499963&prismid=2bcde397-8788-4a7c-a977-7858bccdf358&url=http%3A%2F%2Fwww.usbfund.com%2Fblog%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dhow-to-write-a-business-plan-to-get-approved-for-a-loan HTTP/1.1 
Host: trackcmp.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.42.105
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
                                        
date: Tue, 04 Oct 2022 05:43:16 GMT
content-length: 0
x-powered-by: PHP/7.1.33
cache-control: no-cache, private
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 754b99554b11b50c-OSL
X-Firefox-Spdy: h2

                                        
                                            POST /data HTTP/1.1 
Host: aorta.clickagy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 373
Origin: http://www.usbfund.com
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.162.244.84
HTTP/2 200 OK
content-type: application/json
                                        
date: Tue, 04 Oct 2022 05:43:16 GMT
content-length: 82
server: Aorta/20220929.37e3bd418
x-aorta-host: 945ffee39988
x-aorta-region: us-east-1
access-control-allow-credentials: true
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
access-control-expose-headers: Set-Cookie
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://www.usbfund.com
access-control-max-age: 31536000
cache-control: no-cache, no-store, must-revalidate
expect: 0
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   82
Md5:    c8f366b71d894c814c6039552cec1d20
Sha1:   c7254c44f9c6f7e65830b45c868fdb9db315c1b8
Sha256: 455c7c6891d8e91ad5ea11049bf9b043c9c9f522b21393e410f1bae9440a5761
                                        
                                            GET /css?family=Roboto:400,900,700,500,300,100 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 05:43:14 GMT
date: Tue, 04 Oct 2022 05:43:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   801
Md5:    93704c15aa61bceaaa47957c876aaa5b
Sha1:   3e5f5fc6bd66cd9c50f497a37b87309fdf2c630b
Sha256: 0abedd277aee03d6f632ada2eec357543ae0d12ffb0e6354906b15c659f4a5da
                                        
                                            GET /pixel.gif?clkgypv=jstag HTTP/1.1 
Host: aorta.clickagy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.162.244.84
HTTP/2 302 Found
content-type: application/json
                                        
date: Tue, 04 Oct 2022 05:43:16 GMT
content-length: 0
location: https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D
server: Aorta/20220929.37e3bd418
x-aorta-host: 86a839f925e2
x-aorta-region: us-east-1
access-control-allow-credentials: true
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
access-control-expose-headers: Set-Cookie
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin:
access-control-max-age: 31536000
cache-control: no-cache, no-store, must-revalidate
expect: 0
X-Firefox-Spdy: h2

                                        
                                            GET /forms/main.js?v=2022-10-04T05 HTTP/1.1 
Host: omnisnippet1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.21.138
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 04 Oct 2022 05:43:16 GMT
last-modified: Thu, 29 Sep 2022 07:20:47 GMT
etag: W/"6335474f-a033"
expires: Tue, 04 Oct 2022 05:23:32 GMT
cache-control: max-age=3600
x-envoy-upstream-service-time: 2
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 2596
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 754b99554f471c02-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (40978)
Size:   13402
Md5:    4a25d192f6e490e413fefa1fee28219a
Sha1:   7c68b221cfcd820ab0a20a5489b2638250b2c73e
Sha256: 9c947e0aa0807271af3acc0db04398952b4be433caa7931636a6dab88a173de8
                                        
                                            GET /fonts/socicon.ttf HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: font/ttf
                                        
last-modified: Fri, 27 Sep 2019 21:47:07 GMT
accept-ranges: bytes
content-length: 44524
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Tue, 04 Oct 2022 05:43:16 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 17 tables, 1st "FFTM", 12 names, Microsoft, language 0x409, type 1 string, sociconRegularsociconsocicon RegularVersion 2.4sociconFont generated by IcoMoon.Webfont 1.0Thu A\012- data
Size:   44524
Md5:    4cd63382b2456736eef43b2e7d8022a2
Sha1:   30544bfef5395086603a3fdd14720e8a695557db
Sha256: ad9bc5734c8e5e33da5ae5763b578444cc3a8c5c28acbece5980f8d7b5f56d46

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /companywidget.aspx?ID=100094667&WidgetType=1 HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.usbfund.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=zo1gk3z3bnm22deztpd3at5i; path=/; secure; HttpOnly; SameSite=Lax
date: Tue, 04 Oct 2022 05:43:15 GMT
content-length: 6794
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (604), with CRLF line terminators
Size:   6794
Md5:    3793334c992c78adbb881f9c644f752b
Sha1:   0a1ae09ab7784ed9df1e430ff376423293afa0f5
Sha256: 6a2beedd4324aef8c67d8680d75bc6ea8010d5bd077748e1ec349b8980faf172
                                        
                                            GET /track.js HTTP/1.1 
Host: serve.albacross.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.usbfund.com/

                                         
                                         143.204.55.5
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 08 Apr 2021 13:13:21 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Tue, 04 Oct 2022 05:41:20 GMT
Cache-Control: max-age=120
ETag: W/"b769e9b4f23be6c9bab7c715fdf2526a"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9xjKAIpQF7M6Sajdw0y7ysNxsqdfleXirHwsS5yhxdGcFu09aHRLAw==
Age: 116


--- Additional Info ---
Magic:  ASCII text, with very long lines (10418)
Size:   4112
Md5:    fb582e9afc270eff27615efc772d56d1
Sha1:   1467e3e47d8b76d36e319a6574ab72b59983343b
Sha256: bbc596d579e549bad24d8d7301087ebe50da47adaf9a67a42a3650b914f9be3e
                                        
                                            GET /apps/18595/capture.js HTTP/1.1 
Host: c.cdnma.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.usbfund.com/

                                         
                                         143.204.55.64
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 13 Jun 2022 17:04:46 GMT
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Content-Encoding: gzip
Date: Tue, 04 Oct 2022 03:04:06 GMT
Expires: Tue, 04 Oct 2022 07:04:06 GMT
Cache-Control: max-age=14400
ETag: W/"62a76e2e-6b96"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yYMcgMPWdwjy5R_dxM7uMZw5GPbbMFiGEoazKmSFqEjJZBaeH3hoQA==
Age: 9550


--- Additional Info ---
Magic:  ASCII text
Size:   7913
Md5:    914c1f8a7ad854399766214647308036
Sha1:   499c3d55dd9cdc07d203d4932c4eb0783c559a61
Sha256: 2e0ab03a9e5aa965e4f4fc9bcd77a4028f438ef575e6b05b21ed94dd1a843613
                                        
                                            GET /munchkin.js HTTP/1.1 
Host: munchkin.marketo.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.usbfund.com/

                                         
                                         88.221.99.189
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Accept-Ranges: bytes
ETag: "92b41a298690c047b0c4602dd843cba4:1662686319.691662"
Last-Modified: Fri, 09 Sep 2022 01:18:39 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 04 Oct 2022 05:43:16 GMT
Content-Length: 728
Connection: keep-alive
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"


--- Additional Info ---
Magic:  ASCII text, with very long lines (521)
Size:   728
Md5:    51a92d8c69733d719447dea0416ed039
Sha1:   69f4c1e0b7ebba812bc096708d57627927dff265
Sha256: cb483c0ea4012ac512bcba6204b37622b388c1aefd4ae9028f60abb965f23d29
                                        
                                            GET /fonts/socicon.woff2 HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: font/woff2
                                        
last-modified: Fri, 27 Sep 2019 21:47:06 GMT
accept-ranges: bytes
content-length: 27648
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Tue, 04 Oct 2022 05:43:16 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 27648, version 2.26214\012- data
Size:   19438
Md5:    c71aa1d768c7875fd18f73a245e0dcdd
Sha1:   1d08552a06680d538a2a3c2aa98f6aef3f5e6252
Sha256: 75df588a501e8368495ce575c390991176791544cc7ae76029ac3453fa7a19c5

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 04 Oct 2022 04:41:09 GMT
expires: Tue, 04 Oct 2022 06:41:09 GMT
cache-control: public, max-age=7200
age: 3727
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            POST / HTTP/1.1 
Host: status.geotrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5564
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 05:43:16 GMT
Last-Modified: Tue, 04 Oct 2022 04:10:32 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /stylesheets/font-awesome.min.css HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: no-cache
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 18:58:59 GMT
accept-ranges: bytes
etag: "809bbc5d6cd3d81:0"
vary: Accept-Encoding
date: Tue, 04 Oct 2022 05:43:15 GMT
content-length: 6965
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (30837)
Size:   6965
Md5:    775375b17c16dc85854ba29bbba28807
Sha1:   91c2f8c2838211a85090f061340b6c0c24e763af
Sha256: e05c4f03a6c957e6b769e9ac46b9b6d7f1de8f46f49fc894be7c7493aaf4e033
                                        
                                            GET /stylesheets/jquery.selectBox.css HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
cache-control: no-cache
location: https://www.checkbca.org/stylesheets/jquery.selectbox.css
date: Tue, 04 Oct 2022 05:43:15 GMT
content-length: 180
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   180
Md5:    65d99af646ca7622a01fc0d3eb7a6b6d
Sha1:   a6b71820c0572f17c183b5669255346947bc3492
Sha256: 425fea6b4acfc8c48eee414af2be035b5c77a87742cf0bb46b136d07e0c29f6a
                                        
                                            GET /stylesheets/style.css HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: no-cache
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 18:58:59 GMT
accept-ranges: bytes
etag: "809bbc5d6cd3d81:0"
vary: Accept-Encoding
date: Tue, 04 Oct 2022 05:43:15 GMT
content-length: 10891
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  assembler source, Unicode text, UTF-8 text, with very long lines (548), with CRLF line terminators
Size:   10891
Md5:    cef167427944e3fb4d6831c227b30bd0
Sha1:   5900baa9671ec663d3f990e38e7bb763f7edee64
Sha256: ad26247de1e0e4f3e40fd860a147df0ed041f06e75dc48f7e1ac3684ac7920f1
                                        
                                            GET /Scripts/WebForms/MsAjax/MicrosoftAjax.js HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
cache-control: no-cache
location: https://www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
date: Tue, 04 Oct 2022 05:43:15 GMT
content-length: 188
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   188
Md5:    6f83537ac9d2567aa0049ad8d28282d8
Sha1:   7e4975fe0edee16d97ab1f59dd7473a95902f30e
Sha256: c614ae1fc44d88ab3555782295fd0de23f7b1062ef93e0777530a9ff2fdb2fe6
                                        
                                            GET /w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D HTTP/1.1 
Host: us-u.openx.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.244.159.8
HTTP/2 200 OK
content-type: text/html
                                        
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Tue, 04 Oct 2022 05:43:16 GMT
content-length: 56
content-encoding: gzip
cache-control: private, max-age=0, no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   56
Md5:    15669dda86db3cbff7835fa202dc0b16
Sha1:   ce788cab9c1aa7e458a3971a59702c410b37e64d
Sha256: 5cc3f958039a8885c4e9526e22d454da47d579b9a02861e7a60b41fa0ba910df
                                        
                                            GET /sifitag/7c49dfc0-b0ef-0139-b544-06a60fe5fe77 HTTP/1.1 
Host: tag.simpli.fi
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         169.50.137.176
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 04 Oct 2022 05:43:16 GMT
content-length: 3101
set-cookie: suid=D4616BBB46534EBD8CE6091225AD0DE1; Path=/; domain=simpli.fi; Expires=Thu, 05-Oct-23 05:43:16 GMT; SameSite=none; Secure; suid_legacy=D4616BBB46534EBD8CE6091225AD0DE1; Path=/; domain=simpli.fi; Expires=Thu, 05-Oct-23 05:43:16 GMT; Secure;
x-request-id: FxrHWM9WDjNBZZqE4uNh
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache, no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3100)
Size:   3101
Md5:    3f39bd6aa96de4bb5bd9275b06354981
Sha1:   14f61e1cbeb536266027c98d8f48cc3211f1a2b2
Sha256: 4f8cbfd5c952dcec41e51c8cdf551acc7acf44e7e4d51ab90be179a503fb4b00
                                        
                                            POST / HTTP/1.1 
Host: status.geotrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6190
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 05:43:16 GMT
Last-Modified: Tue, 04 Oct 2022 04:00:06 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /wp-content/uploads/cropped-iconusbfund-192x192.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:15:06 GMT
accept-ranges: bytes
content-length: 19606
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Tue, 04 Oct 2022 05:43:16 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   19606
Md5:    273b22a347363c8bfaa20ddcca897d53
Sha1:   0bf5106cb96db26030ae4bee997db3aef8914130
Sha256: 3c673a54e1fea64b6b57dc31365058249f665f327b0e032746b310a2f6a2c0b2
                                        
                                            GET /wp-content/uploads/cropped-iconusbfund-32x32.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:14:07 GMT
accept-ranges: bytes
content-length: 1438
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Tue, 04 Oct 2022 05:43:16 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   1438
Md5:    331f8022f00882988b3dd50a45511040
Sha1:   295b137770dedf8de5101ba30c05f515e21b6fb0
Sha256: f83bb7fbb6ab6b05a6129fdc513d6edeb3b9029b0cbe6cf3eae361ad56c58cf5
                                        
                                            GET /162/munchkin.js HTTP/1.1 
Host: munchkin.marketo.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.usbfund.com/

                                         
                                         88.221.99.189
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Accept-Ranges: bytes
ETag: "75daf56f6191efe42577301908659c29:1656637152.894482"
Last-Modified: Fri, 01 Jul 2022 00:59:12 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=8640000
Expires: Thu, 12 Jan 2023 05:43:16 GMT
Date: Tue, 04 Oct 2022 05:43:16 GMT
Content-Length: 4677
Connection: keep-alive
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"


--- Additional Info ---
Magic:  ASCII text, with very long lines (606)
Size:   4677
Md5:    3e9baed982956735f6e0a0e756d97ed9
Sha1:   9223be6a494a10959101a7942419df7b05b84d73
Sha256: 930a508ed0ea6b4861d19c0738360182514010913c4ebfe9352064ae5006f8a1
                                        
                                            GET /inShop/forms.js?v=2022-10-04T05 HTTP/1.1 
Host: omnisnippet1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.21.138
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 04 Oct 2022 05:43:16 GMT
last-modified: Thu, 29 Sep 2022 14:16:25 GMT
etag: W/"6335a8b9-206e2"
expires: Tue, 04 Oct 2022 05:23:31 GMT
cache-control: max-age=3600
x-envoy-upstream-service-time: 1
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 2596
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 754b9954ef0a1c02-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32022)
Size:   38877
Md5:    2dc00a4d717747a0a5cb7a9a6672edbb
Sha1:   497c607170752902adefde1e3ea398d29ee19d07
Sha256: fd6f1685a15eb5943d13182a0001d7f9582c92a616cc43315e904cc6734d687f
                                        
                                            GET /WebResource.axd?d=pynGkmcFUV13He1Qd6_TZBAd-3g2iBrrqGpefWWgmRAZw8TONzGF-aV_9TjkbkyCvwDWnstKlAYe583il9NLzw2&t=637823077705833095 HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public
content-encoding: gzip
expires: Tue, 03 Oct 2023 21:33:16 GMT
last-modified: Tue, 08 Mar 2022 11:42:50 GMT
vary: Accept-Encoding
date: Tue, 04 Oct 2022 05:43:15 GMT
content-length: 23086
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   23086
Md5:    20180537e2ac64e5c60143ac90c84998
Sha1:   82d03de61c4dededbc9fd79d8c3a8e18d3b43744
Sha256: 0999cb5dfb2dcd76a944ef880be49f8e2d66fc60d00817e2b251ba0a67090cbf
                                        
                                            GET /Scripts/WebForms/MsAjax/MicrosoftAjaxWebForms.js HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
cache-control: no-cache
location: https://www.checkbca.org/scripts/webforms/msajax/microsoftajaxwebforms.js
date: Tue, 04 Oct 2022 05:43:15 GMT
content-length: 196
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   196
Md5:    95d708e49ef3d81c5832e354dbdafb01
Sha1:   ddb6aa6d1990a59c42331129fef517bb9101fad1
Sha256: 429e36746d58356e8d7fd50c755f2ec8de5fcf67bc3980f782eef9c14e89db18
                                        
                                            GET /scripts/jquery-3.3.1.min.js HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: no-cache
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Tue, 04 Oct 2022 05:43:15 GMT
content-length: 30394
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   30394
Md5:    a263be51483c81a54aa8c85104a93e55
Sha1:   555a54a73531c553bd2aede6abc25c128b63312e
Sha256: b2f13ad730928958c09d89e6e32bb6a227c0260d032a39ca464d998a59e57a66
                                        
                                            GET /scripts/jquery.simplemodal.1.4.4.min.js HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: no-cache
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Tue, 04 Oct 2022 05:43:15 GMT
content-length: 3081
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (626), with CRLF, LF line terminators
Size:   3081
Md5:    487fda8eb4e12565909588706300e2fb
Sha1:   9224d8c027d499bb7ec852c2bf3c580e593f5d5b
Sha256: 664736273b9cff9b035c3c682e6ea5e1220468bf24d3199d45148b0a45e101dc
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 05:43:16 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 01:42:55 GMT
Expires: Sun, 09 Oct 2022 01:42:54 GMT
Etag: "12094e4f75e6d03415180d178cfc097ef2aeffd6"
Cache-Control: max-age=416977,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 754b9957ebb1b500-OSL

                                        
                                            GET /711861.gif HTTP/1.1 
Host: id.rlcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.244.174.68
HTTP/2 451 Unavailable For Legal Reasons
                                        
date: Tue, 04 Oct 2022 05:43:16 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            GET /collect?v=2&fmt=js&pid=58092&time=1664862196095&url=http%3A%2F%2Fwww.usbfund.com%2Fblog%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dhow-to-write-a-business-plan-to-get-approved-for-a-loan HTTP/1.1 
Host: px.ads.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         13.107.42.14
HTTP/2 302 Found
                                        
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D58092%26time%3D1664862196095%26url%3Dhttp%253A%252F%252Fwww.usbfund.com%252Fblog%252F%253Futm_source%253Dbayengage%2526utm_medium%253Dcampaign-email%2526utm_campaign%253Dhow-to-write-a-business-plan-to-get-approved-for-a-loan%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQLOWRWj7x2RRQAAAYOhhRPBjzztZ_tfHq4xWCwqLzI88zL4v3qr9KCp5n_9rCRwJqKCoeY-GpqGsw; Max-Age=2592000; Expires=Thu, 03 Nov 2022 05:43:16 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure AnalyticsSyncHistory=AQLwxnx1hhooEQAAAYOhhRPBgvdah9CHIBkxLrBgmnjims5YdzJofxQf-VPkGX3pH8WvmO0VW_iTi6xmNX6sVQ; Max-Age=2592000; Expires=Thu, 03 Nov 2022 05:43:16 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure bcookie="v=2&8504fc93-18b6-4644-8982-6d5332668dfc"; domain=.linkedin.com; Path=/; Secure; Expires=Wed, 04-Oct-2023 05:43:16 GMT; SameSite=None lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2397:u=1:x=1:i=1664862196:t=1664948596:v=2:sig=AQGT4vD9Rfy-y-h4IfWzjv85ucEO5gXv"; Expires=Wed, 05 Oct 2022 05:43:16 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXqLu/VA04ruzdCK4RY3A==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 848E6A70C46B4251827B435343A3303B Ref B: OSL30EDGE0414 Ref C: 2022-10-04T05:43:16Z
date: Tue, 04 Oct 2022 05:43:15 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /scripts/jquery.bxslider.min.js HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: no-cache
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding