r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6157
Expires: Sat, 10 Dec 2022 09:25:56 GMT
Date: Sat, 10 Dec 2022 07:43:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5951
Expires: Sat, 10 Dec 2022 09:22:30 GMT
Date: Sat, 10 Dec 2022 07:43:19 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 10 Dec 2022 07:33:20 GMT
content-type: application/json
age: 599
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12999
Expires: Sat, 10 Dec 2022 11:19:58 GMT
Date: Sat, 10 Dec 2022 07:43:19 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: di7OUnzPJOvmtS2eq3I/Z7P3FIDdakOETvDDuD1b8U/S5cCClwsH9oWJbvKHA5pnLrc+caHbxh0=
x-amz-request-id: YXXVC21PBGDA1D8E
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 10 Dec 2022 06:50:34 GMT
age: 3165
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
email.mail.usbfund.com/c/eJxNkdluwyAQRb_GfiNi8ZYHHipF-Q1rgCGmNbbLEit_X9ykVSQkljPi3rmDknU97dqBDaI2UtG-Y1bXMa0Bx4BWMiYaUU9SCMqMtede9ZwPPWstWMu4MrprujMXdQqgv0DNOKbHhrLiXIPfwN2WcqxnOaW0xUp8VPxa1r7vpxyVzYs56dWXFxsQyXdeEx4V4pqTH-Oag8ZKXBQ8cLnBrbDuAB6Ny76APw2CHtz8ov_C4tIQDXEidl534mEpP3hcEkluiyRNkMju5pmoAz-KGPFuMW-tOHPkI2jtJKecM84o7Rvenk-01UA7gZqz9tw3pmro4eC9qTrIzy90aSqsOAoRw91pjL8sybSk8Zluktqr8bXdIYxPzecQci4mSoQGrDAwKIBGlesPpgGQLQ
34.127.83.42302 Found 662 B URL HTTP/1.1 email.mail.usbfund.com/c/eJxNkdluwyAQRb_GfiNi8ZYHHipF-Q1rgCGmNbbLEit_X9ykVSQkljPi3rmDknU97dqBDaI2UtG-Y1bXMa0Bx4BWMiYaUU9SCMqMtede9ZwPPWstWMu4MrprujMXdQqgv0DNOKbHhrLiXIPfwN2WcqxnOaW0xUp8VPxa1r7vpxyVzYs56dWXFxsQyXdeEx4V4pqTH-Oag8ZKXBQ8cLnBrbDuAB6Ny76APw2CHtz8ov_C4tIQDXEidl534mEpP3hcEkluiyRNkMju5pmoAz-KGPFuMW-tOHPkI2jtJKecM84o7Rvenk-01UA7gZqz9tw3pmro4eC9qTrIzy90aSqsOAoRw91pjL8sybSk8Zluktqr8bXdIYxPzecQci4mSoQGrDAwKIBGlesPpgGQLQ
IP 34.127.83.42:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (352)
Hash 6004a7f5cd0ab4bf3314e4325df46b7b
16f63bc4a13f99409f6880a448996edda28113c1
8b90f3a9c3dd35b06ceb94972ac0df71eb845288101543214dc5358008fc2526
Analyzer Verdict Alert fortinet Malware
GET /c/eJxNkdluwyAQRb_GfiNi8ZYHHipF-Q1rgCGmNbbLEit_X9ykVSQkljPi3rmDknU97dqBDaI2UtG-Y1bXMa0Bx4BWMiYaUU9SCMqMtede9ZwPPWstWMu4MrprujMXdQqgv0DNOKbHhrLiXIPfwN2WcqxnOaW0xUp8VPxa1r7vpxyVzYs56dWXFxsQyXdeEx4V4pqTH-Oag8ZKXBQ8cLnBrbDuAB6Ny76APw2CHtz8ov_C4tIQDXEidl534mEpP3hcEkluiyRNkMju5pmoAz-KGPFuMW-tOHPkI2jtJKecM84o7Rvenk-01UA7gZqz9tw3pmro4eC9qTrIzy90aSqsOAoRw91pjL8sybSk8Zluktqr8bXdIYxPzecQci4mSoQGrDAwKIBGlesPpgGQLQ HTTP/1.1
Host: email.mail.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Length: 662
Content-Type: text/html
Date: Sat, 10 Dec 2022 07:43:19 GMT
Location: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
X-Robots-Tag: noindex
X-Xss-Protection: 1; mode=block
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 07:43:19 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 10 Dec 2022 07:33:14 GMT
age: 606
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4851
Cache-Control: max-age=96266
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:20 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 10:27:46 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.89.136.7101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.136.7:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2TJvwYHbobvv38rTrpFBNQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Ok/T0w2qyLKy0KKeJ4Xe/t3SnbM=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e03cbe84a629a389e93f073142f950be
d078d510c4aab11c0807fce6d637f5dded3e4c0f
bb2885c747a68b0c65b9d0c2ab3579aba3ebd2a540f14477b5303ce6aceb789e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB2885C747A68B0C65B9D0C2AB3579ABA3EBD2A540F14477B5303CE6ACEB789E"
Last-Modified: Sat, 10 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 10 Dec 2022 13:43:20 GMT
Date: Sat, 10 Dec 2022 07:43:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16042
Expires: Sat, 10 Dec 2022 12:10:42 GMT
Date: Sat, 10 Dec 2022 07:43:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16042
Expires: Sat, 10 Dec 2022 12:10:42 GMT
Date: Sat, 10 Dec 2022 07:43:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16042
Expires: Sat, 10 Dec 2022 12:10:42 GMT
Date: Sat, 10 Dec 2022 07:43:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3481e34b-ab9e-46b1-acd8-f9e532860477.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3481e34b-ab9e-46b1-acd8-f9e532860477.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3acf5a494a6bb8b26858974ede70a33
4bccc3032f7427d881a49250e576c05dd7d5614f
786db0da1198986aeba9aa420a7c89b5b27a09bc48c3806769342159f116705d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3481e34b-ab9e-46b1-acd8-f9e532860477.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12047
x-amzn-requestid: a8082dc0-21cd-4fd8-8c3b-50a0b03b6200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_rGiaIAMFnLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-2a0096650760715e6201b97a;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 81ITdqoxk0_9sH9c9Nu9t50Ke2BDkI9RJqxFPziuYZwcpwnmpwfWYQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:26:51 GMT
age: 33389
etag: "4bccc3032f7427d881a49250e576c05dd7d5614f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 400d1465-ecbf-4d95-8aa8-4dce5dca0716
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctluwGo4oAMFhTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee991-6dba29ae7065d5347a1a420d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Lazl-stakC-31gMuQ2WzH9uFkIb0g7HaaM3xkwSFdFJMWKTaKqrBEQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 03:28:41 GMT
age: 15279
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf8a350a-c007-4620-b1d6-db700eab84a1.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf8a350a-c007-4620-b1d6-db700eab84a1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 96546d2bb2ce3e7746fcd882a65abb43
b49a885ef2b73191abcbb6f56e839b94aaafd556
ad90c8ecbcee56417a3da824e5a2c2be811e687467f953f9d23a8e2456a2755a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf8a350a-c007-4620-b1d6-db700eab84a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6342
x-amzn-requestid: a473f123-34cf-4c43-b01f-c9aec84df6eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czEZHFeQIAMFp5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911aa0-78b1466c6faa4d0c20dc61b0;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:58:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0D5JLUwjeMjMjD7HCMS1LAzYQh8B2zynnZqCtsd1yrmcOcjQbWaHw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:55:31 GMT
age: 35269
etag: "b49a885ef2b73191abcbb6f56e839b94aaafd556"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c3a6c54-dd12-46c8-8acb-7c425ab40af5.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c3a6c54-dd12-46c8-8acb-7c425ab40af5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 052b61a3bd1c839e1f5ce37834cad817
1fbbf8fb328a1406904d6346004e2c89c6ba2419
96dcb266eaec98f6305071598df3b49ca93234e0e8b1c8c9801a1a99d7f5c817
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c3a6c54-dd12-46c8-8acb-7c425ab40af5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7811
x-amzn-requestid: dc97f86e-a29c-4139-887a-e775a0327280
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eK4EH_oAMFYqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa45-3a38086160ac180b3f8cf5d8;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TM_0Q_GmJDuXth6JpRvm_JAZXwT-xFZEjzuMeIzfzBu1J5jQ_Tng9A==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:53:25 GMT
age: 35395
etag: "1fbbf8fb328a1406904d6346004e2c89c6ba2419"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8caef8f-937f-4132-9440-daa516389582.png
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8caef8f-937f-4132-9440-daa516389582.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0cb823bf2991a7047962ee388f00dc0
4a0377cd21b6ab69f7e45392a547c9846e607464
86e8e629ffd2efe7c4c86a7e140412dae81a35376cb7f03ee511c6e1d023c788
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8caef8f-937f-4132-9440-daa516389582.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9948
x-amzn-requestid: 0b1400a6-7791-468f-a1d5-b46836e7b164
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eMEGNZoAMF7ZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4d-124f9a6f03db01a67784657f;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qPlUjc4Gzc8cFyyQH_3vZoF_k5J61aXPOXozWTO_8txfn11m8Bo5IQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:00:16 GMT
age: 34984
etag: "4a0377cd21b6ab69f7e45392a547c9846e607464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0df452512aae4c4c1f4a2cd263b16dfd
68bac75574641febc463bd0819392dae2da15811
e0a9301c5be849e116f1d98b819c2eb91f73e74d836f3e099f2cd266e8f0bb36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12743
x-amzn-requestid: 6ed8a5f4-45cd-45bd-9820-df450f612c34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eK4E_-IAMFf3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa45-31d928fc430577b463a68bd0;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nD0bWCjTU6LNSsNYCNqT4rt7okG1dmPPWiw4FXSi_uNWpcZnxhZgKw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:03:37 GMT
age: 34783
etag: "68bac75574641febc463bd0819392dae2da15811"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
143.204.55.78200 OK 6.1 kB URL HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP 143.204.55.78:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Hash 5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Sat, 10 Dec 2022 04:46:04 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2Og5p-P5BP0BRH4QzZ74eTZuPkRitwe-02PeuJqUJq5IP2vwqtegng==
age: 10637
X-Firefox-Spdy: h2
code.jquery.com/jquery-migrate-1.2.1.js
69.16.175.42200 OK 5.8 kB URL HTTP/2 code.jquery.com/jquery-migrate-1.2.1.js
IP 69.16.175.42:0
Hash ab50f392b13415af57f9720f4d24e981
8bee0d6d15bc0bf62197f6a33493df7494bf42c2
3c7ae468bcd5eefaf92cfac278a5a998f871e0aaa190f87b0f56fd79f93d00b7
GET /jquery-migrate-1.2.1.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:43:21 GMT
content-encoding: gzip
content-length: 5783
content-type: application/javascript; charset=utf-8
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
accept-ranges: bytes
server: nginx
etag: W/"62f659d6-40ed"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670658201.dop016.sk1.t,1670658201.cds071.sk1.hn,1670658201.cds234.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f7aef7109978f8c1c53298563756a403
d610bb812b080710945dd47f9cccd794af9fe2f7
6366bc97e3f9ac9a6e8a294da60f2d961d2106180fd8ffaae97bc82ea399edb9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.usbfund.com/wp-content/themes/usb/css/grid.css
50.87.170.174200 OK 10 kB URL HTTP/2 www.usbfund.com/wp-content/themes/usb/css/grid.css
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type assembler source, ASCII text, with very long lines (3536), with CRLF line terminators
Hash 8ca3e3908b8e627dd53a2bde9ab330b4
dfc94081f2e0acfbc95cb633810897271692e5db
5a17844298059c3adb2103842f6893bf6a798221afa1c7a3217c610fc4aebeec
GET /wp-content/themes/usb/css/grid.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:35:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 10146
content-type: text/css
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css
50.87.170.174200 OK 239 B URL HTTP/2 www.usbfund.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 21fec527969cbcfec759744ce51f94c0
827130fb99b0005a5206028abfe82e93610184f2
fe2a280a5ffe9f5d3b1bf125035d478e46bae689a2f0cde07d48bef1ba7c74b1
GET /wp-content/plugins/wp-pagenavi/pagenavi-css.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Oct 2021 18:28:51 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 239
content-type: text/css
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/css/forms.min.css
50.87.170.174200 OK 1.1 kB URL HTTP/2 www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/css/forms.min.css
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3296), with no line terminators
Hash e4f0e46d63eb641d8cfe1579ff0217cb
37e2ef45ef74f0a3b869d447b4d9e22d0b424945
6b7e532056e7c449a8e080eb2967563fdb20ce9cfdcb95216205a769b65033c4
GET /wp-content/plugins/AffiliateWP-master/assets/css/forms.min.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:24:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1141
content-type: text/css
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
142.250.74.138200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (32025)
Hash 83b3b5729cdff3976db52c51831e96b8
d23dc823e37f58e5366340be755730f3fa9a850d
675fa88b39008a09994460a93b310a7d4593735009a9b24b6f176c347ad12421
GET /ajax/libs/jquery/2.1.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29725
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 16:58:49 GMT
expires: Sun, 03 Dec 2023 16:58:49 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 571472
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-210860007-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-210860007-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash ef372ae5e6d42ec7dee164dd286fa44e
0964a1d0adfe0c57d19a5326c62897a03d8206e8
3db16ef4b6e6448a0ca597c709493cc3b8ce4f2fd1ea26b371c1cba745dcdf79
GET /gtag/js?id=UA-210860007-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 10 Dec 2022 07:43:21 GMT
expires: Sat, 10 Dec 2022 07:43:21 GMT
cache-control: private, max-age=900
last-modified: Sat, 10 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43637
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.usbfund.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
50.87.170.174200 OK 4.6 kB URL HTTP/2 www.usbfund.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Oct 2021 18:27:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 4618
content-type: application/javascript
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a49ab5ecc317aa7e4724050053737549
3ffff77715bf8c5dbcbb5e17abbbc2c683c36f60
844f25237f9906c3fb977d58259e132c41dacbbe546adc8b45e9992e6ee711c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
scripts.iconnode.com/100980.js
54.230.111.62200 OK 7.7 kB URL HTTP/2 scripts.iconnode.com/100980.js
IP 54.230.111.62:0
File type Unicode text, UTF-8 text, with very long lines (46582), with no line terminators
Hash 05a6d57113e7870d8851ed0faf8ca12f
315c52641f469ec7e571648d5333982579cb6da3
0f4d04e15b0a5cb9f2e59f3cc9a7b36d522db0e7712454d1f962e77723348eb3
GET /100980.js HTTP/1.1
Host: scripts.iconnode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 7683
last-modified: Mon, 26 Sep 2022 18:10:24 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Sat, 10 Dec 2022 07:43:21 GMT
cache-control: max-age=0
etag: "05a6d57113e7870d8851ed0faf8ca12f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MGzxwp3sKeedJfjHWb2godxcLb73E-7Ci18XaZJ6v7nOZPxhU6XHkw==
age: 10795
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash d45849b364dd27493dfe4756da122230
0bc9bd8614c5868866276625667bb1506f87e137
a136409e504b9373848d16492034152cd20d66b11217bd5a49f77bfbe00c1820
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 07:43:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 14 Dec 2022 06:11:40 GMT
ETag: "0bc9bd8614c5868866276625667bb1506f87e137"
Last-Modified: Sat, 10 Dec 2022 06:11:41 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2837
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 777459603c761c02-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 453ea4e29eac500eda9c4f18caa223fd
4f93d07e1bc956989f52176e8d52f146de3d629f
aebda110488fd31113a62c050fedae378dc09d44a0e4dc16b96ae14675498067
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=170256
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:21 GMT
Etag: "63942ea9-117"
Expires: Mon, 12 Dec 2022 07:00:57 GMT
Last-Modified: Sat, 10 Dec 2022 07:00:57 GMT
Server: nginx
Content-Length: 279
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 18294d2a364b45cb4a01a70c963dc6fe
f77c1db1251d125f0d23d7804f6aea22f91117da
31b1aa8bf430e97118a318a73f1bd440f1ba885be3b02925b06c897f552ec0fd
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=93035
Date: Sat, 10 Dec 2022 07:43:21 GMT
Etag: "6392e85b-1d7"
Expires: Sun, 11 Dec 2022 09:33:56 GMT
Last-Modified: Fri, 09 Dec 2022 07:48:43 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Hqh_hDN_rqTCW5F9eq6b70qbOvmiFPttVbxxpzn7EjgX16S8FNj52Q==
Age: 6313
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?hl=en&render=explicit&ver=6.0.3
216.58.207.228200 OK 554 B URL HTTP/2 www.google.com/recaptcha/api.js?hl=en&render=explicit&ver=6.0.3
IP 216.58.207.228:0
File type ASCII text, with very long lines (852), with no line terminators
Hash 0a628b8a14a877262721824930709597
31bbb380c04a4229a099a1fb6dea09cf717bcb5f
6c63432c24b1f8eed67f792c68214710fd6444ede5c28f56202e966770d20121
GET /recaptcha/api.js?hl=en&render=explicit&ver=6.0.3 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 10 Dec 2022 07:43:21 GMT
date: Sat, 10 Dec 2022 07:43:21 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 554
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f7aef7109978f8c1c53298563756a403
d610bb812b080710945dd47f9cccd794af9fe2f7
6366bc97e3f9ac9a6e8a294da60f2d961d2106180fd8ffaae97bc82ea399edb9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
assets.anytrack.io/1y0o6qdBqYHr.js
143.204.55.90200 OK 103 B URL HTTP/2 assets.anytrack.io/1y0o6qdBqYHr.js
IP 143.204.55.90:0
File type ASCII text, with no line terminators
Hash 69b5271584dd67a9e6ae79216fe30110
7753fe034a0843770954f6979f6830ff9a82f987
b55a87e172f834369dfb6a2176712509026e5b3de676343ccdc64410245081d9
GET /1y0o6qdBqYHr.js HTTP/1.1
Host: assets.anytrack.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 103
access-control-allow-origin: *
date: Sat, 10 Dec 2022 07:43:21 GMT
cache-control: public, max-age=600
etag: W/"67-d1P+A0oIQ3cJVPaXn2gw/5qC+Yc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: harC7chJn5G2uh88T7qc4Z2tRb3cjdFVr_7r5Lw6N60gGNqJl35MMQ==
age: 208
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5496e18a30e039b44989d9a0e932d4bc
c5bfb1b9ce711e38d69e78486017f07cc47fe04a
26a3ad286e479cdabfcbb5a9d3fada211c73650628a35c80944b0e7e8aad27e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 641dd08110cd22c6000a060226f2b374
9bf3cfedbae68eb77e484780c5a9ac5693567194
6bdd6387148149a1e35b1222854c09f524b5773210e7a4ecb7df2d2d369dfe20
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 07:43:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 23:46:42 GMT
Expires: Wed, 14 Dec 2022 23:46:41 GMT
Etag: "9bf3cfedbae68eb77e484780c5a9ac5693567194"
Cache-Control: max-age=402799,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7774595fcbca0b61-OSL
www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/js/jquery.cookie.min.js?ver=1.4.0
50.87.170.174200 OK 758 B URL HTTP/2 www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/js/jquery.cookie.min.js?ver=1.4.0
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1667), with no line terminators
Hash 94c6b3b214659c68b42fb0c428cac279
eb3a852e1bcf8a32ac304dc89995ffdeaf623033
8cdab12fffba1162b02761c8e7631003efebf03e3af5ca9072023ffda52353ad
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/AffiliateWP-master/assets/js/jquery.cookie.min.js?ver=1.4.0 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:24:32 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 758
content-type: application/javascript
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/themes/usb/js/accounting.min.js
50.87.170.174200 OK 1.3 kB URL HTTP/2 www.usbfund.com/wp-content/themes/usb/js/accounting.min.js
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3019)
Hash 05f645a76aff3fc02e18295a07c54e09
509581a5e2e4760e2163d704d21b2604329b514e
c7834a5ef896adfc8b40eb2a1db07bd867fe84da57ad234bfa487cfbc610a16a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/usb/js/accounting.min.js HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:35:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1345
content-type: application/javascript
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/themes/usb/images/logo_text.png
50.87.170.174200 OK 6.3 kB URL HTTP/2 www.usbfund.com/wp-content/themes/usb/images/logo_text.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 250 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash 198c7fed73cadb12c23066fcad4e33e8
1f2616bb88b86ec79f3ce8cbbf74b3392c0b46bc
0053eb54a0f54484a915313939d858e1844208d2d0c4b410ce30e25d9cbc09ba
GET /wp-content/themes/usb/images/logo_text.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:36:10 GMT
accept-ranges: bytes
content-length: 6307
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash d45849b364dd27493dfe4756da122230
0bc9bd8614c5868866276625667bb1506f87e137
a136409e504b9373848d16492034152cd20d66b11217bd5a49f77bfbe00c1820
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 07:43:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 14 Dec 2022 06:11:40 GMT
ETag: "0bc9bd8614c5868866276625667bb1506f87e137"
Last-Modified: Sat, 10 Dec 2022 06:11:41 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2837
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 777459614cf61c02-OSL
www.usbfund.com/wp-content/uploads/bbb3-usbfunding.png
50.87.170.174200 OK 5.5 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/bbb3-usbfunding.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 626 x 166, 8-bit colormap, non-interlaced\012- data
Hash 4174109b2d630d1a3a55c74471d41f2d
76e85cba42ef8e71c697c4d9be0319cd34903f08
8b3f1f31595b770fd37ff6d65e46066e9c604e8da3da0427d6a45b9f1c2758f5
GET /wp-content/uploads/bbb3-usbfunding.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:15:04 GMT
accept-ranges: bytes
content-length: 5544
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/us-business-funding-logo-small.png
50.87.170.174200 OK 2.0 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/us-business-funding-logo-small.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash a5a71307aefd12c55fd16f36356f9a83
679b01f07d71f673b74fde71a5a0a9da8a8e486d
a2e02fabad9f481343e4e8050843b371e239956a637488eb7d2a9deff98245de
GET /wp-content/uploads/us-business-funding-logo-small.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:14:51 GMT
accept-ranges: bytes
content-length: 2020
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/featured-logo-05.png
50.87.170.174200 OK 3.7 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/featured-logo-05.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 135 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash 646b30b6704a2457b04bb12da4144c97
acadca7b80819db2100f2cf8341acdf47a2eb773
b6e64d31c4f5ab917ad1cddfe7fa745e7c4bfc2d5af33cfdaa8130eb14247bc8
GET /wp-content/uploads/featured-logo-05.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:15:03 GMT
accept-ranges: bytes
content-length: 3721
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/themes/usb/js/site.js
50.87.170.174200 OK 4.8 kB URL HTTP/2 www.usbfund.com/wp-content/themes/usb/js/site.js
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash ba21d11b60199ed26dfb2a2d8352065a
3e78915e922b60ca87f5860c67b99861de96830c
c000c3cc081106de80fb4995e40b363752494290c9090e0980a5b4a4cfc37c49
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/usb/js/site.js HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:35:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 4830
content-type: application/javascript
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/trust-pilot-usbfunding.png
50.87.170.174200 OK 4.2 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/trust-pilot-usbfunding.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 352 x 175, 8-bit colormap, non-interlaced\012- data
Hash 8db5639231938ddfa4ab52c5b278232c
80e620869cd3dcb7570634232ec32e77754ce3d6
8b2066888a8b3566ffddcd6d5fe12cbf145577e09e780a9497ef0303f72016d5
GET /wp-content/uploads/trust-pilot-usbfunding.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:14:55 GMT
accept-ranges: bytes
content-length: 4231
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/accredited-business-usbfunding.png
50.87.170.174200 OK 2.2 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/accredited-business-usbfunding.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 180 x 75, 8-bit colormap, non-interlaced\012- data
Hash 3befe9c6fb5e6602893570b99d3920aa
1e7c1d352448864975a23135097e59593ae71456
d59962c29e3487892da60ef799f75523576b6f006d54fc3dd43bb6993588f1dc
GET /wp-content/uploads/accredited-business-usbfunding.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:15:06 GMT
accept-ranges: bytes
content-length: 2244
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/ssl-secure-connection-usbfunding.png
50.87.170.174200 OK 24 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/ssl-secure-connection-usbfunding.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 519 x 231, 8-bit colormap, non-interlaced\012- data
Hash 232fc793318ef0e7dc8ddafa873ce9c9
d993ed70f8351dbd5242c59cf59c7b4aebbc103e
cc8d8ae1a4690a5ef3294c0e9045244b80da11f1a8a0be0ed162ee827d02f69b
GET /wp-content/uploads/ssl-secure-connection-usbfunding.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:14:52 GMT
accept-ranges: bytes
content-length: 24372
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/themes/usb/js/parsley.js
50.87.170.174200 OK 13 kB URL HTTP/2 www.usbfund.com/wp-content/themes/usb/js/parsley.js
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32005)
Hash 28b93b4a60a3b3e2ccdd2b9ae2e2e338
b15daa3e165bbe3f517a6ccf642d145948d2661b
22dd53f39ba5beba81987a910442f8325f7d62eff28e97a2925aaedd250fb7b9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/usb/js/parsley.js HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:35:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 13125
content-type: application/javascript
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/themes/usb/images/logo_icon.png
50.87.170.174200 OK 2.2 kB URL HTTP/2 www.usbfund.com/wp-content/themes/usb/images/logo_icon.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 53 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash 50946e7f85431c547526705a530f893f
573eff13df4dc4f2e6e0e1db1a9339d79e22ce3c
05bc3e4202452433d51079e0d6e348cb850ea55330da7786c1d5c7290d13400a
GET /wp-content/themes/usb/images/logo_icon.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:36:10 GMT
accept-ranges: bytes
content-length: 2165
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.1.2
50.87.170.174200 OK 959 B URL HTTP/2 www.usbfund.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.1.2
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1847), with no line terminators
Hash 4a29032699b49818d64ec9bd6aa97d63
7615297a8ee0653b1215d1f39c765264035d1e4b
66b8cc2b313291b28fbfded96cf33699d487d35e6dc724d7207a042d9b30e4fc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.1.2 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:22:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 959
content-type: application/javascript
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/plugins/gravityforms/css/formreset.min.css
50.87.170.174200 OK 522 B URL HTTP/2 www.usbfund.com/wp-content/plugins/gravityforms/css/formreset.min.css
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3840), with no line terminators
Hash 2823bcb90b7fc43df4ce927bece3d127
f57ac5676272d6ab4a410fc77ad77ba5a6f9080d
93e7e5d498f02259db5320493882623800e737facddd1b5d4ed29a9fc5d00572
GET /wp-content/plugins/gravityforms/css/formreset.min.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:22:28 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 522
content-type: text/css
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.1.2
50.87.170.174200 OK 1.9 kB URL HTTP/2 www.usbfund.com/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.1.2
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4610)
Hash d14949e0cba838b3a06f5387a250d743
79561f8df67bf352458ed83161d915599bf564f1
f6b49ef2f1f46aedcd466a32f4352bee160efd852c889d5c2c56c64b5ea4d1ff
GET /wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.1.2 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:22:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1902
content-type: application/javascript
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/plugins/gravityforms/css/readyclass.min.css
50.87.170.174200 OK 4.8 kB URL HTTP/2 www.usbfund.com/wp-content/plugins/gravityforms/css/readyclass.min.css
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32180), with no line terminators
Hash 515dae47f763d8a6f3b11653afbda37d
a799058edcf5f09b0f0a967cebf24221c9b6dac1
d01cc59df8ac768ae1ac4b8d4d4ad1e3d2f3c103502dc41d867c77cf81968b9a
GET /wp-content/plugins/gravityforms/css/readyclass.min.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:22:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 4754
content-type: text/css
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.1.2
50.87.170.174200 OK 10 kB URL HTTP/2 www.usbfund.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.1.2
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (26634), with no line terminators
Hash 7dffcabbe2b1130c369887eb54102ed9
b9dffc3bfb0f528a3d7dc4c134699b9acf7f4e12
7c4ae2c88ccec8465f71e166cc7393ac7dabc7aeebe56b8fc54737143936f032
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.1.2 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:22:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 10306
content-type: application/javascript
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/plugins/gravityforms/css/browsers.min.css
50.87.170.174200 OK 1.5 kB URL HTTP/2 www.usbfund.com/wp-content/plugins/gravityforms/css/browsers.min.css
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7331), with no line terminators
Hash 0ddc7bbf7f229432e2e210bd8f9e5740
611f9e4882bafc903a755244a04aa93180217638
5c66fc4715630392c576310b7cba589aab7e49193ff06892c14293b0d88f960d
GET /wp-content/plugins/gravityforms/css/browsers.min.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:22:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1487
content-type: text/css
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/?display_custom_css=css&ver=6.0.3
50.87.170.174200 OK 541 B URL HTTP/2 www.usbfund.com/?display_custom_css=css&ver=6.0.3
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 0e67503cdf8a23b7d3aaff6f35c76b72
63edc0c8bf04ceec8dc3c8c44bd129b89adeb61a
d765ab66c61ec9c967f9f2e4b649326eb28a6f8dfb0fe064b4ed1cf9af1f18b6
GET /?display_custom_css=css&ver=6.0.3 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 541
content-type: text/css;charset=UTF-8
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/plugins/gravityforms/css/formsmain.min.css
50.87.170.174200 OK 16 kB URL HTTP/2 www.usbfund.com/wp-content/plugins/gravityforms/css/formsmain.min.css
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3098a2303c595bbea6e1953596c448ca
e65d9eaf562a3492b9a8fe4ae260f0fe11d7161e
ea687f84a351aec9f313118b5d6af2e7f32477c43aa17742f31a67d25c58dece
GET /wp-content/plugins/gravityforms/css/formsmain.min.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:22:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 16397
content-type: text/css
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/js/tracking.min.js?ver=2.1.6.1
50.87.170.174200 OK 1.3 kB URL HTTP/2 www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/js/tracking.min.js?ver=2.1.6.1
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2972), with no line terminators
Hash da0e82022a32e0c42e125fe915cf9955
1c583a11b9e444a26cfd1443d3dade9c6f9e996a
e205081b6febab912d75f2aa70bc3ae2af58bb7d2b1e44927f17cb7631374ff0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/AffiliateWP-master/assets/js/tracking.min.js?ver=2.1.6.1 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:24:33 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1315
content-type: application/javascript
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/featured-logo-06.png
50.87.170.174200 OK 2.7 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/featured-logo-06.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 175 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash b7b5570d5d29fd453a5e65063849fcb1
b07b87612c74febb32961e10ed154dc2efdf19cb
886d709e142c957b0d93269a57fccc13800907c8ab90acc1f18c8bec259d3992
GET /wp-content/uploads/featured-logo-06.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:14:38 GMT
accept-ranges: bytes
content-length: 2693
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/norton-secured.png
50.87.170.174200 OK 3.0 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/norton-secured.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 180 x 75, 8-bit colormap, non-interlaced\012- data
Hash 7d05b62893199c911ab6f798ec8127d2
e7dc7368c55a2fbccb17a82c1a25de39cea2907d
0b691c8e6d1b07ce3e066744ccfbf643d61f013ce51503b0a3ceb7a356562ed6
GET /wp-content/uploads/norton-secured.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:14:45 GMT
accept-ranges: bytes
content-length: 3017
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/featured-logo-03.png
50.87.170.174200 OK 3.8 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/featured-logo-03.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 83 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash ea461093328a47d28ed34df6be0ad850
5fad4dd9e9daea5b1cac739624cbd673c20fe7c2
37ea654d17c80dfb22d0ad091907b6d4009c76c4671728321fd51376a8df7cce
GET /wp-content/uploads/featured-logo-03.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:15:13 GMT
accept-ranges: bytes
content-length: 3840
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/featured-logo-02.png
50.87.170.174200 OK 5.8 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/featured-logo-02.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 93 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash d2bfb41e522705be8e4a48895b996bca
df2507b75f1c0362bd168ea7ecf829f11469a926
968570479e59e9ff339d5c1d25e4c15011f8cb5ad243776b8cf62f51d28b0903
GET /wp-content/uploads/featured-logo-02.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:13:58 GMT
accept-ranges: bytes
content-length: 5795
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/featured-logo-04.png
50.87.170.174200 OK 5.8 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/featured-logo-04.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 123 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash e94a0244f1a51d7565de08744375bd07
dde753e74a85c5f094dda6661ada486fdae50422
47bff975ef1626c064613532b237bd114911cdc835effdccb0d124c1432c17b2
GET /wp-content/uploads/featured-logo-04.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:15:18 GMT
accept-ranges: bytes
content-length: 5757
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
50.87.170.174200 OK 5.3 kB URL HTTP/2 www.usbfund.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 17 Aug 2022 11:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 5321
content-type: application/javascript
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 41a957a58a349d749d5580218f20dd27
c9f2b017749e811ff1a25498774c6b4dfebdcac3
119ed3f7d25eced8c981e0a221a1f182b598684a085141c3b8a7b07da2120376
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2648
Cache-Control: max-age=99130
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:22 GMT
Etag: "63930e7d-118"
Expires: Sun, 11 Dec 2022 11:15:32 GMT
Last-Modified: Fri, 09 Dec 2022 10:31:25 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280
www.usbfund.com/wp-content/uploads/featured-logo-01.png
50.87.170.174200 OK 472 B URL HTTP/2 www.usbfund.com/wp-content/uploads/featured-logo-01.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
GET /wp-content/uploads/featured-logo-01.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:14:38 GMT
accept-ranges: bytes
content-length: 3311
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:34:15 GMT
expires: Thu, 07 Dec 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 216547
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.usbfund.com/wp-content/themes/usb/js/plugins.js
50.87.170.174200 OK 49 kB URL HTTP/2 www.usbfund.com/wp-content/themes/usb/js/plugins.js
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 67255fa6c47742c17a9252faa631471a
2c2e429f7d0b9129a560747b7e749510f5c52b04
8db95abdd8146f66b72e707223f4fbc0df7a59a8d6103e36dafae32764f7b312
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/usb/js/plugins.js HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:35:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: application/javascript
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
js.hs-scripts.com/5627136.js
104.17.214.204200 OK 16 kB URL HTTP/2 js.hs-scripts.com/5627136.js
IP 104.17.214.204:0
File type ASCII text, with very long lines (502)
Hash 0a43212c91fd3089ffa1074251a721f2
77ca2b787663617323dc9b4b8bfa24ba4d589597
779293a0c3be70b548758ef181b5f9be37f5db49739041eef211ceaf2372eda7
GET /5627136.js HTTP/1.1
Host: js.hs-scripts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:43:21 GMT
content-type: application/javascript;charset=utf-8
x-trace: 2B5B2BBFDC8C148150C2B8F579C601AA522A0E2CAC000000000000000000
cache-control: public, max-age=60
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 55962ddd-e1a4-4ab9-a2d0-513e7a1a0acd
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-origin: https://www.usbfund.com
last-modified: Sat, 10 Dec 2022 02:15:31 GMT
cf-cache-status: EXPIRED
expires: Sat, 10 Dec 2022 07:44:21 GMT
server: cloudflare
cf-ray: 7774596019ad1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:13 GMT
expires: Sat, 09 Dec 2023 13:33:13 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 65409
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Hash b20371a6daf29d4a1f2e85dbbf40fb20
0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:42:34 GMT
expires: Thu, 07 Dec 2023 19:42:34 GMT
cache-control: public, max-age=31536000
age: 216048
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data
Hash d7b0b953a50fddaa88089b5b787cf719
2f85bc568b27659a3d6452f58f9fd7678450326d
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 22:14:50 GMT
expires: Wed, 06 Dec 2023 22:14:50 GMT
cache-control: public, max-age=31536000
age: 293312
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:54 GMT
expires: Thu, 07 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 216568
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
d.impactradius-event.com/A870624-b043-4b58-adb6-a8c4d22ccc5b1.js
35.186.249.72200 OK 13 kB URL HTTP/2 d.impactradius-event.com/A870624-b043-4b58-adb6-a8c4d22ccc5b1.js
IP 35.186.249.72:0
File type C source, ASCII text, with very long lines (40914), with no line terminators
Hash 833e9c2431f16a9e4e590d8c18a01169
d932b0dc73f5dbe2f30c5991fbc95d598a7d6855
ba6dea3209c3bf545ed7db2f134ab8d241599d778988697a345124a4aa8d491a
GET /A870624-b043-4b58-adb6-a8c4d22ccc5b1.js HTTP/1.1
Host: d.impactradius-event.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtegIbx621zZFUifqWIOAO4woTZm048W7Efa4ffgp61kdUD2KKeQMlInU9acS3iaKUFjgLb9-K8-mNenT4w9gT3gw
date: Sat, 10 Dec 2022 07:43:21 GMT
cache-control: public,max-age=900,s-maxage=300
expires: Sat, 10 Dec 2022 07:48:21 GMT
last-modified: Tue, 18 Feb 2020 03:47:29 GMT
etag: "833e9c2431f16a9e4e590d8c18a01169"
x-goog-generation: 1581997649126919
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 12876
content-type: text/javascript; charset=utf-8
content-encoding: gzip
x-goog-hash: crc32c=PZt+Nw==, md5=gz6cJDHxap5OWQ2MGKARaQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 12876
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 611 B IP 142.250.74.131:0
File type gzip compressed data, max speed, from Unix\012- data
Hash 67c8ae572956effe9c692836b9b0a7fc
8068d19da628ddb04a5e2dcc7cf73d5c29215197
ca7ccc3a15d58ac6ad73385053e2adc8eb2a6edc38fb81a89787a2e197586978
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.usbfund.com/wp-content/uploads/icon-arrow-down-white.png
50.87.170.174200 OK 172 B URL HTTP/2 www.usbfund.com/wp-content/uploads/icon-arrow-down-white.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 14 x 14, 8-bit gray+alpha, non-interlaced\012- data
Hash 26d3bceaf73fad28fb322b6646860f78
1b70241f618df47a01729534d376a57c57bd8c07
0077bc52b60eb51d8785f3aa812a2cdcce59acd3a0b70a801b82c563787e1a7c
GET /wp-content/uploads/icon-arrow-down-white.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: _gcl_au=1.1.68862486.1670658201; __ss=1670658200620; __ss_referrer=https%3A//www.usbfund.com/free-quote/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind; _ga_YYEX7W0G95=GS1.1.1670658200.1.0.1670658200.0.0.0; _ga=GA1.1.311636050.1670658201; wc_visitor=100980-b3f861b7-3e9f-b4bf-d83e-13c0abb2cfdf; wc_client=bayengage+..+campaign-email+..+4-cash-flow-management-tips-that-will-blow-your-mind+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind+..+100980-b3f861b7-3e9f-b4bf-d83e-13c0abb2cfdf+..+; wc_client_current=bayengage+..+campaign-email+..+4-cash-flow-management-tips-that-will-blow-your-mind+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind+..+100980-b3f861b7-3e9f-b4bf-d83e-13c0abb2cfdf+..+
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:15:12 GMT
accept-ranges: bytes
content-length: 172
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Sat, 10 Dec 2022 07:43:22 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/bg-section-header.png
50.87.170.174200 OK 22 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/bg-section-header.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1920 x 149, 8-bit colormap, non-interlaced\012- data
Hash 65b13235e26653c77b0ed328dfdb8dc2
2dcc21d12b909058345b01f087062f6b59f4f05c
acba6ce2f083bf3e78176be5f1c68dfbeb67e609472b4f8c034ba8676d0995b2
GET /wp-content/uploads/bg-section-header.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: _gcl_au=1.1.68862486.1670658201; __ss=1670658200620; __ss_referrer=https%3A//www.usbfund.com/free-quote/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind; _ga_YYEX7W0G95=GS1.1.1670658200.1.0.1670658200.0.0.0; _ga=GA1.1.311636050.1670658201; wc_visitor=100980-b3f861b7-3e9f-b4bf-d83e-13c0abb2cfdf; wc_client=bayengage+..+campaign-email+..+4-cash-flow-management-tips-that-will-blow-your-mind+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind+..+100980-b3f861b7-3e9f-b4bf-d83e-13c0abb2cfdf+..+; wc_client_current=bayengage+..+campaign-email+..+4-cash-flow-management-tips-that-will-blow-your-mind+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind+..+100980-b3f861b7-3e9f-b4bf-d83e-13c0abb2cfdf+..+
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:14:58 GMT
accept-ranges: bytes
content-length: 22531
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Sat, 10 Dec 2022 07:43:22 GMT
server: Apache
X-Firefox-Spdy: h2
shield.sitelock.com/shield/usbfund.com
45.60.14.54200 OK 10 kB URL HTTP/1.1 shield.sitelock.com/shield/usbfund.com
IP 45.60.14.54:0
File type PNG image data, 117 x 67, 8-bit/color RGBA, non-interlaced\012- data
Hash bf3d28af123bd1079a66c44804a253d2
422fa95a6dea483a2ff08573fe5a0e92c2071b06
51740da11778ce1387c58f3c88214dc1cc9752e53ea4a3a6295138916f353e37
GET /shield/usbfund.com HTTP/1.1
Host: shield.sitelock.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png; charset=ISO-8859-1
Content-Length: 10389
Date: Sat, 10 Dec 2022 07:43:22 GMT
Server: lighttpd
Set-Cookie: nlbi_275317=wuPWG12QqW1P6wDsmBeFbAAAAAAEAmN1pYdJrbJERp4PizmE; path=/; Domain=.sitelock.com
visid_incap_275317=whomPWldTPqyRZ41CxkXK5k4lGMAAAAAQUIPAAAAAAAfyGiSYACamCAFdKVvU22n; expires=Sat, 09 Dec 2023 22:33:45 GMT; HttpOnly; path=/; Domain=.sitelock.com
incap_ses_721_275317=CvkkAcDhyzHeOQ7084EBCpk4lGMAAAAA9Isl489LI5Iei3JO5MjRwA==; path=/; Domain=.sitelock.com
X-CDN: Imperva
X-Iinfo: 13-79104098-79103680 2NNN RT(1670658201083 74) q(0 0 0 0) r(5 5)
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 641dd08110cd22c6000a060226f2b374
9bf3cfedbae68eb77e484780c5a9ac5693567194
6bdd6387148149a1e35b1222854c09f524b5773210e7a4ecb7df2d2d369dfe20
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 07:43:22 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 23:46:42 GMT
Expires: Wed, 14 Dec 2022 23:46:41 GMT
Etag: "9bf3cfedbae68eb77e484780c5a9ac5693567194"
Cache-Control: max-age=402798,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77745963be830b61-OSL
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1a455a4563a6877d0d26dc8c267012ed
86c043a097534e2c9457b04d115fdfba6523aa2c
0997f9e6bb11ac968d20bb84d8275b60b2eec0ecf59b52775b16fac7245af2bd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2036
Cache-Control: max-age=92711
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:22 GMT
Etag: "6392f7cd-118"
Expires: Sun, 11 Dec 2022 09:28:33 GMT
Last-Modified: Fri, 09 Dec 2022 08:54:37 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 03fb7985d1836a45bd6cb58e7c45719e
621f0a9daee0bdc1d97b141fd751be5ad371297f
5db7dcfd04f965bdefc9e689a3c1bf882226514bdeeb2fcaf6d47b2bed8ee95b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5977
Cache-Control: max-age=137359
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:22 GMT
Etag: "639396d0-116"
Expires: Sun, 11 Dec 2022 21:52:41 GMT
Last-Modified: Fri, 09 Dec 2022 20:13:04 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 72e2c0e9fed5712d7720da78bbcbedb7
2901aaa3045805c666732d34e35693dced72e24f
220cd6defa730f7c86071e66994f6a5ce3ddc0ce6002d6ddbd5647d65a6c9474
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3377
Cache-Control: max-age=172217
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:22 GMT
Etag: "63942922-117"
Expires: Mon, 12 Dec 2022 07:33:39 GMT
Last-Modified: Sat, 10 Dec 2022 06:37:22 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1a455a4563a6877d0d26dc8c267012ed
86c043a097534e2c9457b04d115fdfba6523aa2c
0997f9e6bb11ac968d20bb84d8275b60b2eec0ecf59b52775b16fac7245af2bd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2036
Cache-Control: max-age=92711
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:22 GMT
Etag: "6392f7cd-118"
Expires: Sun, 11 Dec 2022 09:28:33 GMT
Last-Modified: Fri, 09 Dec 2022 08:54:37 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 3fe5fa457db455b03769ec4ad7210220
20d28fadf4cf9fe0ad2345d5fcac809896f1adf9
f2cf20e3aeb67da193372b299ec1dbbaf32b5343ab56bfa6c3c7042236a8078a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3962
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:22 GMT
Last-Modified: Sat, 10 Dec 2022 06:37:20 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280
www.usbfund.com/wp-content/uploads/icon-arrow-down-black.png
50.87.170.174200 OK 195 B URL HTTP/2 www.usbfund.com/wp-content/uploads/icon-arrow-down-black.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 14 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash f984736b4b9dfe03bb8831a718c6a238
d95304fa5fed6fdf9020c21ece2b7e35aec4808c
4944824b4a23581a4660857551680fffd806f6fa42e3d9414fb1529ba78651b9
GET /wp-content/uploads/icon-arrow-down-black.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: _gcl_au=1.1.68862486.1670658201; __ss=1670658200620; __ss_referrer=https%3A//www.usbfund.com/free-quote/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind; _ga_YYEX7W0G95=GS1.1.1670658200.1.0.1670658200.0.0.0; _ga=GA1.1.311636050.1670658201; wc_visitor=100980-b3f861b7-3e9f-b4bf-d83e-13c0abb2cfdf; wc_client=bayengage+..+campaign-email+..+4-cash-flow-management-tips-that-will-blow-your-mind+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind+..+100980-b3f861b7-3e9f-b4bf-d83e-13c0abb2cfdf+..+; wc_client_current=bayengage+..+campaign-email+..+4-cash-flow-management-tips-that-will-blow-your-mind+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind+..+100980-b3f861b7-3e9f-b4bf-d83e-13c0abb2cfdf+..+
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:15:09 GMT
accept-ranges: bytes
content-length: 195
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Sat, 10 Dec 2022 07:43:22 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 3fe5fa457db455b03769ec4ad7210220
20d28fadf4cf9fe0ad2345d5fcac809896f1adf9
f2cf20e3aeb67da193372b299ec1dbbaf32b5343ab56bfa6c3c7042236a8078a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3962
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:22 GMT
Last-Modified: Sat, 10 Dec 2022 06:37:20 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280
process.iconnode.com/google-ads/
76.223.116.242200 OK 0 B URL HTTP/2 process.iconnode.com/google-ads/
IP 76.223.116.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /google-ads/ HTTP/1.1
Host: process.iconnode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:43:22 GMT
content-type: text/html; charset=UTF-8
content-length: 0
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://www.usbfund.com
access-control-allow-credentials: true
access-control-max-age: 86400
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-YYEX7W0G95>m=2oebu0&_p=490680012&cid=311636050.1670658201&ul=en-us&sr=1280x1024&_s=1&sid=1670658200&sct=1&seg=0&dl=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&dt=Free%20Quote%20-%20US%20Business%20Funding&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debud_mode=false
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-YYEX7W0G95>m=2oebu0&_p=490680012&cid=311636050.1670658201&ul=en-us&sr=1280x1024&_s=1&sid=1670658200&sct=1&seg=0&dl=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&dt=Free%20Quote%20-%20US%20Business%20Funding&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debud_mode=false
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-YYEX7W0G95>m=2oebu0&_p=490680012&cid=311636050.1670658201&ul=en-us&sr=1280x1024&_s=1&sid=1670658200&sct=1&seg=0&dl=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&dt=Free%20Quote%20-%20US%20Business%20Funding&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debud_mode=false HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.usbfund.com
date: Sat, 10 Dec 2022 07:43:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/USBusinessFunding-Home1.png
50.87.170.174200 OK 944 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/USBusinessFunding-Home1.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1696 x 1131, 8-bit colormap, non-interlaced\012- data
Size 944 kB (944072 bytes)
Hash b4b6bd078ef229456fc9d5b22d31ca0e
51cb87382bfb8b0029df296adb021229ad4cf6da
870b85b6771aeb0fc9c84c444ca24919dd6f71e4b34a6bb97003a0a4f34bdfd3
GET /wp-content/uploads/USBusinessFunding-Home1.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: _gcl_au=1.1.68862486.1670658201; __ss=1670658200620; __ss_referrer=https%3A//www.usbfund.com/free-quote/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind; _ga_YYEX7W0G95=GS1.1.1670658200.1.0.1670658200.0.0.0; _ga=GA1.1.311636050.1670658201; wc_visitor=100980-b3f861b7-3e9f-b4bf-d83e-13c0abb2cfdf; wc_client=bayengage+..+campaign-email+..+4-cash-flow-management-tips-that-will-blow-your-mind+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind+..+100980-b3f861b7-3e9f-b4bf-d83e-13c0abb2cfdf+..+; wc_client_current=bayengage+..+campaign-email+..+4-cash-flow-management-tips-that-will-blow-your-mind+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind+..+100980-b3f861b7-3e9f-b4bf-d83e-13c0abb2cfdf+..+
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:14:13 GMT
accept-ranges: bytes
content-length: 944072
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Sat, 10 Dec 2022 07:43:22 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/fonts/socicon.woff
50.87.170.174200 OK 31 kB URL HTTP/2 www.usbfund.com/fonts/socicon.woff
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 31444, version 1.0\012- data
Hash dcbd1f9c4275862f002f21619e96b8f4
a97cd865925e5102ae7c25aa5dd09112ccf50651
a680b776319127695950fd7c490b17cd15120d683bde57845707a2f7dc0f1a74
Analyzer Verdict Alert fortinet Malware
GET /fonts/socicon.woff HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: _gcl_au=1.1.68862486.1670658201; __ss=1670658200620; __ss_referrer=https%3A//www.usbfund.com/free-quote/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind; _ga_YYEX7W0G95=GS1.1.1670658200.1.0.1670658200.0.0.0; _ga=GA1.1.311636050.1670658201; wc_visitor=100980-b3f861b7-3e9f-b4bf-d83e-13c0abb2cfdf; wc_client=bayengage+..+campaign-email+..+4-cash-flow-management-tips-that-will-blow-your-mind+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind+..+100980-b3f861b7-3e9f-b4bf-d83e-13c0abb2cfdf+..+; wc_client_current=bayengage+..+campaign-email+..+4-cash-flow-management-tips-that-will-blow-your-mind+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind+..+100980-b3f861b7-3e9f-b4bf-d83e-13c0abb2cfdf+..+
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 Sep 2019 21:47:06 GMT
accept-ranges: bytes
content-length: 31444
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: font/woff
date: Sat, 10 Dec 2022 07:43:22 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/themes/usb/images/currency-dollar.png
50.87.170.174200 OK 3.1 kB URL HTTP/2 www.usbfund.com/wp-content/themes/usb/images/currency-dollar.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash b1473fe5280b8aae309e98e8ca1a8232
c4e9ba291adbfc8ab86eecec326bcdd608166903
1c4180542bb8cc16485b766aa5259c8f7a181572a9d4d4a83b490525b4b1c6ef
GET /wp-content/themes/usb/images/currency-dollar.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: _gcl_au=1.1.68862486.1670658201; __ss=1670658200620; __ss_referrer=https%3A//www.usbfund.com/free-quote/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind; _ga_YYEX7W0G95=GS1.1.1670658200.1.0.1670658200.0.0.0; _ga=GA1.1.311636050.1670658201; wc_visitor=100980-b3f861b7-3e9f-b4bf-d83e-13c0abb2cfdf; wc_client=bayengage+..+campaign-email+..+4-cash-flow-management-tips-that-will-blow-your-mind+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind+..+100980-b3f861b7-3e9f-b4bf-d83e-13c0abb2cfdf+..+; wc_client_current=bayengage+..+campaign-email+..+4-cash-flow-management-tips-that-will-blow-your-mind+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind+..+100980-b3f861b7-3e9f-b4bf-d83e-13c0abb2cfdf+..+; __ss_tk=202212%7C63943899ce9c25613938325e; IR_gbd=usbfund.com; IR_7486=1670658201063%7C0%7C1670658201063%7C%7C; soundestID=20221210074321-ISybwn4Gejp6lGBF6NP5hkdUKv5izXLr184Eo8Oh3G4znYuoP; omnisendAnonymousID=oBzTSoAh95ZKbk-20221210074321; omnisendSessionID=rSxfBJypZyiOTA-20221210074321
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:36:10 GMT
accept-ranges: bytes
content-length: 3121
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Sat, 10 Dec 2022 07:43:22 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 01b5629d8f2456137a52d32d82950378
c0dd9fd456fae4df916266d93dbb880c0454304d
882c86ce227767d318641d150d8d4e950e044c83fb7a2f66d576b604e3206cc5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "882C86CE227767D318641D150D8D4E950E044C83FB7A2F66D576B604E3206CC5"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18601
Expires: Sat, 10 Dec 2022 12:53:23 GMT
Date: Sat, 10 Dec 2022 07:43:22 GMT
Connection: keep-alive
process.iconnode.com/keyword/
76.223.116.242200 OK 37 B URL HTTP/2 process.iconnode.com/keyword/
IP 76.223.116.242:0
File type ASCII text, with no line terminators
Hash 47d237a9ed20cca7882969e1f7cabaad
b036919d16d1ffdce3bf3673d49edb255d5983e6
ac783c5fa4807f599b392fc3774e82e8fe8f33998e17f3f523a1c1358fd659c5
POST /keyword/ HTTP/1.1
Host: process.iconnode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 1023
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:43:22 GMT
content-type: text/html; charset=UTF-8
content-length: 37
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://www.usbfund.com
access-control-allow-credentials: true
access-control-max-age: 86400
X-Firefox-Spdy: h2
tag.getdrip.com/9726461.js
143.204.55.93200 OK 8 B URL HTTP/2 tag.getdrip.com/9726461.js
IP 143.204.55.93:0
File type ASCII text, with no line terminators
Hash de2e1607e500ee465eca3ec4505c0859
cfd432c8178796a4af548a7ed62f09bdf5fbb897
295bdad3ed86f4eeb0249f30e724344ec7be85582094013a85403ecbb77a0047
GET /9726461.js HTTP/1.1
Host: tag.getdrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 8
last-modified: Fri, 20 May 2022 20:08:53 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 10 Dec 2022 07:43:23 GMT
etag: "de2e1607e500ee465eca3ec4505c0859"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wPdPuSZUBNVCS-SBOnehtMthrPQPoLMPHQfiVFxbUs_T7R14kIhSaw==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 21c290dbfb25c41b16d5f4b173510852
f4c00a3bc9676065eb11a97b843336b42f2e8fb3
829d70bad600fde828ec521038fa246b0a92d34d95d63e18650850c942a53683
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2233
Cache-Control: max-age=113469
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:22 GMT
Etag: "6393481e-117"
Expires: Sun, 11 Dec 2022 15:14:31 GMT
Last-Modified: Fri, 09 Dec 2022 14:37:18 GMT
Server: ECS (amb/6B9A)
X-Cache: HIT
Content-Length: 279
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 441bfb76847bd6a1daf09519dd87fd63
3235debe88f57e312dac372bb4454d4ed3092684
2daf744a82546459a750bfb2872c15aa8061be6b66a6d60df0dc0d59a473cbae
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=110151
Date: Sat, 10 Dec 2022 07:43:22 GMT
Etag: "6393387d-1d7"
Expires: Sun, 11 Dec 2022 14:19:13 GMT
Last-Modified: Fri, 09 Dec 2022 13:30:37 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xNUs8jv9yuShjayw12th8jckuUjvyM5q-YBcc1p6f5XpxwXTUdTWtw==
Age: 2916
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 48721c0841cbbc1d063ca47c33f91187
5386100753983fe93b91a4d6f108236d07b501fb
fbf95a309ba8c9173a319624a477fe1272defb5b29dd6b89ffa24e828c13b79a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3894
Cache-Control: max-age=97120
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:22 GMT
Etag: "639301c4-116"
Expires: Sun, 11 Dec 2022 10:42:02 GMT
Last-Modified: Fri, 09 Dec 2022 09:37:08 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 278
omnisnippet1.com/inShop/forms.js?v=2022-12-10T07
104.18.17.174200 OK 30 kB URL HTTP/2 omnisnippet1.com/inShop/forms.js?v=2022-12-10T07
IP 104.18.17.174:0
File type ASCII text, with very long lines (32114)
Hash 7020cfdac6b602c4e9425ad12468e0e2
fc1cd20d39a00b57010008476ad259c8625c5850
bafcb3d2e983e178bc46e867214bfe815900b9ca3490a562f7523482fdf1ae0d
GET /inShop/forms.js?v=2022-12-10T07 HTTP/1.1
Host: omnisnippet1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:43:22 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 07:45:26 GMT
etag: W/"63885b96-2029c"
expires: Sat, 10 Dec 2022 07:51:13 GMT
cache-control: max-age=3600
x-envoy-upstream-service-time: 1
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 2888
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 777459672d470afe-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 441bfb76847bd6a1daf09519dd87fd63
3235debe88f57e312dac372bb4454d4ed3092684
2daf744a82546459a750bfb2872c15aa8061be6b66a6d60df0dc0d59a473cbae
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=111373
Date: Sat, 10 Dec 2022 07:43:22 GMT
Etag: "6393387d-1d7"
Expires: Sun, 11 Dec 2022 14:39:35 GMT
Last-Modified: Fri, 09 Dec 2022 13:30:37 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Zuit1y9puifeYZTgq1MKoYz1U3Wu7qBB3TBvxc6LnjbRG1eX6vpe_A==
Age: 4138
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 441bfb76847bd6a1daf09519dd87fd63
3235debe88f57e312dac372bb4454d4ed3092684
2daf744a82546459a750bfb2872c15aa8061be6b66a6d60df0dc0d59a473cbae
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=111499
Date: Sat, 10 Dec 2022 07:43:22 GMT
Etag: "6393387d-1d7"
Expires: Sun, 11 Dec 2022 14:41:41 GMT
Last-Modified: Fri, 09 Dec 2022 13:30:37 GMT
Server: ECS (nyb/1D1B)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cXpGwtB6_WCvltomz-ImfBft0Xas3OZzrYHCkkUXxTBkBi82nCJCxQ==
Age: 4264
track.sendlane.com/track/event?event_id=xWMCUM2gF97YD&uri=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&cb=gsgq7lknbzmksygbsxtr
23.250.2.183204 No Content 0 B URL HTTP/1.1 track.sendlane.com/track/event?event_id=xWMCUM2gF97YD&uri=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&cb=gsgq7lknbzmksygbsxtr
IP 23.250.2.183:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track/event?event_id=xWMCUM2gF97YD&uri=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&cb=gsgq7lknbzmksygbsxtr HTTP/1.1
Host: track.sendlane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Sat, 10 Dec 2022 07:43:22 GMT
Server: Apache
Cache-Control: no-cache, private, max-age=2592000
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 59
Set-Cookie: track_session=eyJpdiI6ImtScFozeS9uMmI0am4zUklEQnB4RHc9PSIsInZhbHVlIjoiTDFzZ1RHVEF2WmFRUkluTG15QkdiOW1JRUg1WVRHMEd6aUpmRGRVRVBUa3BRZUJoK0FpRWJaR3l2dVdDS1BvUUtuTzNlYW1hclJzdXhIUlJHV2YyYWZndEtOUW9ERWxJOGtLRUFjOG9TekRHZlFBU3NYNCtyMkFzN1VyTFRRZlkiLCJtYWMiOiIxYmVmZjcwN2FjZmI5ZmFlZDkxMTVkNWE1Y2QyNWQzOWM4YjJhMzdlNDg4Y2Y4MzY2NzY3MTE3MGYwN2FhYzg1IiwidGFnIjoiIn0%3D; expires=Sat, 10-Dec-2022 09:43:22 GMT; Max-Age=7200; path=/; domain=sendlane.com; secure; httponly; samesite=lax
Expires: Mon, 09 Jan 2023 07:43:22 GMT
Connection: close
fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700
142.250.74.106200 OK 14 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700
IP 142.250.74.106:0
File type ASCII text, with very long lines (39152)
Hash f758222a72d17ca90b2e9e5258946672
f41ffd1a52755d391b13e66e4ce0098e37dead6b
9fda3a383f8db0b1aadbeb222e84d043eef53927f5da9f63c4df588546c43b5b
GET /css?family=Roboto+Condensed:300,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 10 Dec 2022 07:43:21 GMT
date: Sat, 10 Dec 2022 07:43:21 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
trackcmp.net/t_prism_sitemessages.php?trackid=224499963&prismid=dadbad4e-caba-49f2-b3db-4662f90d87e8&url=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind
104.18.42.105200 OK 0 B URL HTTP/2 trackcmp.net/t_prism_sitemessages.php?trackid=224499963&prismid=dadbad4e-caba-49f2-b3db-4662f90d87e8&url=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind
IP 104.18.42.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t_prism_sitemessages.php?trackid=224499963&prismid=dadbad4e-caba-49f2-b3db-4662f90d87e8&url=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind HTTP/1.1
Host: trackcmp.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:43:22 GMT
content-type: text/javascript;charset=UTF-8
content-length: 0
x-powered-by: PHP/7.1.33
cache-control: no-cache, private
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 777459672ed5b524-OSL
X-Firefox-Spdy: h2
aorta.clickagy.com/pixel.gif?clkgypv=jstag
44.198.6.39302 Found 0 B URL HTTP/2 aorta.clickagy.com/pixel.gif?clkgypv=jstag
IP 44.198.6.39:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel.gif?clkgypv=jstag HTTP/1.1
Host: aorta.clickagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 10 Dec 2022 07:43:22 GMT
content-type: application/json
content-length: 0
location: https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzozYjQ5NjgzYjY4YmU4NjE1NDNhZWVlMDE3MTNmYTUwYw
server: Aorta/20221205.a0953a8c4
x-aorta-host: cd08dd14e4eb
x-aorta-region: us-east-1
access-control-allow-credentials: true
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
access-control-expose-headers: Set-Cookie
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin:
access-control-max-age: 31536000
cache-control: no-cache, no-store, must-revalidate
expect: 0
X-Firefox-Spdy: h2
aorta.clickagy.com/liveramp_redir
44.198.6.39302 Found 0 B URL HTTP/2 aorta.clickagy.com/liveramp_redir
IP 44.198.6.39:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /liveramp_redir HTTP/1.1
Host: aorta.clickagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 10 Dec 2022 07:43:22 GMT
content-type: application/json
content-length: 0
location: https://id.rlcdn.com/711861.gif
server: Aorta/20221205.a0953a8c4
x-aorta-host: 46fd263f7a09
x-aorta-region: us-east-1
access-control-allow-credentials: true
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
access-control-expose-headers: Set-Cookie
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin:
access-control-max-age: 31536000
cache-control: no-cache, no-store, must-revalidate
expect: 0
X-Firefox-Spdy: h2
www.checkbca.org/CompanyWidget.aspx?ID=100094667&WidgetType=1
207.137.0.213301 Moved Permanently 196 B URL HTTP/2 www.checkbca.org/CompanyWidget.aspx?ID=100094667&WidgetType=1
IP 207.137.0.213:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash e4450c4791dadbc8f0fe8409a9b278ec
70f8e597f291a8a247c4f1bbbc4586e300f75723
e350fe60679b3272336147b700171d459374f3a66c6e228673a94ec0d9239b7e
GET /CompanyWidget.aspx?ID=100094667&WidgetType=1 HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
date: Sat, 10 Dec 2022 07:43:22 GMT
content-length: 196
X-Firefox-Spdy: h2
hemsync.clickagy.com/external/hasHashes?clkgypv=jstag&cb=null
3.212.177.218200 OK 28 B URL HTTP/2 hemsync.clickagy.com/external/hasHashes?clkgypv=jstag&cb=null
IP 3.212.177.218:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 830cb026fae1a13104725d2b3100ec10
40188da405f4a93c90f0b5e060e0ccca8e483eba
4d32822dd4fd4e7b58950d7c693e301eaa19b29305077afaebc12852df7f4ee0
GET /external/hasHashes?clkgypv=jstag&cb=null HTTP/1.1
Host: hemsync.clickagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:43:23 GMT
content-type: text/plain; charset=utf-8
content-length: 28
access-control-allow-origin: https://www.usbfund.com
vary: origin
access-control-allow-credentials: true
access-control-expose-headers: content-length, last-modified, expires, content-type
content-encoding: gzip
X-Firefox-Spdy: h2
www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
207.137.0.213200 OK 6.8 kB URL HTTP/2 www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
IP 207.137.0.213:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (604), with CRLF line terminators
Hash d03db36c5aeeacbf930e34bd8ff9f771
1f76bcab8f1f41fd13baac3a86ffc90b716b2486
355894b839b5b287b2d615b01cc01d07a73ce5f97e8b42345085db5de65cec00
GET /companywidget.aspx?ID=100094667&WidgetType=1 HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=drsb35uxexue5e5t0sfrz4yr; path=/; secure; HttpOnly; SameSite=Lax
date: Sat, 10 Dec 2022 07:43:22 GMT
content-length: 6794
X-Firefox-Spdy: h2
serve.albacross.com/track.js
143.204.55.30200 OK 4.1 kB URL HTTP/1.1 serve.albacross.com/track.js
IP 143.204.55.30:0
File type ASCII text, with very long lines (10418)
Hash e062066a14a30b3ed3b72c5b31f21ffe
064e97457f03f59e40134ea46a21ba6e98a90c68
7bc78e48c07227b97701737a2799c978d37ff3f2350b02043ce69464de7399de
GET /track.js HTTP/1.1
Host: serve.albacross.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 08 Apr 2021 13:13:21 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Sat, 10 Dec 2022 07:43:15 GMT
Cache-Control: max-age=120
ETag: W/"b769e9b4f23be6c9bab7c715fdf2526a"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: uskCHPwAuUTznaZoknTX1huhmbCiv02yw_zAfBTmrj9PG1RqkkYdNw==
Age: 12
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 405868529e272bec0ff95e9591b5d8f5
ca24dadd405fcd4aa2867f625da9141db57d2b87
244695fb3522059026d1eba1b9b2cf3d186e8aa8f44976e5630ee5cf289aa8c0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3159
Cache-Control: max-age=143906
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:23 GMT
Etag: "6393bb66-117"
Expires: Sun, 11 Dec 2022 23:41:49 GMT
Last-Modified: Fri, 09 Dec 2022 22:49:10 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.121200 OK 4.6 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.121:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (12961)
Hash c1a25b303b61b25e995516f5559bcdea
3c16a6fa3a2a6dc59d57a9ea1588c4f259884688
2063d2d1415ce9437e9331cb9a798714a5b2e106a65d6dc0ef0d426a5a4c30f2
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 18:52:45 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=84189
date: Sat, 10 Dec 2022 07:43:23 GMT
content-length: 4581
x-cdn: AKAM
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 10 Dec 2022 06:41:08 GMT
expires: Sat, 10 Dec 2022 08:41:08 GMT
cache-control: public, max-age=7200
age: 3735
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
munchkin.marketo.net/munchkin.js
23.53.51.106200 OK 728 B URL HTTP/1.1 munchkin.marketo.net/munchkin.js
IP 23.53.51.106:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (521)
Hash 51a92d8c69733d719447dea0416ed039
69f4c1e0b7ebba812bc096708d57627927dff265
cb483c0ea4012ac512bcba6204b37622b388c1aefd4ae9028f60abb965f23d29
GET /munchkin.js HTTP/1.1
Host: munchkin.marketo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "92b41a298690c047b0c4602dd843cba4:1662686319.691662"
Last-Modified: Fri, 09 Sep 2022 01:18:39 GMT
Server: AkamaiNetStorage
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 10 Dec 2022 07:43:23 GMT
Content-Length: 728
Connection: keep-alive
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.3200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.3:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 13:40:02 GMT
expires: Thu, 07 Dec 2023 13:40:02 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 237801
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8105b33e4e3af998e9d016e156205c22
dfa2f5cecd72be8ec63d5f833b82cd993a5ce8b9
4a682a72e5d599d48706927cbc0852df5ac36dbb57747681cc2ee91c719c7ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/collect?v=1&_v=j98&a=490680012&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&ul=en-us&de=UTF-8&dt=Free%20Quote%20-%20US%20Business%20Funding&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&ec=Forms&ea=Form%20Entry&el=Value%3A--Options%3A&_u=YADAAEABAAAAACAEK~&jid=&gjid=&cid=311636050.1670658201&tid=UA-237731194-1&_gid=762305042.1670658202>m=2wgbu0NW5DZCL&cd18=eafb8222-c35a-4200-a8b0-812dd87b870a&cd19=GTM%20ID%2FGTM-NW5DZCL--GTM%20Version%2F9&cd20=2022-12-10T07%3A43%3A20.547%2B00%3A00&cd17=311636050.1670658201&cd14=event&z=246473671
142.250.74.110200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j98&a=490680012&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&ul=en-us&de=UTF-8&dt=Free%20Quote%20-%20US%20Business%20Funding&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&ec=Forms&ea=Form%20Entry&el=Value%3A--Options%3A&_u=YADAAEABAAAAACAEK~&jid=&gjid=&cid=311636050.1670658201&tid=UA-237731194-1&_gid=762305042.1670658202>m=2wgbu0NW5DZCL&cd18=eafb8222-c35a-4200-a8b0-812dd87b870a&cd19=GTM%20ID%2FGTM-NW5DZCL--GTM%20Version%2F9&cd20=2022-12-10T07%3A43%3A20.547%2B00%3A00&cd17=311636050.1670658201&cd14=event&z=246473671
IP 142.250.74.110:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&_v=j98&a=490680012&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&ul=en-us&de=UTF-8&dt=Free%20Quote%20-%20US%20Business%20Funding&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&ec=Forms&ea=Form%20Entry&el=Value%3A--Options%3A&_u=YADAAEABAAAAACAEK~&jid=&gjid=&cid=311636050.1670658201&tid=UA-237731194-1&_gid=762305042.1670658202>m=2wgbu0NW5DZCL&cd18=eafb8222-c35a-4200-a8b0-812dd87b870a&cd19=GTM%20ID%2FGTM-NW5DZCL--GTM%20Version%2F9&cd20=2022-12-10T07%3A43%3A20.547%2B00%3A00&cd17=311636050.1670658201&cd14=event&z=246473671 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Fri, 09 Dec 2022 21:32:11 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 36672
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=490680012&t=pageview&_s=1&dl=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&ul=en-us&de=UTF-8&dt=Free%20Quote%20-%20US%20Business%20Funding&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAEABAAAAACAEK~&jid=26271884&gjid=1230669085&cid=311636050.1670658201&tid=UA-237731194-1&_gid=762305042.1670658202&_r=1>m=2wgbu0NW5DZCL&cd18=f21343f9-be23-4eb1-abae-fc09b2d97db7&cd19=GTM%20ID%2FGTM-NW5DZCL--GTM%20Version%2F9&cd20=2022-12-10T07%3A43%3A20.544%2B00%3A00&cd17=311636050.1670658201&cd14=pageview&z=288732404
142.250.74.110200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=490680012&t=pageview&_s=1&dl=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&ul=en-us&de=UTF-8&dt=Free%20Quote%20-%20US%20Business%20Funding&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAEABAAAAACAEK~&jid=26271884&gjid=1230669085&cid=311636050.1670658201&tid=UA-237731194-1&_gid=762305042.1670658202&_r=1>m=2wgbu0NW5DZCL&cd18=f21343f9-be23-4eb1-abae-fc09b2d97db7&cd19=GTM%20ID%2FGTM-NW5DZCL--GTM%20Version%2F9&cd20=2022-12-10T07%3A43%3A20.544%2B00%3A00&cd17=311636050.1670658201&cd14=pageview&z=288732404
IP 142.250.74.110:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=490680012&t=pageview&_s=1&dl=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&ul=en-us&de=UTF-8&dt=Free%20Quote%20-%20US%20Business%20Funding&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAEABAAAAACAEK~&jid=26271884&gjid=1230669085&cid=311636050.1670658201&tid=UA-237731194-1&_gid=762305042.1670658202&_r=1>m=2wgbu0NW5DZCL&cd18=f21343f9-be23-4eb1-abae-fc09b2d97db7&cd19=GTM%20ID%2FGTM-NW5DZCL--GTM%20Version%2F9&cd20=2022-12-10T07%3A43%3A20.544%2B00%3A00&cd17=311636050.1670658201&cd14=pageview&z=288732404 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.usbfund.com
date: Sat, 10 Dec 2022 07:43:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=490680012&t=pageview&_s=1&dl=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&ul=en-us&de=UTF-8&dt=Free%20Quote%20-%20US%20Business%20Funding&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAACAEK~&jid=394702374&gjid=1503622739&cid=311636050.1670658201&tid=UA-210860007-1&_gid=762305042.1670658202&_r=1>m=2oubu0&z=2077998246
142.250.74.110200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=490680012&t=pageview&_s=1&dl=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&ul=en-us&de=UTF-8&dt=Free%20Quote%20-%20US%20Business%20Funding&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAACAEK~&jid=394702374&gjid=1503622739&cid=311636050.1670658201&tid=UA-210860007-1&_gid=762305042.1670658202&_r=1>m=2oubu0&z=2077998246
IP 142.250.74.110:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=490680012&t=pageview&_s=1&dl=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&ul=en-us&de=UTF-8&dt=Free%20Quote%20-%20US%20Business%20Funding&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAACAEK~&jid=394702374&gjid=1503622739&cid=311636050.1670658201&tid=UA-210860007-1&_gid=762305042.1670658202&_r=1>m=2oubu0&z=2077998246 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.usbfund.com
date: Sat, 10 Dec 2022 07:43:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
munchkin.marketo.net/162/munchkin.js
23.53.51.106200 OK 4.7 kB URL HTTP/1.1 munchkin.marketo.net/162/munchkin.js
IP 23.53.51.106:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (606)
Hash 3e9baed982956735f6e0a0e756d97ed9
9223be6a494a10959101a7942419df7b05b84d73
930a508ed0ea6b4861d19c0738360182514010913c4ebfe9352064ae5006f8a1
GET /162/munchkin.js HTTP/1.1
Host: munchkin.marketo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "75daf56f6191efe42577301908659c29:1656637152.894482"
Last-Modified: Fri, 01 Jul 2022 00:59:12 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=8640000
Expires: Mon, 20 Mar 2023 07:43:23 GMT
Date: Sat, 10 Dec 2022 07:43:23 GMT
Content-Length: 4677
Connection: keep-alive
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 6fdb9b8e1963d5f13d91db22e9294f97
f808d36103005c224eb6f7e4543d30271d2957b0
7ca8f99e7a6c7664a782af94d7b833d3a6374601a8a3a5cd382726d5d7fa3030
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 07:43:23 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 13:42:55 GMT
Expires: Wed, 14 Dec 2022 13:42:54 GMT
Etag: "f808d36103005c224eb6f7e4543d30271d2957b0"
Cache-Control: max-age=366570,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7774596aaa920b61-OSL
tag.simpli.fi/sifitag/7c49dfc0-b0ef-0139-b544-06a60fe5fe77
34.90.223.176200 OK 3.1 kB URL HTTP/2 tag.simpli.fi/sifitag/7c49dfc0-b0ef-0139-b544-06a60fe5fe77
IP 34.90.223.176:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (3100)
Hash 3f39bd6aa96de4bb5bd9275b06354981
14f61e1cbeb536266027c98d8f48cc3211f1a2b2
4f8cbfd5c952dcec41e51c8cdf551acc7acf44e7e4d51ab90be179a503fb4b00
GET /sifitag/7c49dfc0-b0ef-0139-b544-06a60fe5fe77 HTTP/1.1
Host: tag.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:43:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 3101
set-cookie: suid=03B3965C3D654D76AE8D1CD994F81B78; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; SameSite=none; Secure;
suid_legacy=03B3965C3D654D76AE8D1CD994F81B78; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; Secure;
x-request-id: Fy9eyM7CHaBDAVQClrCB
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache, no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzozYjQ5NjgzYjY4YmU4NjE1NDNhZWVlMDE3MTNmYTUwYw
142.250.74.98302 Found 357 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzozYjQ5NjgzYjY4YmU4NjE1NDNhZWVlMDE3MTNmYTUwYw
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash bc322d093c370839097f9df9f81a670e
8d13c22098d746b540209ebba67ab40f9ba8c9f9
c50375f48b204af3f442f1feb19dab0a99ff661a1a4c97cebc1a8455bc37c7f0
GET /pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzozYjQ5NjgzYjY4YmU4NjE1NDNhZWVlMDE3MTNmYTUwYw HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc=&google_cm=&google_hm=YzozYjQ5NjgzYjY4YmU4NjE1NDNhZWVlMDE3MTNmYTUwYw&google_tc=
date: Sat, 10 Dec 2022 07:43:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 357
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 10-Dec-2022 07:58:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tag.simpli.fi/sifitag/86f38cc0-b0ef-0139-8e82-06b4c2516bae
34.90.223.176200 OK 3.1 kB URL HTTP/2 tag.simpli.fi/sifitag/86f38cc0-b0ef-0139-8e82-06b4c2516bae
IP 34.90.223.176:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (3100)
Hash 3f39bd6aa96de4bb5bd9275b06354981
14f61e1cbeb536266027c98d8f48cc3211f1a2b2
4f8cbfd5c952dcec41e51c8cdf551acc7acf44e7e4d51ab90be179a503fb4b00
GET /sifitag/86f38cc0-b0ef-0139-8e82-06b4c2516bae HTTP/1.1
Host: tag.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:43:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 3101
set-cookie: suid=94B755404C9E40F1A29DC449B8471694; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; SameSite=none; Secure;
suid_legacy=94B755404C9E40F1A29DC449B8471694; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; Secure;
x-request-id: Fy9eyM_FN_Y7qBkClrGB
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache, no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/cropped-iconusbfund-192x192.png
50.87.170.174200 OK 20 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/cropped-iconusbfund-192x192.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 273b22a347363c8bfaa20ddcca897d53
0bf5106cb96db26030ae4bee997db3aef8914130
3c673a54e1fea64b6b57dc31365058249f665f327b0e032746b310a2f6a2c0b2
GET /wp-content/uploads/cropped-iconusbfund-192x192.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Cookie: _gcl_au=1.1.68862486.1670658201; __ss=1670658200620; __ss_referrer=https%3A//www.usbfund.com/free-quote/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind; _ga_YYEX7W0G95=GS1.1.1670658200.1.0.1670658200.0.0.0; _ga=GA1.1.311636050.1670658201; wc_visitor=100980-b3f861b7-3e9f-b4bf-d83e-13c0abb2cfdf; wc_client=bayengage+..+campaign-email+..+4-cash-flow-management-tips-that-will-blow-your-mind+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind+..+100980-b3f861b7-3e9f-b4bf-d83e-13c0abb2cfdf+..+; wc_client_current=bayengage+..+campaign-email+..+4-cash-flow-management-tips-that-will-blow-your-mind+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind+..+100980-b3f861b7-3e9f-b4bf-d83e-13c0abb2cfdf+..+; __ss_tk=202212%7C63943899ce9c25613938325e; IR_gbd=usbfund.com; IR_7486=1670658201063%7C0%7C1670658201063%7C%7C; soundestID=20221210074321-ISybwn4Gejp6lGBF6NP5hkdUKv5izXLr184Eo8Oh3G4znYuoP; omnisendAnonymousID=oBzTSoAh95ZKbk-20221210074321; omnisendSessionID=rSxfBJypZyiOTA-20221210074321; prism_224499963=dadbad4e-caba-49f2-b3db-4662f90d87e8; wc_swap=9494033494+..+9494611140+..+68836; soundest-views=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:15:06 GMT
accept-ranges: bytes
content-length: 19606
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Sat, 10 Dec 2022 07:43:23 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/cropped-iconusbfund-32x32.png
50.87.170.174200 OK 1.4 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/cropped-iconusbfund-32x32.png
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 331f8022f00882988b3dd50a45511040
295b137770dedf8de5101ba30c05f515e21b6fb0
f83bb7fbb6ab6b05a6129fdc513d6edeb3b9029b0cbe6cf3eae361ad56c58cf5
GET /wp-content/uploads/cropped-iconusbfund-32x32.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Cookie: _gcl_au=1.1.68862486.1670658201; __ss=1670658200620; __ss_referrer=https%3A//www.usbfund.com/free-quote/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind; _ga_YYEX7W0G95=GS1.1.1670658200.1.0.1670658200.0.0.0; _ga=GA1.1.311636050.1670658201; wc_visitor=100980-b3f861b7-3e9f-b4bf-d83e-13c0abb2cfdf; wc_client=bayengage+..+campaign-email+..+4-cash-flow-management-tips-that-will-blow-your-mind+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind+..+100980-b3f861b7-3e9f-b4bf-d83e-13c0abb2cfdf+..+; wc_client_current=bayengage+..+campaign-email+..+4-cash-flow-management-tips-that-will-blow-your-mind+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind+..+100980-b3f861b7-3e9f-b4bf-d83e-13c0abb2cfdf+..+; __ss_tk=202212%7C63943899ce9c25613938325e; IR_gbd=usbfund.com; IR_7486=1670658201063%7C0%7C1670658201063%7C%7C; soundestID=20221210074321-ISybwn4Gejp6lGBF6NP5hkdUKv5izXLr184Eo8Oh3G4znYuoP; omnisendAnonymousID=oBzTSoAh95ZKbk-20221210074321; omnisendSessionID=rSxfBJypZyiOTA-20221210074321; prism_224499963=dadbad4e-caba-49f2-b3db-4662f90d87e8; wc_swap=9494033494+..+9494611140+..+68836; soundest-views=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:14:07 GMT
accept-ranges: bytes
content-length: 1438
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Sat, 10 Dec 2022 07:43:23 GMT
server: Apache
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/jquery.selectBox.css
207.137.0.213301 Moved Permanently 180 B URL HTTP/2 www.checkbca.org/stylesheets/jquery.selectBox.css
IP 207.137.0.213:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 65d99af646ca7622a01fc0d3eb7a6b6d
a6b71820c0572f17c183b5669255346947bc3492
425fea6b4acfc8c48eee414af2be035b5c77a87742cf0bb46b136d07e0c29f6a
GET /stylesheets/jquery.selectBox.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/stylesheets/jquery.selectbox.css
date: Sat, 10 Dec 2022 07:43:23 GMT
content-length: 180
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/font-awesome.min.css
207.137.0.213200 OK 7.0 kB URL HTTP/2 www.checkbca.org/stylesheets/font-awesome.min.css
IP 207.137.0.213:0
File type ASCII text, with very long lines (30837)
Hash 775375b17c16dc85854ba29bbba28807
91c2f8c2838211a85090f061340b6c0c24e763af
e05c4f03a6c957e6b769e9ac46b9b6d7f1de8f46f49fc894be7c7493aaf4e033
GET /stylesheets/font-awesome.min.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: text/css
content-encoding: gzip
last-modified: Wed, 07 Dec 2022 22:31:00 GMT
accept-ranges: bytes
etag: "0aaf5948bad91:0"
vary: Accept-Encoding
date: Sat, 10 Dec 2022 07:43:23 GMT
content-length: 6965
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/style.css
207.137.0.213200 OK 11 kB URL HTTP/2 www.checkbca.org/stylesheets/style.css
IP 207.137.0.213:0
File type assembler source, Unicode text, UTF-8 text, with very long lines (548), with CRLF line terminators
Hash a3ec3a585ca53c4eaa1082ae3427a329
7f08739e149ab8dc280a05b280c31b04bfb1bd6d
1e44bca5aecfd50bff07a4df9f9bb9c524f6addd9c24bb8c463eef67798283c9
GET /stylesheets/style.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: text/css
content-encoding: gzip
last-modified: Wed, 07 Dec 2022 22:31:00 GMT
accept-ranges: bytes
etag: "0aaf5948bad91:0"
vary: Accept-Encoding
date: Sat, 10 Dec 2022 07:43:23 GMT
content-length: 10899
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/58092/domain/usbfund.com/token
54.230.111.42200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/58092/domain/usbfund.com/token
IP 54.230.111.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /partner/58092/domain/usbfund.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.usbfund.com/
Origin: https://www.usbfund.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Fri, 09 Dec 2022 22:08:42 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1RuDAt_O7laa4Rbl0d2UrIWTa5783hlKyBVWHCFlbhKxETOTeg0PAQ==
age: 34481
X-Firefox-Spdy: h2
www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjax.js
207.137.0.213301 Moved Permanently 188 B URL HTTP/2 www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjax.js
IP 207.137.0.213:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 6f83537ac9d2567aa0049ad8d28282d8
7e4975fe0edee16d97ab1f59dd7473a95902f30e
c614ae1fc44d88ab3555782295fd0de23f7b1062ef93e0777530a9ff2fdb2fe6
GET /Scripts/WebForms/MsAjax/MicrosoftAjax.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
date: Sat, 10 Dec 2022 07:43:23 GMT
content-length: 188
X-Firefox-Spdy: h2
www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjaxWebForms.js
207.137.0.213301 Moved Permanently 196 B URL HTTP/2 www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjaxWebForms.js
IP 207.137.0.213:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 95d708e49ef3d81c5832e354dbdafb01
ddb6aa6d1990a59c42331129fef517bb9101fad1
429e36746d58356e8d7fd50c755f2ec8de5fcf67bc3980f782eef9c14e89db18
GET /Scripts/WebForms/MsAjax/MicrosoftAjaxWebForms.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/scripts/webforms/msajax/microsoftajaxwebforms.js
date: Sat, 10 Dec 2022 07:43:23 GMT
content-length: 196
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc=&google_cm=&google_hm=YzozYjQ5NjgzYjY4YmU4NjE1NDNhZWVlMDE3MTNmYTUwYw&google_tc=
142.250.74.98302 Found 265 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc=&google_cm=&google_hm=YzozYjQ5NjgzYjY4YmU4NjE1NDNhZWVlMDE3MTNmYTUwYw&google_tc=
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 9f1fbfff37b680f152cc71b6eecdb9d1
068b67c14ee6a05b91435957019babb787d18212
d1678feba8438532e9c3cb5d3d41dbd316e8947604241a7954214a3bd599816b
GET /pixel?google_nid=clickagy&google_sc=&google_cm=&google_hm=YzozYjQ5NjgzYjY4YmU4NjE1NDNhZWVlMDE3MTNmYTUwYw&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://aorta.clickagy.com/pixel.gif?ch=8&cm=&google_error=3
date: Sat, 10 Dec 2022 07:43:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 265
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
id.rlcdn.com/711861.gif
35.244.174.68451 Unavailable For Legal Reasons 0 B IP 35.244.174.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /711861.gif HTTP/1.1
Host: id.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 451 Unavailable For Legal Reasons
date: Sat, 10 Dec 2022 07:43:23 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8105b33e4e3af998e9d016e156205c22
dfa2f5cecd72be8ec63d5f833b82cd993a5ce8b9
4a682a72e5d599d48706927cbc0852df5ac36dbb57747681cc2ee91c719c7ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash de38ffbd9d1cf0f29d0b5c0e8f494c43
086dc0aca40762ee8077a41b8e778f439e2dcc72
039a5cd42bef6f1059d4af20a7a97f598ff2bf5b40ee670a02521c34768e0cbf
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=142882
Date: Sat, 10 Dec 2022 07:43:23 GMT
Etag: "6393c3bd-1d7"
Expires: Sun, 11 Dec 2022 23:24:45 GMT
Last-Modified: Fri, 09 Dec 2022 23:24:45 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0ycsS2SzHWr42UtX5yLvNsarPI8iI28EprLkLYqKJmYtzk6-_ncu9Q==
www.checkbca.org/scripts/jquery-3.3.1.min.js
207.137.0.213200 OK 30 kB URL HTTP/2 www.checkbca.org/scripts/jquery-3.3.1.min.js
IP 207.137.0.213:0
File type ASCII text, with very long lines (65451)
Hash a263be51483c81a54aa8c85104a93e55
555a54a73531c553bd2aede6abc25c128b63312e
b2f13ad730928958c09d89e6e32bb6a227c0260d032a39ca464d998a59e57a66
GET /scripts/jquery-3.3.1.min.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Sat, 10 Dec 2022 07:43:23 GMT
content-length: 30394
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=58092&time=1670658202102&url=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=58092&time=1670658202102&url=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=58092&time=1670658202102&url=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D58092%26time%3D1670658202102%26url%3Dhttps%253A%252F%252Fwww.usbfund.com%252Ffree-quote%252F%253Futm_source%253Dbayengage%2526utm_medium%253Dcampaign-email%2526utm_campaign%253D4-cash-flow-management-tips-that-will-blow-your-mind%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQJoUnlxAHtL_wAAAYT6_R8zuD6GEQgVo_CbuQiE52QGaIAXcLNOGjuu7gzJ2OcOrekDzjU3ghwbog; Max-Age=2592000; Expires=Mon, 09 Jan 2023 07:43:23 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQLeQ28cnyoJBwAAAYT6_R8z1vMgP4rHywmyrs7lCWc438MJmcow6rxkAbtOjHQaZ771vdHk9STuIZ8n77YWjw; Max-Age=2592000; Expires=Mon, 09 Jan 2023 07:43:23 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&9faea4d5-bd8e-4e42-8fb6-259a043834ca"; domain=.linkedin.com; Path=/; Secure; Expires=Sun, 10-Dec-2023 07:43:23 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2395:u=1:x=1:i=1670658203:t=1670744603:v=2:sig=AQHop1zWu81_7kq0COm8PZ4LFUWv2iIR"; Expires=Sun, 11 Dec 2022 07:43:23 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXvdGzBtX3XXWtT6myAyg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 7FF7483B8ADF41A08C0B14FABB6CBA58 Ref B: OSL30EDGE0307 Ref C: 2022-12-10T07:43:23Z
date: Sat, 10 Dec 2022 07:43:22 GMT
content-length: 0
X-Firefox-Spdy: h2
aorta.clickagy.com/pixel.gif?ch=8&cm=&google_error=3
44.198.6.39302 Found 0 B URL HTTP/2 aorta.clickagy.com/pixel.gif?ch=8&cm=&google_error=3
IP 44.198.6.39:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel.gif?ch=8&cm=&google_error=3 HTTP/1.1
Host: aorta.clickagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 10 Dec 2022 07:43:23 GMT
content-type: application/json
content-length: 0
location: https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
server: Aorta/20221205.a0953a8c4
x-aorta-host: 1e7acaa0d773
x-aorta-region: us-east-1
access-control-allow-credentials: true
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
access-control-expose-headers: Set-Cookie
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin:
access-control-max-age: 31536000
cache-control: no-cache, no-store, must-revalidate
expect: 0
X-Firefox-Spdy: h2
www.checkbca.org/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZBAd-3g2iBrrqGpefWWgmRAZw8TONzGF-aV_9TjkbkyCvwDWnstKlAYe583il9NLzw2&t=637823077705833095
207.137.0.213200 OK 23 kB URL HTTP/2 www.checkbca.org/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZBAd-3g2iBrrqGpefWWgmRAZw8TONzGF-aV_9TjkbkyCvwDWnstKlAYe583il9NLzw2&t=637823077705833095
IP 207.137.0.213:0
File type ASCII text, with CRLF line terminators
Hash 20180537e2ac64e5c60143ac90c84998
82d03de61c4dededbc9fd79d8c3a8e18d3b43744
0999cb5dfb2dcd76a944ef880be49f8e2d66fc60d00817e2b251ba0a67090cbf
GET /WebResource.axd?d=pynGkmcFUV13He1Qd6_TZBAd-3g2iBrrqGpefWWgmRAZw8TONzGF-aV_9TjkbkyCvwDWnstKlAYe583il9NLzw2&t=637823077705833095 HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: application/x-javascript
content-encoding: gzip
expires: Sat, 09 Dec 2023 23:43:51 GMT
last-modified: Tue, 08 Mar 2022 11:42:50 GMT
vary: Accept-Encoding
date: Sat, 10 Dec 2022 07:43:23 GMT
content-length: 23086
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery.simplemodal.1.4.4.min.js
207.137.0.213200 OK 3.1 kB URL HTTP/2 www.checkbca.org/scripts/jquery.simplemodal.1.4.4.min.js
IP 207.137.0.213:0
File type ASCII text, with very long lines (626), with CRLF, LF line terminators
Hash 487fda8eb4e12565909588706300e2fb
9224d8c027d499bb7ec852c2bf3c580e593f5d5b
664736273b9cff9b035c3c682e6ea5e1220468bf24d3199d45148b0a45e101dc
GET /scripts/jquery.simplemodal.1.4.4.min.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Sat, 10 Dec 2022 07:43:23 GMT
content-length: 3081
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery.bxslider.min.js
207.137.0.213200 OK 5.1 kB URL HTTP/2 www.checkbca.org/scripts/jquery.bxslider.min.js
IP 207.137.0.213:0
File type ASCII text, with very long lines (18813)
Hash 9777aab0bd6025cd5c7ecaebd409284d
ab73cc0c1c09e58a1fa0d5bda44c313f697f14da
7b01c6335fa7c91f0b359d56158676c2553323f6e09dd01db242b0da0d104d1b
GET /scripts/jquery.bxslider.min.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Sat, 10 Dec 2022 07:43:23 GMT
content-length: 5135
X-Firefox-Spdy: h2
js.hs-banner.com/v2/5627136/banner.js
104.18.33.171200 OK 63 kB URL HTTP/2 js.hs-banner.com/v2/5627136/banner.js
IP 104.18.33.171:0
File type ASCII text, with very long lines (65044)
Hash ad1809f070626811ba956cbabdcf7ac4
fa829018f9797a334160f6a7b08e724e017eb3b4
5b9e9baf923f3e3dbfc9ac1c0c6ba906e5097250afd458474fe3f626c00bb087
GET /v2/5627136/banner.js HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:43:22 GMT
content-type: text/javascript; charset=UTF-8
x-amz-id-2: ZiYMCaN3uO3rpdX7UX7Pw2fg6nYf63nXWzjsG/kCY4FsdbuXi9JOHINpcXN/cK4fGhsmKwR1HlM=
x-amz-request-id: AXQJWSHKQKKWFKR6
last-modified: Thu, 08 Dec 2022 21:24:15 GMT
etag: W/"11ce068cbee778b0940075cd276a5ed7"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: 9vdprWEsB6H0SRYJ2TXu_MEHuK6OmY2J
access-control-allow-origin: https://www.usbfund.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin, Accept-Encoding
expires: Sat, 10 Dec 2022 07:48:22 GMT
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 777459645be5b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.checkbca.org/scripts/scripts.js
207.137.0.213200 OK 4.3 kB URL HTTP/2 www.checkbca.org/scripts/scripts.js
IP 207.137.0.213:0
File type ASCII text, with CRLF line terminators
Hash 3b38a1caac14cc0685da48549e84da3b
2ce4f852dced2ddee12614640dcfeb0f3a96ae48
4e45d270791d6d30c782e95c1763ef0a1ac7b934d5cb703b651f3c6434c8b22b
GET /scripts/scripts.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 07 Dec 2022 22:30:57 GMT
accept-ranges: bytes
etag: "80e62b938bad91:0"
vary: Accept-Encoding
date: Sat, 10 Dec 2022 07:43:23 GMT
content-length: 4272
X-Firefox-Spdy: h2
um.simpli.fi/triplelift
35.204.74.118302 Found 142 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /triplelift HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty
date: Sat, 10 Dec 2022 07:43:23 GMT
content-type: text/html
content-length: 142
location: https://eb2.3lift.com/xuid?mid=7969&xuid=4DA9CA70BC3F4F3FA9491AE6C387FF0D&dongle=yf3
set-cookie: suid=4DA9CA70BC3F4F3FA9491AE6C387FF0D; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; SameSite=none; Secure;
suid_legacy=4DA9CA70BC3F4F3FA9491AE6C387FF0D; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; Secure;
expires: Fri, 09 Dec 2022 07:43:23 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
www.checkbca.org/images/widget_member_seal.png
207.137.0.213200 OK 4.9 kB URL HTTP/2 www.checkbca.org/images/widget_member_seal.png
IP 207.137.0.213:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash b16b18a3bc55b39e53d58026662582b1
f1ef3e2605c0eb6afd312dcc7b354b4d0dee54a2
fb715daa7fae403543290995b70576747818581d044e57b5ac072fd27c84e1bf
GET /images/widget_member_seal.png HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: image/png
last-modified: Sat, 09 May 2020 03:31:08 GMT
accept-ranges: bytes
etag: "8a855647b225d61:0"
date: Sat, 10 Dec 2022 07:43:23 GMT
content-length: 4897
X-Firefox-Spdy: h2
um.simpli.fi/freewheel
35.204.74.118200 OK 43 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /freewheel HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:43:23 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
set-cookie: suid=EE5271402D6348379B45F7099363F673; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; SameSite=none; Secure;
suid_legacy=EE5271402D6348379B45F7099363F673; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; Secure;
expires: Fri, 09 Dec 2022 07:43:23 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/jquery.selectbox.css
207.137.0.213200 OK 844 B URL HTTP/2 www.checkbca.org/stylesheets/jquery.selectbox.css
IP 207.137.0.213:0
File type ASCII text, with very long lines (2823), with no line terminators
Hash ef6ac3dc00cd170fb2e40e76489dc10d
02964dcc31527690062facef2f5ca2c0cf24ea23
06e4f8e3d1d4e68a23c9fd4927304906f912307b71f80025f6b74dfe3945d813
GET /stylesheets/jquery.selectbox.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: text/css
content-encoding: gzip
last-modified: Fri, 02 Aug 2019 17:52:06 GMT
accept-ranges: bytes
etag: "0a783ff5a49d51:0"
vary: Accept-Encoding
date: Sat, 10 Dec 2022 07:43:23 GMT
content-length: 844
X-Firefox-Spdy: h2
um.simpli.fi/dtnx
35.204.74.118302 Found 142 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /dtnx HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sat, 10 Dec 2022 07:43:23 GMT
content-type: text/html
content-length: 142
location: https://fei.pro-market.net/engine?du=24;csync=BBE3C3752BE94419B9445F5F757730E0;mimetype=img;
set-cookie: suid=BBE3C3752BE94419B9445F5F757730E0; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; SameSite=none; Secure;
suid_legacy=BBE3C3752BE94419B9445F5F757730E0; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; Secure;
expires: Fri, 09 Dec 2022 07:43:23 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
207.137.0.213200 OK 24 kB URL HTTP/2 www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
IP 207.137.0.213:0
File type ASCII text, with very long lines (65262), with CRLF line terminators
Hash 1aa546445a52ff5e781cb1e335f445c4
a8071c7d8f7c2798100ceed7ef5842a587cc41d2
6a3e80b4cc602560e187e061ff5070fdda5c608125956f878f417b01867f6b09
GET /scripts/webforms/msajax/microsoftajax.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 07 Dec 2022 22:30:59 GMT
accept-ranges: bytes
etag: "80135d948bad91:0"
vary: Accept-Encoding
date: Sat, 10 Dec 2022 07:43:23 GMT
content-length: 24320
X-Firefox-Spdy: h2
um.simpli.fi/exelatem
35.204.74.118302 Found 142 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /exelatem HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sat, 10 Dec 2022 07:43:23 GMT
content-type: text/html
content-length: 142
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=A0E9CB67F797465FA58242DCE7D9787C&j=0
set-cookie: suid=A0E9CB67F797465FA58242DCE7D9787C; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; SameSite=none; Secure;
suid_legacy=A0E9CB67F797465FA58242DCE7D9787C; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; Secure;
expires: Fri, 09 Dec 2022 07:43:23 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
www.checkbca.org/scripts/webforms/msajax/microsoftajaxwebforms.js
207.137.0.213200 OK 9.6 kB URL HTTP/2 www.checkbca.org/scripts/webforms/msajax/microsoftajaxwebforms.js
IP 207.137.0.213:0
File type ASCII text, with very long lines (39257), with CRLF line terminators
Hash 211aa6b9096a11187131cbc6c3ab6d16
380ff6b00fc93d78031319a6d1b0e78f2a9e6017
4f1ec7256c84b77776b8c75fd59dca0c6b5560fa3a5010a290e46b6b5d8d4f5f
GET /scripts/webforms/msajax/microsoftajaxwebforms.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 07 Dec 2022 22:31:00 GMT
accept-ranges: bytes
etag: "0aaf5948bad91:0"
vary: Accept-Encoding
date: Sat, 10 Dec 2022 07:43:23 GMT
content-length: 9603
X-Firefox-Spdy: h2
um.simpli.fi/yahoo
35.204.74.118200 OK 43 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /yahoo HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:43:23 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
set-cookie: suid=E0C1DFD2F2194225BEEF8F3A669D2031; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; SameSite=none; Secure;
suid_legacy=E0C1DFD2F2194225BEEF8F3A669D2031; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; Secure;
expires: Fri, 09 Dec 2022 07:43:23 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/beachfront
35.204.74.118302 Found 142 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /beachfront HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sat, 10 Dec 2022 07:43:23 GMT
content-type: text/html
content-length: 142
location: https://sync.bfmio.com/sync?pid=141&uid=C7AF0CDE613A46E78013BF52794409C6
set-cookie: suid=C7AF0CDE613A46E78013BF52794409C6; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; SameSite=none; Secure;
suid_legacy=C7AF0CDE613A46E78013BF52794409C6; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; Secure;
expires: Fri, 09 Dec 2022 07:43:23 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/bluekai
35.204.74.118302 Found 142 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /bluekai HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sat, 10 Dec 2022 07:43:23 GMT
content-type: text/html
content-length: 142
location: https://stags.bluekai.com/site/29931?id=A5AFDB94642449989D28D1CF8F9B9303
set-cookie: suid=A5AFDB94642449989D28D1CF8F9B9303; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; SameSite=none; Secure;
suid_legacy=A5AFDB94642449989D28D1CF8F9B9303; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; Secure;
expires: Fri, 09 Dec 2022 07:43:23 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/crwdcntrl
35.204.74.118302 Found 142 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /crwdcntrl HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sat, 10 Dec 2022 07:43:23 GMT
content-type: text/html
content-length: 142
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=A25A55878099489E8D9247B00891EE19
set-cookie: suid=A25A55878099489E8D9247B00891EE19; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; SameSite=none; Secure;
suid_legacy=A25A55878099489E8D9247B00891EE19; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; Secure;
expires: Fri, 09 Dec 2022 07:43:23 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/lj_match
35.204.74.118302 Found 142 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /lj_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sat, 10 Dec 2022 07:43:23 GMT
content-type: text/html
content-length: 142
location: https://ce.lijit.com/merge?pid=2&3pid=B71B033B9146472E816A60B82099609E
set-cookie: suid=B71B033B9146472E816A60B82099609E; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; SameSite=none; Secure;
suid_legacy=B71B033B9146472E816A60B82099609E; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; Secure;
expires: Fri, 09 Dec 2022 07:43:23 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash de38ffbd9d1cf0f29d0b5c0e8f494c43
086dc0aca40762ee8077a41b8e778f439e2dcc72
039a5cd42bef6f1059d4af20a7a97f598ff2bf5b40ee670a02521c34768e0cbf
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=148716
Date: Sat, 10 Dec 2022 07:43:23 GMT
Etag: "6393c3bd-1d7"
Expires: Mon, 12 Dec 2022 01:01:59 GMT
Last-Modified: Fri, 09 Dec 2022 23:24:45 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cdeBm4joPJUVwXdTg66LwsWFQSTzkr4xi-mP6uQFxzBX0P_dpkRKeA==
Age: 5834
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3a7cafa2c0f4eafbe69e0b26dda0447d
0123b955c3ab7c64b9d19a09f868da180e4ca524
f0fe6e6dec3ffa992fbc0c9efdc85b5959dd76c92bd62722026512cc36068875
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
um.simpli.fi/liveramp_match
35.204.74.118302 Found 142 B URL HTTP/2 um.simpli.fi/liveramp_match
IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /liveramp_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sat, 10 Dec 2022 07:43:23 GMT
content-type: text/html
content-length: 142
location: https://idsync.rlcdn.com/419566.gif?partner_uid=E19EAB8070B6451AA1C528CC6F3FA9B0
set-cookie: suid=E19EAB8070B6451AA1C528CC6F3FA9B0; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; SameSite=none; Secure;
suid_legacy=E19EAB8070B6451AA1C528CC6F3FA9B0; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; Secure;
expires: Fri, 09 Dec 2022 07:43:23 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/spotx_match
35.204.74.118302 Found 142 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /spotx_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sat, 10 Dec 2022 07:43:23 GMT
content-type: text/html
content-length: 142
location: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=12A179328D37438E9DB2F62BAA62B2EA
set-cookie: suid=12A179328D37438E9DB2F62BAA62B2EA; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; SameSite=none; Secure;
suid_legacy=12A179328D37438E9DB2F62BAA62B2EA; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; Secure;
expires: Fri, 09 Dec 2022 07:43:23 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/an
35.204.74.118302 Found 142 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /an HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sat, 10 Dec 2022 07:43:23 GMT
content-type: text/html
content-length: 142
location: https://ib.adnxs.com/setuid?entity=66&code=E1C311F932A14402BCEB9AB43F93C50F
set-cookie: suid=E1C311F932A14402BCEB9AB43F93C50F; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; SameSite=none; Secure;
suid_legacy=E1C311F932A14402BCEB9AB43F93C50F; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; Secure;
expires: Fri, 09 Dec 2022 07:43:23 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/rb_match
35.204.74.118302 Found 142 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rb_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sat, 10 Dec 2022 07:43:23 GMT
content-type: text/html
content-length: 142
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=5597FC3C16114B49A26EF0F88ED4C14B&expires=365
set-cookie: suid=5597FC3C16114B49A26EF0F88ED4C14B; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; SameSite=none; Secure;
suid_legacy=5597FC3C16114B49A26EF0F88ED4C14B; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; Secure;
expires: Fri, 09 Dec 2022 07:43:23 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/ox_match
35.204.74.118302 Found 142 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /ox_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sat, 10 Dec 2022 07:43:23 GMT
content-type: text/html
content-length: 142
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=05BD2300B2C548E4BE44F976D3557AA2
set-cookie: suid=05BD2300B2C548E4BE44F976D3557AA2; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; SameSite=none; Secure;
suid_legacy=05BD2300B2C548E4BE44F976D3557AA2; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; Secure;
expires: Fri, 09 Dec 2022 07:43:23 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D58092%26time%3D1670658202102%26url%3Dhttps%253A%252F%252Fwww.usbfund.com%252Ffree-quote%252F%253Futm_source%253Dbayengage%2526utm_medium%253Dcampaign-email%2526utm_campaign%253D4-cash-flow-management-tips-that-will-blow-your-mind%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D58092%26time%3D1670658202102%26url%3Dhttps%253A%252F%252Fwww.usbfund.com%252Ffree-quote%252F%253Futm_source%253Dbayengage%2526utm_medium%253Dcampaign-email%2526utm_campaign%253D4-cash-flow-management-tips-that-will-blow-your-mind%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D58092%26time%3D1670658202102%26url%3Dhttps%253A%252F%252Fwww.usbfund.com%252Ffree-quote%252F%253Futm_source%253Dbayengage%2526utm_medium%253Dcampaign-email%2526utm_campaign%253D4-cash-flow-management-tips-that-will-blow-your-mind%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=58092&time=1670658202102&url=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&a16fe879-e3c8-4e5d-883f-5411e5e3294f"; Domain=.linkedin.com; Expires=Sun, 10-Dec-2023 07:43:23 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&202212100743236359f740-0477-4f97-8c96-38e3bb476dc6AQEVDQwqSnEHnEik-WBBM2M7ubLXGGfL"; Domain=.www.linkedin.com; Expires=Sun, 10-Dec-2023 07:43:23 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzA2NTgyMDM7MjswMjF+eyzbIfQA3pM/OUfv2Cf3fltbC8i69ntA49oKZtadsA==; Domain=.linkedin.com; Expires=Thu, 08 Jun 2023 07:43:23 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2395:u=1:x=1:i=1670658203:t=1670744603:v=2:sig=AQHop1zWu81_7kq0COm8PZ4LFUWv2iIR"; Expires=Sun, 11 Dec 2022 07:43:23 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/status linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com onyx.www.linkedin.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXvdGzFYF2zWqeXQYlY/A==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: A44143E16CCA414CB71B2FA7ADE93B8E Ref B: OSL30EDGE0307 Ref C: 2022-12-10T07:43:23Z
date: Sat, 10 Dec 2022 07:43:23 GMT
content-length: 0
X-Firefox-Spdy: h2
um.simpli.fi/g_match?id=&google_error=3
35.204.74.118204 No Content 0 B URL HTTP/2 um.simpli.fi/g_match?id=&google_error=3
IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /g_match?id=&google_error=3 HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 10 Dec 2022 07:43:23 GMT
set-cookie: suid=A743591D3BD24CD388C41AF8BE254DD1; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; SameSite=none; Secure;
suid_legacy=A743591D3BD24CD388C41AF8BE254DD1; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; Secure;
expires: Fri, 09 Dec 2022 07:43:23 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 180a72e77eb2781fc5dd8c27c18f365f
5b1878dfc0110e76f0303049c02ae100f5bc2e49
f994adcc281dad55861247c06ed1b09d0d764b48472a366243a3d96cf7ae1306
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4586
Cache-Control: max-age=168702
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:23 GMT
Etag: "639416af-1d7"
Expires: Mon, 12 Dec 2022 06:35:05 GMT
Last-Modified: Sat, 10 Dec 2022 05:18:39 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
www.googleadservices.com/pagead/conversion/1026675585/?random=1670658203434&cv=7&fst=1670658203434&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
142.250.74.130302 Found 42 B URL HTTP/2 www.googleadservices.com/pagead/conversion/1026675585/?random=1670658203434&cv=7&fst=1670658203434&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
IP 142.250.74.130:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/conversion/1026675585/?random=1670658203434&cv=7&fst=1670658203434&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 10 Dec 2022 07:43:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
location: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=727205417&cv=7&fst=1670658203434&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=mziUY9SvL9ya78EPluyg-Ag&sscte=1&crd=
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
um.simpli.fi/telaria_p
35.204.74.118302 Found 142 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /telaria_p HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty
date: Sat, 10 Dec 2022 07:43:23 GMT
content-type: text/html
content-length: 142
location: https://simplifi.partners.tremorhub.com/sync?UISF=2628A4364F4F42A5B6C137035572985C
set-cookie: suid=2628A4364F4F42A5B6C137035572985C; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; SameSite=none; Secure;
suid_legacy=2628A4364F4F42A5B6C137035572985C; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; Secure;
expires: Fri, 09 Dec 2022 07:43:23 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/tapad
35.204.74.118302 Found 142 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /tapad HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty
date: Sat, 10 Dec 2022 07:43:23 GMT
content-type: text/html
content-length: 142
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=C93D86B034574BFBB5AB2F5C12E7412F
set-cookie: suid=C93D86B034574BFBB5AB2F5C12E7412F; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; SameSite=none; Secure;
suid_legacy=C93D86B034574BFBB5AB2F5C12E7412F; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; Secure;
expires: Fri, 09 Dec 2022 07:43:23 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
rec.smartlook.com/recorder.js
185.76.9.16200 OK 1.4 kB URL HTTP/2 rec.smartlook.com/recorder.js
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
Hash 95b771671fc6cbec906135a373bc7c9d
82b5090321e3141a9cd19e196c47fd92bb6a0185
880ef776a304fe3800d4a1235e5d4422b891086587003ac47826457e12b9a5bf
GET /recorder.js HTTP/1.1
Host: rec.smartlook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:43:23 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600
cross-origin-resource-policy: cross-origin
etag: W/"6390556d-c4a"
last-modified: Wed, 07 Dec 2022 08:57:17 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-accel-expires: @1670658779
server: CDN77-Turbo
x-77-nzt: AblMCQ08UtP/GAAAAA
x-77-nzt-ray: c0a4cc28c023af799b389463ea037b0e
x-cache: HIT
x-age: 24
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
um.simpli.fi/pubmatic
35.204.74.118200 OK 43 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /pubmatic HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:43:23 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
set-cookie: suid=1093EAC466884828BDAFD00A0D40C207; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; SameSite=none; Secure;
suid_legacy=1093EAC466884828BDAFD00A0D40C207; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; Secure;
expires: Fri, 09 Dec 2022 07:43:23 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/intentiq
35.204.74.118302 Found 142 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /intentiq HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty
date: Sat, 10 Dec 2022 07:43:23 GMT
content-type: text/html
content-length: 142
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=08C3F558E97140DF83A06125BE38D988
set-cookie: suid=08C3F558E97140DF83A06125BE38D988; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; SameSite=none; Secure;
suid_legacy=08C3F558E97140DF83A06125BE38D988; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; Secure;
expires: Fri, 09 Dec 2022 07:43:23 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
sc.cdnma.com/apps/18595/capture.js
143.204.55.114200 OK 7.9 kB URL HTTP/2 sc.cdnma.com/apps/18595/capture.js
IP 143.204.55.114:0
Hash 914c1f8a7ad854399766214647308036
499c3d55dd9cdc07d203d4932c4eb0783c559a61
2e0ab03a9e5aa965e4f4fc9bcd77a4028f438ef575e6b05b21ed94dd1a843613
GET /apps/18595/capture.js HTTP/1.1
Host: sc.cdnma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 10 Dec 2022 04:43:28 GMT
last-modified: Mon, 13 Jun 2022 17:04:46 GMT
etag: W/"62a76e2e-6b96"
expires: Sat, 10 Dec 2022 08:43:28 GMT
cache-control: max-age=14400
access-control-allow-origin: *
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Nkj-STcQ4x_czttH4lHAJUVZTqGBaWjx8iSQUXalWgFy3INi5mtYtw==
age: 10795
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5c47323f3c87a762f10eefa6428fd9a0
cb77a70e53cc19c8c8b1a2862bad8f4e59fca6a4
4445ce383fa1c8372d5251b5ff0233375270a379c3292c2f73589232e86f25b4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 21:48:03 GMT
expires: Fri, 08 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 122120
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 6fdb9b8e1963d5f13d91db22e9294f97
f808d36103005c224eb6f7e4543d30271d2957b0
7ca8f99e7a6c7664a782af94d7b833d3a6374601a8a3a5cd382726d5d7fa3030
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 07:43:23 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 13:42:55 GMT
Expires: Wed, 14 Dec 2022 13:42:54 GMT
Etag: "f808d36103005c224eb6f7e4543d30271d2957b0"
Cache-Control: max-age=366570,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7774596b5af60b61-OSL
idsync.rlcdn.com/419566.gif?partner_uid=E19EAB8070B6451AA1C528CC6F3FA9B0
35.244.174.68451 Unavailable For Legal Reasons 0 B URL HTTP/2 idsync.rlcdn.com/419566.gif?partner_uid=E19EAB8070B6451AA1C528CC6F3FA9B0
IP 35.244.174.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /419566.gif?partner_uid=E19EAB8070B6451AA1C528CC6F3FA9B0 HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 451 Unavailable For Legal Reasons
date: Sat, 10 Dec 2022 07:43:23 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pixel-sync.sitescout.com/connectors/clickagy/usersync?cookieQ=1&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
98.98.134.242204 No Content 0 B URL HTTP/2 pixel-sync.sitescout.com/connectors/clickagy/usersync?cookieQ=1&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
IP 98.98.134.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /connectors/clickagy/usersync?cookieQ=1&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D HTTP/1.1
Host: pixel-sync.sitescout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
date: Sat, 10 Dec 2022 07:43:23 GMT
server: AC1.1
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 41b7dea6fdde41ee57f7bc8a3df8ac36
d60be5d401a60e898df9ba8c9f8c2d58b4c44d4e
03763c43d1b49899517c4cec4fc477415348469362a7e56a79f8439d89260b95
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 10 Dec 2022 07:43:23 GMT
Last-Modified: Sat, 10 Dec 2022 07:02:17 GMT
Server: ECS (dcb/7F83)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5ocRNwgmvqzfMm1-cNTIm5RJKnhBMPT49b5jxZJ90AtxYVFFLa6pvA==
Age: 2466
googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=727205417&cv=7&fst=1670658203434&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=mziUY9SvL9ya78EPluyg-Ag&sscte=1&crd=
142.250.74.66302 Found 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=727205417&cv=7&fst=1670658203434&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=mziUY9SvL9ya78EPluyg-Ag&sscte=1&crd=
IP 142.250.74.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/1026675585/?random=727205417&cv=7&fst=1670658203434&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=mziUY9SvL9ya78EPluyg-Ag&sscte=1&crd= HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 10 Dec 2022 07:43:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-conversion/1026675585/?random=727205417&cv=7&fst=1670658203434&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=mziUY9SvL9ya78EPluyg-Ag&random=3639383483
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 10-Dec-2022 07:58:24 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4e95309ba23214919c6e155d02aae114
827821b1b720cc658b3d348385f56c22eb397f7c
d48f9d588ae43ba46a64974385a93de32848965b1bea142778ad8f68796aefd8
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4998
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:24 GMT
Last-Modified: Sat, 10 Dec 2022 06:20:07 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
www.checkbca.org/scripts/jquery.selectbox.js
207.137.0.213200 OK 4.2 kB URL HTTP/2 www.checkbca.org/scripts/jquery.selectbox.js
IP 207.137.0.213:0
File type Unicode text, UTF-8 text, with very long lines (15896), with no line terminators
Hash 786f2eb7bf72098ca18b9afd6d127237
5e75cb575c23f13e064a913cbe55570670e718ab
d8a1f1df33bbe0f528bfd53be5c1388890220e54c5aaa7281b889a1e5dde3189
GET /scripts/jquery.selectbox.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Sat, 10 Dec 2022 07:43:23 GMT
content-length: 4192
X-Firefox-Spdy: h2
ib.adnxs.com/setuid?entity=66&code=E1C311F932A14402BCEB9AB43F93C50F
185.89.211.12307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/setuid?entity=66&code=E1C311F932A14402BCEB9AB43F93C50F
IP 185.89.211.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /setuid?entity=66&code=E1C311F932A14402BCEB9AB43F93C50F HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 10 Dec 2022 07:43:24 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DE1C311F932A14402BCEB9AB43F93C50F
AN-X-Request-Uuid: 499a1ae2-ca34-424e-b686-fac0d998f23a
Set-Cookie: uuid2=5333985274567357450; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 10-Mar-2023 07:43:24 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9cc635ba6f74bacd57ca33d0e756d53d
47d944674ef865b11b0e851528bbb82d6379563e
74546ddb2cd34c41e026b390148c08ba92c761b49651333ecb5d913a812eaddc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4538
Cache-Control: max-age=153552
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:24 GMT
Etag: "6393dbb2-1d7"
Expires: Mon, 12 Dec 2022 02:22:36 GMT
Last-Modified: Sat, 10 Dec 2022 01:06:58 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cd7a98c1f3517c84772edcc7699e162f
f8c70bd958d4451058b2609dae90840b893ba94c
13d45eaef209fa37d1aa9b875e8cdfd7ee94dbeb0e44456e58508cfedb461235
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4759
Cache-Control: max-age=150536
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:24 GMT
Etag: "6393cf0d-1d7"
Expires: Mon, 12 Dec 2022 01:32:20 GMT
Last-Modified: Sat, 10 Dec 2022 00:13:01 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
px.ads.linkedin.com/collect?v=2&fmt=js&pid=58092&time=1670658202102&url=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=58092&time=1670658202102&url=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=58092&time=1670658202102&url=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&b237f3c7-2808-4fc1-88b2-a0368aa2d3a7"; domain=.linkedin.com; Path=/; Secure; Expires=Sun, 10-Dec-2023 07:43:24 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2433:u=1:x=1:i=1670658204:t=1670744604:v=2:sig=AQEG4Jz6AFLMWCGU_gqyMzQ2dZOHWr7y"; Expires=Sun, 11 Dec 2022 07:43:24 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXvdGzKzrQMf+q/KxqGTA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 442B0BCA15B6471B99DA3CE03D25B22D Ref B: OSL30EDGE0307 Ref C: 2022-12-10T07:43:23Z
date: Sat, 10 Dec 2022 07:43:23 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 9005b1748b16ceed0ab3c0dbf4068b0c
e925a703725acb4d3671e71bab02292640c60577
5830a3a080f5e5ed21ebb80a87bb067556221038c315d17ed397b60baf05fe98
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=110310
Date: Sat, 10 Dec 2022 07:43:24 GMT
Etag: "6393318a-1d7"
Expires: Sun, 11 Dec 2022 14:21:54 GMT
Last-Modified: Fri, 09 Dec 2022 13:00:58 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cpXjINiGOXFmEvXAZfAaVTQyHcuFMC-xXTPqeuxWqtmJb0nJHt4jzQ==
Age: 4856
ocsp.usertrust.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash d0a12446ab05483457d47faa45fbab10
4ffcff120e42a38f1753a2a1878a3939e91de684
61f443eb0099c8cf7f3aa063a3c24ab09877efddd02d8b854311bf582c4215aa
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 07:43:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 10:10:16 GMT
Expires: Wed, 14 Dec 2022 10:10:15 GMT
Etag: "4ffcff120e42a38f1753a2a1878a3939e91de684"
Cache-Control: max-age=603801,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 419
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7774596fb88f1bfa-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c863b1070f9a9439017e98b7a4863cee
e71d3ffa108b251b3001312b1e84fb8820f83887
90fb2f86bb7b7b0faec7d80853b90cf0472ec52cffa3785e7ea8015ac2f32ace
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5909
Cache-Control: max-age=118205
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:24 GMT
Etag: "63934c44-1d7"
Expires: Sun, 11 Dec 2022 16:33:29 GMT
Last-Modified: Fri, 09 Dec 2022 14:55:00 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
us-u.openx.net/w/1.0/sd?id=537072966&val=05BD2300B2C548E4BE44F976D3557AA2
34.98.64.218200 OK 43 B URL HTTP/2 us-u.openx.net/w/1.0/sd?id=537072966&val=05BD2300B2C548E4BE44F976D3557AA2
IP 34.98.64.218:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /w/1.0/sd?id=537072966&val=05BD2300B2C548E4BE44F976D3557AA2 HTTP/1.1
Host: us-u.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Sat, 10 Dec 2022 07:43:24 GMT
content-type: image/gif
content-length: 43
cache-control: private, max-age=0, no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?adv_id=7797&uid=12A179328D37438E9DB2F62BAA62B2EA
185.94.180.125302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7797&uid=12A179328D37438E9DB2F62BAA62B2EA
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?adv_id=7797&uid=12A179328D37438E9DB2F62BAA62B2EA HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 10 Dec 2022 07:43:24 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=537dfe2e-785e-11ed-be33-1afcdea00206; expires=Sat, 07-Jan-2023 07:43:24 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?adv_id=7797&uid=12A179328D37438E9DB2F62BAA62B2EA&__user_check__=1&sync_id=537dfe6d-785e-11ed-be33-1afcdea00206
X-fe: 130
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DE1C311F932A14402BCEB9AB43F93C50F
185.89.211.12200 OK 43 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DE1C311F932A14402BCEB9AB43F93C50F
IP 185.89.211.12:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fsetuid%3Fentity%3D66%26code%3DE1C311F932A14402BCEB9AB43F93C50F HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 10 Dec 2022 07:43:24 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 1037d15f-3a1d-4ab4-856a-149fe0e63dfa
Set-Cookie: anj=dTM7k!M4.FE:2jUF']wIg2GVJiHHK>!]tbPl1N!7On*M$=BX3-l#A_zh0p:hiItmQcw]]RjbL:jfn$$IoH<Wm0<A[GOkRwc%nugO%v4VB%nnvb)[H)7; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 10-Mar-2023 07:43:24 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=5597FC3C16114B49A26EF0F88ED4C14B&expires=365
213.19.162.80204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=5597FC3C16114B49A26EF0F88ED4C14B&expires=365
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6286&nid=2132&put=5597FC3C16114B49A26EF0F88ED4C14B&expires=365 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 7c5d24517ee193cc868994bc18883d1d
Content-Type: image/gif
cdn.linkedin.oribi.io/partner/58092/domain/usbfund.com/token
54.230.111.42200 OK 99 B URL HTTP/2 cdn.linkedin.oribi.io/partner/58092/domain/usbfund.com/token
IP 54.230.111.42:0
Hash e1867bf765331cc389b92d19497d72c9
9b7cc3cce3d976aa062217525847e1c3feb8db18
d825240eeb6ff6b56578750b6cf3c4acf3613e0c74f01292364d59782ca766a3
GET /partner/58092/domain/usbfund.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Sat, 10 Dec 2022 07:19:28 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SxusYtPL8OaM0m4YDArLUfUk9-2iWRZH-7IIrSpRno6sios-r5kYHQ==
age: 1435
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9e85f3b051560e853d94f48d2d370af0
7e5e041dd9cb1aee4210b44c8923629ab6313db6
d2990d130ff9721cb7be1105adbfb979ea3c60d346f36dc7c14e6c1d6a20fb26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6411
Cache-Control: max-age=166199
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:24 GMT
Etag: "639405c8-1d7"
Expires: Mon, 12 Dec 2022 05:53:23 GMT
Last-Modified: Sat, 10 Dec 2022 04:06:32 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash fd742eecf2662a7ed920d7d203eb22cc
5fd343a1be5064e7a67dc1b8a071aa9f47264dc0
e81a0d5a2e07408db1910fd07e1575dddf03797a30c95874836440dafedb1590
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2417
Cache-Control: max-age=170863
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:24 GMT
Etag: "6394279a-2d7"
Expires: Mon, 12 Dec 2022 07:11:07 GMT
Last-Modified: Sat, 10 Dec 2022 06:30:50 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 727
sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=08C3F558E97140DF83A06125BE38D988
143.204.55.23403 Forbidden 986 B URL HTTP/2 sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=08C3F558E97140DF83A06125BE38D988
IP 143.204.55.23:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 68d22cae4143b97a181aca2c4b351693
0a5077a5e8ccc50eb7c4b7fc76b0e019f7c61cbf
bb26ee8cff04d37ea83e3fb2710eed844f4a7229e284265662e15fe632a2d925
GET /profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=08C3F558E97140DF83A06125BE38D988 HTTP/1.1
Host: sync.intentiq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: CloudFront
date: Sat, 10 Dec 2022 07:43:24 GMT
content-type: text/html
content-length: 986
x-cache: Error from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: iCZvabzNmtfs4gk52VlHhevkrWeRkw6EH8cFcDEWSUaKqk8KcfHZWw==
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?adv_id=7797&uid=12A179328D37438E9DB2F62BAA62B2EA&__user_check__=1&sync_id=537dfe6d-785e-11ed-be33-1afcdea00206
185.94.180.125200 OK 43 B URL HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7797&uid=12A179328D37438E9DB2F62BAA62B2EA&__user_check__=1&sync_id=537dfe6d-785e-11ed-be33-1afcdea00206
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55fade2068e7503eae8d7ddf5eb6bd09
317496a096d6c86486a71d4521994bcd171a6bb3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
GET /partner?adv_id=7797&uid=12A179328D37438E9DB2F62BAA62B2EA&__user_check__=1&sync_id=537dfe6d-785e-11ed-be33-1afcdea00206 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 07:43:24 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Set-Cookie: audience=5386724d-785e-11ed-9da4-199e6d820506; expires=Sat, 07-Jan-2023 07:43:24 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 78
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
beacon.cdnma.com/apps/capture.php?p=18595&l=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&u=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&r=&uq=a3aa06b6-7590-42bf-a7b9-18595f4e0eae&c=0&o=&ac=1d97238d-118d-4f7c-aa64-18595f49cc8f&t=1670658202414
54.156.236.5200 OK 491 B URL HTTP/2 beacon.cdnma.com/apps/capture.php?p=18595&l=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&u=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&r=&uq=a3aa06b6-7590-42bf-a7b9-18595f4e0eae&c=0&o=&ac=1d97238d-118d-4f7c-aa64-18595f49cc8f&t=1670658202414
IP 54.156.236.5:0
Hash da675f55324cc7e085b165fa9f449fa7
9b4454537d263061aaa58ace8bdecdc2d52e5fd4
3f39d465c0a42e51f7ddbef795a0b01e8905c814bf2ef69c99ec3ef285e7d8b4
GET /apps/capture.php?p=18595&l=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&u=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&r=&uq=a3aa06b6-7590-42bf-a7b9-18595f4e0eae&c=0&o=&ac=1d97238d-118d-4f7c-aa64-18595f49cc8f&t=1670658202414 HTTP/1.1
Host: beacon.cdnma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:43:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
pragma: public
cache-control: max-age=1209600
expires: Sat, 24 Dec 2022 07:43:24 GMT
access-control-allow-origin: *
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash afd9d9b97c2bfcfee7fa7a1ca101040e
0925598fce2cf4a0fe54a59cf5e407f39ab7a7ff
25008f577e6dde67dd58c629ec4dd2894465da9b9fa97819b5d9f7be568f804b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 749
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:24 GMT
Last-Modified: Sat, 10 Dec 2022 07:30:55 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
i.simpli.fi/p?cid=323546&cb=sifi_att_42656._hp
34.90.223.176200 OK 750 B URL HTTP/2 i.simpli.fi/p?cid=323546&cb=sifi_att_42656._hp
IP 34.90.223.176:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (750), with no line terminators
Hash 3e011ce00f6c92df928b22c1a92c411d
5f60e016328305a9278e5a1bfe4a839fda90e6f3
a1112729baab3f50a5bd218ff22bbbb4fab5f94579b2153033d211fcdf813b3b
GET /p?cid=323546&cb=sifi_att_42656._hp HTTP/1.1
Host: i.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:43:23 GMT
content-type: application/javascript; charset=UTF-8
set-cookie: suid=9E6B75E286E4449FB406B0821C529F5A; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; SameSite=none; Secure;
suid_legacy=9E6B75E286E4449FB406B0821C529F5A; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:23 GMT; Secure;
uid_syncd=true; path=/; expires=Sat, 17 Dec 2022 07:43:23 GMT; domain=.simpli.fi; secure
uid_syncd_secure=true; path=/; expires=Sat, 17 Dec 2022 07:43:23 GMT; domain=.simpli.fi; samesite=none; secure
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache, no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2
loadm.exelator.com/load/?p=204&g=2191&simid=A0E9CB67F797465FA58242DCE7D9787C&j=0
34.254.143.3204 No Content 0 B URL HTTP/2 loadm.exelator.com/load/?p=204&g=2191&simid=A0E9CB67F797465FA58242DCE7D9787C&j=0
IP 34.254.143.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /load/?p=204&g=2191&simid=A0E9CB67F797465FA58242DCE7D9787C&j=0 HTTP/1.1
Host: loadm.exelator.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sat, 10 Dec 2022 07:43:24 GMT
cache-control: no-cache
x-powered-by: Undertow/1
access-control-allow-credentials: true
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
X-Firefox-Spdy: h2
pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=C93D86B034574BFBB5AB2F5C12E7412F
35.227.248.159302 Found 0 B URL HTTP/2 pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=C93D86B034574BFBB5AB2F5C12E7412F
IP 35.227.248.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /idsync/ex/receive?partner_id=2305&partner_device_id=C93D86B034574BFBB5AB2F5C12E7412F HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 10 Dec 2022 07:43:24 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1670658204217;Expires=Wed, 08 Feb 2023 07:43:24 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=6efd7efc-37db-4607-a8dd-36ddff553d87;Expires=Wed, 08 Feb 2023 07:43:24 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=C93D86B034574BFBB5AB2F5C12E7412F
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6c33a1d5d0fc5fe73ec55ac938817ea4
bfc100af7973feb3a7c3501dda66589f08bc6bde
668f1beac80500f1748643c27de6e413b0676a2fa94b0fbb7ef94b1cbab16e50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash c8ce163a520ab937746bfadcbc09a904
7ad027f7c23fa59f9065ba26896c09f905c12709
704d9d1a90044c21144cb2e7130ddfa5c321863e17f59e9f254264ea4e75097d
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 10 Dec 2022 07:43:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 09 Dec 2022 20:14:01 GMT
Expires: Sat, 10 Dec 2022 20:14:01 GMT
ETag: "7ad027f7c23fa59f9065ba26896c09f905c12709"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9e85f3b051560e853d94f48d2d370af0
7e5e041dd9cb1aee4210b44c8923629ab6313db6
d2990d130ff9721cb7be1105adbfb979ea3c60d346f36dc7c14e6c1d6a20fb26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5659
Cache-Control: max-age=165447
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:24 GMT
Etag: "639405c8-1d7"
Expires: Mon, 12 Dec 2022 05:40:51 GMT
Last-Modified: Sat, 10 Dec 2022 04:06:32 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
fei.pro-market.net/engine?du=24;csync=BBE3C3752BE94419B9445F5F757730E0;mimetype=img;sr
107.178.240.89200 OK 43 B URL HTTP/2 fei.pro-market.net/engine?du=24;csync=BBE3C3752BE94419B9445F5F757730E0;mimetype=img;sr
IP 107.178.240.89:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 968c3ad2c1183fee0bf0dd479f7904b7
1d770800ecb05eb9133f9b51620c9e4349656859
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
GET /engine?du=24;csync=BBE3C3752BE94419B9445F5F757730E0;mimetype=img;sr HTTP/1.1
Host: fei.pro-market.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
anserver: gapp-eu-4.c.datonics-gcp-01.internal
set-cookie: anProfile="0+1+1f=1+1g=2+1j=57:1+rs=s+rt=5B5A2A9A+s2=(rmo04c)"; Domain=.pro-market.net; Max-Age=15552000; Path=/; Secure; SameSite=None;
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: Mon, 1 Jan 1990 0:0:0 GMT
access-control-allow-origin: *
content-type: image/gif
content-length: 43
date: Sat, 10 Dec 2022 07:43:23 GMT
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=C93D86B034574BFBB5AB2F5C12E7412F
35.227.248.159200 OK 95 B URL HTTP/2 pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=C93D86B034574BFBB5AB2F5C12E7412F
IP 35.227.248.159:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /idsync/ex/receive/check?partner_id=2305&partner_device_id=C93D86B034574BFBB5AB2F5C12E7412F HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:43:24 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1670658204266;Expires=Wed, 08 Feb 2023 07:43:24 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=15b51d6a-ba70-4b92-ac7f-caf5284c9846;Expires=Wed, 08 Feb 2023 07:43:24 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_3WAY_SYNCS=;Expires=Wed, 08 Feb 2023 07:43:24 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
content-type: image/png
content-length: 95
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/1026675585/?random=727205417&cv=7&fst=1670658203434&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=mziUY9SvL9ya78EPluyg-Ag&random=3639383483&ipr=y&prhg=0
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-conversion/1026675585/?random=727205417&cv=7&fst=1670658203434&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=mziUY9SvL9ya78EPluyg-Ag&random=3639383483&ipr=y&prhg=0
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-conversion/1026675585/?random=727205417&cv=7&fst=1670658203434&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=mziUY9SvL9ya78EPluyg-Ag&random=3639383483&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 10 Dec 2022 07:43:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ce.lijit.com/merge?pid=2&3pid=B71B033B9146472E816A60B82099609E
216.52.2.30204 No Content 0 B URL HTTP/1.1 ce.lijit.com/merge?pid=2&3pid=B71B033B9146472E816A60B82099609E
IP 216.52.2.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /merge?pid=2&3pid=B71B033B9146472E816A60B82099609E HTTP/1.1
Host: ce.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Sat, 10 Dec 2022 07:43:24 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Sovrn-Pod: ad_ap6ams1
js.hs-analytics.net/analytics/1670658000000/5627136.js
104.17.68.176200 OK 20 kB URL HTTP/2 js.hs-analytics.net/analytics/1670658000000/5627136.js
IP 104.17.68.176:0
File type ASCII text, with very long lines (64572)
Hash 519ef4be0d83ca628014200276b81ae1
e58699058dcdf29d7ce4295908a2c30d155a7c03
6c1cdd04576c6aa8aa5529d49eaec89b8afec6da30cde2be2ad4ec16ec1fcb8e
GET /analytics/1670658000000/5627136.js HTTP/1.1
Host: js.hs-analytics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:43:23 GMT
content-type: text/javascript
x-amz-id-2: Gx6K7qbleJBn8H3U2R5dpur9vvYtzgkFtHaCEg+ElBkKo2NIhkRIWNe0lD4diiCDK+3lkgIOcHI=
x-amz-request-id: EQ79WA5XZ4QPHKYZ
last-modified: Thu, 01 Dec 2022 14:17:27 GMT
etag: W/"bd43dd938f6c21d85ba0c275e588340d"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: null
access-control-allow-credentials: false
vary: origin, Accept-Encoding
expires: Sat, 10 Dec 2022 07:48:23 GMT
cf-cache-status: MISS
server: cloudflare
cf-ray: 7774596a5c63b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6c33a1d5d0fc5fe73ec55ac938817ea4
bfc100af7973feb3a7c3501dda66589f08bc6bde
668f1beac80500f1748643c27de6e413b0676a2fa94b0fbb7ef94b1cbab16e50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 2db30366ba3ff76d75aebaa0a40dbfd8
117dcf51828b61e492b4cf5e0a80ebce239576a8
874c39ff7a2e42620ee73cfb166e7286df645249d78af6b706c336a4749d0f1d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=125115
Date: Sat, 10 Dec 2022 07:43:24 GMT
Etag: "63936df5-1d7"
Expires: Sun, 11 Dec 2022 18:28:39 GMT
Last-Modified: Fri, 09 Dec 2022 17:18:45 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VaPDqES3LyudknO5_oDgnGrWS6orVdOHwAGkUEyid0-fMaJZeuOx0g==
Age: 4194
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash d30af19c651b7e0105bf752fbf82aa27
51b73313f76b50c0a3265084741f2bbe64986edc
2dd45a648587127b58f1000426d236dce25618847ac639384d207a7585f44f82
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=125443
Date: Sat, 10 Dec 2022 07:43:24 GMT
Etag: "63936ca6-1d7"
Expires: Sun, 11 Dec 2022 18:34:07 GMT
Last-Modified: Fri, 09 Dec 2022 17:13:10 GMT
Server: ECS (nyb/1D14)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gEExFCWzxoP3RR-jmyxcFiYuvtTpUGroZxX7tcxnL6EdK7N63J7vWg==
Age: 4857
d.agkn.com/pixel/10751/?che=1670658204210&ip=91.90.42.154&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D217023104361000571609
3.248.85.122302 Found 0 B URL HTTP/1.1 d.agkn.com/pixel/10751/?che=1670658204210&ip=91.90.42.154&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D217023104361000571609
IP 3.248.85.122:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/10751/?che=1670658204210&ip=91.90.42.154&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D217023104361000571609 HTTP/1.1
Host: d.agkn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache, must-revalidate
Date: Sat, 10 Dec 2022 07:43:24 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: https://um.simpli.fi/aa_px?sk=217023104361000571609
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Server: Apache-Coyote/1.1
Set-Cookie: ab=0001%3AN%2F0%2FF9NKBZeWChSuGF9alocPQN8D%2BCrM;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure
u=C|0AAArJvUcKyb1HAAAAAAA;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure
Content-Length: 0
Connection: keep-alive
sync.bfmio.com/sync?pid=141&uid=C7AF0CDE613A46E78013BF52794409C6
34.205.168.27204 0 B URL HTTP/1.1 sync.bfmio.com/sync?pid=141&uid=C7AF0CDE613A46E78013BF52794409C6
IP 34.205.168.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?pid=141&uid=C7AF0CDE613A46E78013BF52794409C6 HTTP/1.1
Host: sync.bfmio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204
Date: Sat, 10 Dec 2022 07:43:24 GMT
Set-Cookie: __141_cid=C7AF0CDE613A46E78013BF52794409C6; Domain=.bfmio.com; Expires=Sun, 10-Dec-2023 07:43:24 GMT; Path=/
__io_cid=3659c196ee50087e7fcce360648e8cd515a469c0; Domain=.bfmio.com; Expires=Sun, 10-Dec-2023 07:43:24 GMT; Path=/
Connection: keep-alive
um.simpli.fi/aa_px?sk=217023104361000571609
35.204.74.118302 Found 142 B URL HTTP/2 um.simpli.fi/aa_px?sk=217023104361000571609
IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /aa_px?sk=217023104361000571609 HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sat, 10 Dec 2022 07:43:24 GMT
content-type: text/html
content-length: 142
set-cookie: suid=CC409A1779F743C5AA581B6BF1031066; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:24 GMT; SameSite=none; Secure;
suid_legacy=CC409A1779F743C5AA581B6BF1031066; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:24 GMT; Secure;
location: /empty.gif
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
rec.smartlook.com/es6/init.9f9eccdc0bb055a30c0f.js
185.76.9.16200 OK 15 kB URL HTTP/2 rec.smartlook.com/es6/init.9f9eccdc0bb055a30c0f.js
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
Hash 61947a7896122b0e7b534c16e4020600
2323c7489031613f924a9643b031cae8065bde36
235f3c99e11210bf55a7591fa6256b69cefa90a2f6628fab6d544b83d19588f3
GET /es6/init.9f9eccdc0bb055a30c0f.js HTTP/1.1
Host: rec.smartlook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:43:23 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cross-origin-resource-policy: cross-origin
etag: W/"6390556d-d4c1"
last-modified: Wed, 07 Dec 2022 08:57:17 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-accel-expires: @1701952445
server: CDN77-Turbo
x-77-nzt: AblMCQ2TaIL/XrADAA
x-77-nzt-ray: c0a4cc284322c67a9b389463876f8714
x-cache: HIT
x-age: 241758
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
um.simpli.fi/empty.gif
35.204.74.118200 OK 43 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /empty.gif HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:43:24 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
set-cookie: suid=E0999AEFE27747A5903826CA406EC758; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:24 GMT; SameSite=none; Secure;
suid_legacy=E0999AEFE27747A5903826CA406EC758; Path=/; domain=simpli.fi; Expires=Mon, 11-Dec-23 07:43:24 GMT; Secure;
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=A25A55878099489E8D9247B00891EE19
54.75.190.240404 Not Found 49 B URL HTTP/2 bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=A25A55878099489E8D9247B00891EE19
IP 54.75.190.240:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 56398e76be6355ad5999b262208a17c9
a1fdee122b95748d81cee426d717c05b5174fe96
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
GET /map/c=7625/tp=SIMP/tpid=A25A55878099489E8D9247B00891EE19 HTTP/1.1
Host: bcp.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sat, 10 Dec 2022 07:43:25 GMT
content-type: image/gif
content-length: 49
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.0.158
access-control-allow-origin: *
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
207.137.0.213200 OK 6.8 kB URL HTTP/2 www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
IP 207.137.0.213:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (604), with CRLF line terminators
Hash a34b5d6e3d6597028fa675a09500fffa
11fbc4e681c039311dd9f1f1b5502b3fb50b754c
77072215e1bae523488e018dea82d588c243f9f05882d51e8196a4641ed05913
GET /companywidget.aspx?ID=100094667&WidgetType=1 HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=aor434kc25ryvlbboq4hgzv1; path=/; secure; HttpOnly; SameSite=Lax
date: Sat, 10 Dec 2022 07:43:25 GMT
content-length: 6794
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b78229295e7238657412ee9df51c1c55
8315b59e10b66bdf00b4b2529bc791d3500bdb1a
e5a88a0454b6c3bb2a359bd4c26c4778ebd1729ad74600afd349bb28601cd1d2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4797
Cache-Control: max-age=127556
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:25 GMT
Etag: "63937524-118"
Expires: Sun, 11 Dec 2022 19:09:21 GMT
Last-Modified: Fri, 09 Dec 2022 17:49:24 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 280
track.hubspot.com/__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=504767505&v=1.1&a=5627136&ct=standard-page&rcu=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F&pu=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&t=Free+Quote+-+US+Business+Funding&cts=1670658204094&vi=c1e15336d27ef4836775ff6686f9085e&nc=true&u=152200550.c1e15336d27ef4836775ff6686f9085e.1670658204092.1670658204092.1670658204092.1&b=152200550.1.1670658204092&cc=15
104.19.155.83200 OK 45 B URL HTTP/2 track.hubspot.com/__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=504767505&v=1.1&a=5627136&ct=standard-page&rcu=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F&pu=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&t=Free+Quote+-+US+Business+Funding&cts=1670658204094&vi=c1e15336d27ef4836775ff6686f9085e&nc=true&u=152200550.c1e15336d27ef4836775ff6686f9085e.1670658204092.1670658204092.1670658204092.1&b=152200550.1.1670658204092&cc=15
IP 104.19.155.83:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c8817d472077ebfc04593c1fa019d32d
e1e86f41c86c7b9cd2e8b76c6a925a1a3e7e3247
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
GET /__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=504767505&v=1.1&a=5627136&ct=standard-page&rcu=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F&pu=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&t=Free+Quote+-+US+Business+Funding&cts=1670658204094&vi=c1e15336d27ef4836775ff6686f9085e&nc=true&u=152200550.c1e15336d27ef4836775ff6686f9085e.1670658204092.1670658204092.1670658204092.1&b=152200550.1.1670658204092&cc=15 HTTP/1.1
Host: track.hubspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:43:25 GMT
content-type: image/gif
content-length: 45
cf-ray: 77745977fc17fabc-OSL
cache-control: no-cache, no-store, no-transform
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-hubspot-correlation-id: 34b7a0b2-ea85-40c3-b951-65d7891a864e
x-robots-tag: none
set-cookie: __cf_bm=NXTfepdRdZq9kFuty9BqBU7RhqNX5VbU5QlOveiVUNQ-1670658205-0-AQJ0+T2cXyPbn2b+twoqwzgWRTpbPmC93wu95efgNkvt1Q3qw/9BWLvTmv0OhZSuC3WoABUCrmJ4pwkFueOEXZM=; path=/; expires=Sat, 10-Dec-22 08:13:25 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wRqTYMYdqi%2FOR2R7ZEEeqvCRV6vQl81FAvuzqARZJnT3%2BvuzS2%2BCkIbbvZqGi5BMtSZjL6YlvlO50aMQGrhmd1IKNUhJ5XYz%2FSz0mmOL%2BUNAt5iRbKilT6eOi8ATpVAn01W%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d5ba9c680a09d60fc43e16a5f9281d7e
02b84b0d8ba7123b81f67effdf5c03b45893dd3c
2728a9d80363fdefcb404be5a0d74f63ea0046e251a88d0dc6ec7886b92ccb0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2728A9D80363FDEFCB404BE5A0D74F63EA0046E251A88D0DC6EC7886B92CCB0F"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17187
Expires: Sat, 10 Dec 2022 12:29:52 GMT
Date: Sat, 10 Dec 2022 07:43:25 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b78229295e7238657412ee9df51c1c55
8315b59e10b66bdf00b4b2529bc791d3500bdb1a
e5a88a0454b6c3bb2a359bd4c26c4778ebd1729ad74600afd349bb28601cd1d2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4797
Cache-Control: max-age=127556
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:43:25 GMT
Etag: "63937524-118"
Expires: Sun, 11 Dec 2022 19:09:21 GMT
Last-Modified: Fri, 09 Dec 2022 17:49:24 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 280
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 0cf4c656abe9725b08bd7d5b8f7394aa
0d49f20f8241719e3a8f7106c3750869ea3fd433
bacee698251996faff8e7557cd61a66b87bbb4877321a87ffd574f2388080239
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=154094
Date: Sat, 10 Dec 2022 07:43:25 GMT
Etag: "6393ec91-1d7"
Expires: Mon, 12 Dec 2022 02:31:39 GMT
Last-Modified: Sat, 10 Dec 2022 02:18:57 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BmgaOEA8n5Btd_0ss9nlIIi--Mj2RDWrV0buMGgJqIFab-V_qpRFKA==
Age: 762
www.checkbca.org/stylesheets/font-awesome.min.css
207.137.0.213304 Not Modified 0 B URL HTTP/2 www.checkbca.org/stylesheets/font-awesome.min.css
IP 207.137.0.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stylesheets/font-awesome.min.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Wed, 07 Dec 2022 22:31:00 GMT
If-None-Match: "0aaf5948bad91:0"
TE: trailers
HTTP/2 304 Not Modified
cache-control: no-cache
date: Sat, 10 Dec 2022 07:43:25 GMT
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/jquery.selectBox.css
207.137.0.213301 Moved Permanently 180 B URL HTTP/2 www.checkbca.org/stylesheets/jquery.selectBox.css
IP 207.137.0.213:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 65d99af646ca7622a01fc0d3eb7a6b6d
a6b71820c0572f17c183b5669255346947bc3492
425fea6b4acfc8c48eee414af2be035b5c77a87742cf0bb46b136d07e0c29f6a
GET /stylesheets/jquery.selectBox.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/stylesheets/jquery.selectbox.css
date: Sat, 10 Dec 2022 07:43:25 GMT
content-length: 180
X-Firefox-Spdy: h2
aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=32EFF7268C6240D6B39D33B836727AFF
3.67.155.142302 Found 0 B URL HTTP/2 aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=32EFF7268C6240D6B39D33B836727AFF
IP 3.67.155.142:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adscores/g.pixel?sid=9201915418&sifi_uid=32EFF7268C6240D6B39D33B836727AFF HTTP/1.1
Host: aa.agkn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 10 Dec 2022 07:43:24 GMT
location: https://d.agkn.com/pixel/10751/?che=1670658204210&ip=91.90.42.154&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D217023104361000571609
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
set-cookie: ab=0001%3Asu6NZoyj4%2BFoQqygigRvWiPC4b5Gg%2Fic; Path=/; Domain=.agkn.com; Expires=Sun, 10-Dec-2023 07:43:24 GMT; Max-Age=31536000; Secure; SameSite=None
X-Firefox-Spdy: h2
www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjax.js
207.137.0.213301 Moved Permanently 188 B URL HTTP/2 www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjax.js
IP 207.137.0.213:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 6f83537ac9d2567aa0049ad8d28282d8
7e4975fe0edee16d97ab1f59dd7473a95902f30e
c614ae1fc44d88ab3555782295fd0de23f7b1062ef93e0777530a9ff2fdb2fe6
GET /Scripts/WebForms/MsAjax/MicrosoftAjax.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
date: Sat, 10 Dec 2022 07:43:25 GMT
content-length: 188
X-Firefox-Spdy: h2
www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjaxWebForms.js
207.137.0.213301 Moved Permanently 196 B URL HTTP/2 www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjaxWebForms.js
IP 207.137.0.213:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 95d708e49ef3d81c5832e354dbdafb01
ddb6aa6d1990a59c42331129fef517bb9101fad1
429e36746d58356e8d7fd50c755f2ec8de5fcf67bc3980f782eef9c14e89db18
GET /Scripts/WebForms/MsAjax/MicrosoftAjaxWebForms.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/scripts/webforms/msajax/microsoftajaxwebforms.js
date: Sat, 10 Dec 2022 07:43:25 GMT
content-length: 196
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery-3.3.1.min.js
207.137.0.213304 Not Modified 0 B URL HTTP/2 www.checkbca.org/scripts/jquery-3.3.1.min.js
IP 207.137.0.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/jquery-3.3.1.min.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 16 Oct 2018 20:49:20 GMT
If-None-Match: "0c813b69165d41:0"
TE: trailers
HTTP/2 304 Not Modified
cache-control: no-cache
date: Sat, 10 Dec 2022 07:43:25 GMT
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery.simplemodal.1.4.4.min.js
207.137.0.213304 Not Modified 0 B URL HTTP/2 www.checkbca.org/scripts/jquery.simplemodal.1.4.4.min.js
IP 207.137.0.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/jquery.simplemodal.1.4.4.min.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 16 Oct 2018 20:49:20 GMT
If-None-Match: "0c813b69165d41:0"
TE: trailers
HTTP/2 304 Not Modified
cache-control: no-cache
date: Sat, 10 Dec 2022 07:43:25 GMT
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery.bxslider.min.js
207.137.0.213304 Not Modified 0 B URL HTTP/2 www.checkbca.org/scripts/jquery.bxslider.min.js
IP 207.137.0.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/jquery.bxslider.min.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 16 Oct 2018 20:49:20 GMT
If-None-Match: "0c813b69165d41:0"
TE: trailers
HTTP/2 304 Not Modified
cache-control: no-cache
date: Sat, 10 Dec 2022 07:43:25 GMT
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery.selectBox.js
207.137.0.213301 Moved Permanently 175 B URL HTTP/2 www.checkbca.org/scripts/jquery.selectBox.js
IP 207.137.0.213:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 46da262b5b1399dfbf30fac73e57a298
c176cf3cfa6da6a0748c497591ff3619467d6434
4089029c368f61bcc5e6be36c952e1c440e0e20475e247b8316c6ce57ea7cc99
GET /scripts/jquery.selectBox.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/scripts/jquery.selectbox.js
date: Sat, 10 Dec 2022 07:43:25 GMT
content-length: 175
X-Firefox-Spdy: h2
www.checkbca.org/scripts/scripts.js
207.137.0.213304 Not Modified 0 B URL HTTP/2 www.checkbca.org/scripts/scripts.js
IP 207.137.0.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/scripts.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Wed, 07 Dec 2022 22:30:57 GMT
If-None-Match: "80e62b938bad91:0"
TE: trailers
HTTP/2 304 Not Modified
cache-control: no-cache
date: Sat, 10 Dec 2022 07:43:25 GMT
X-Firefox-Spdy: h2
manager.eu.smartlook.cloud/rec/setup-recording/website
3.120.64.187200 OK 222 B URL HTTP/1.1 manager.eu.smartlook.cloud/rec/setup-recording/website
IP 3.120.64.187:0
File type JSON data\012- , ASCII text, with very long lines (468), with no line terminators
Hash b8860bbe9b389dc2cc7ee1919e9c781c
0464e79c10b6198b21a56d7a7a129bff4864769c
8b8acd7f06bbbd7c7b1e3f44ec50d601a8c84307073533f616e831a4fac06959
POST /rec/setup-recording/website HTTP/1.1
Host: manager.eu.smartlook.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www.usbfund.com
Content-Length: 122
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Request, X-Requested-With, Content-Type, Cookie
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://www.usbfund.com
Content-Encoding: br
Content-Type: application/json; charset=utf-8
Date: Sat, 10 Dec 2022 07:43:25 GMT
sl-trace-id: oCN90nS5Png7A2yDdPVRp
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
Content-Length: 222
Connection: keep-alive
speedyfox.io/anywhere/5f1d4e2f1d5e403592a56487267b609f40807d7ef69744e7aa045795455c9581?t=&u=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&r=
198.61.165.71403 Forbidden 18 B URL HTTP/1.1 speedyfox.io/anywhere/5f1d4e2f1d5e403592a56487267b609f40807d7ef69744e7aa045795455c9581?t=&u=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&r=
IP 198.61.165.71:0
File type ASCII text, with no line terminators
Hash 25f009f228cd844020264ff74a36bb64
8e2ada0df86c2ea12930c55ebdc0575aa5e31d87
a4578829918d4df61d980bf0665df65a68d19ea4de6d0dfdb75fb099b47474bf
GET /anywhere/5f1d4e2f1d5e403592a56487267b609f40807d7ef69744e7aa045795455c9581?t=&u=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&r= HTTP/1.1
Host: speedyfox.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Content-Type: application/json
Content-Length: 18
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS
X-Timing: lt=0
Date: Sat, 10 Dec 2022 07:43:25 GMT
Connection: close
www.checkbca.org/stylesheets/jquery.selectbox.css
207.137.0.213304 Not Modified 0 B URL HTTP/2 www.checkbca.org/stylesheets/jquery.selectbox.css
IP 207.137.0.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stylesheets/jquery.selectbox.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Fri, 02 Aug 2019 17:52:06 GMT
If-None-Match: "0a783ff5a49d51:0"
TE: trailers
HTTP/2 304 Not Modified
cache-control: no-cache
date: Sat, 10 Dec 2022 07:43:25 GMT
X-Firefox-Spdy: h2
www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
207.137.0.213304 Not Modified 0 B URL HTTP/2 www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
IP 207.137.0.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/webforms/msajax/microsoftajax.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Wed, 07 Dec 2022 22:30:59 GMT
If-None-Match: "80135d948bad91:0"
TE: trailers
HTTP/2 304 Not Modified
cache-control: no-cache
date: Sat, 10 Dec 2022 07:43:25 GMT
X-Firefox-Spdy: h2
www.checkbca.org/scripts/webforms/msajax/microsoftajaxwebforms.js
207.137.0.213304 Not Modified 0 B URL HTTP/2 www.checkbca.org/scripts/webforms/msajax/microsoftajaxwebforms.js
IP 207.137.0.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/webforms/msajax/microsoftajaxwebforms.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Wed, 07 Dec 2022 22:31:00 GMT
If-None-Match: "0aaf5948bad91:0"
TE: trailers
HTTP/2 304 Not Modified
cache-control: no-cache
date: Sat, 10 Dec 2022 07:43:25 GMT
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery.selectbox.js
207.137.0.213304 Not Modified 0 B URL HTTP/2 www.checkbca.org/scripts/jquery.selectbox.js
IP 207.137.0.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/jquery.selectbox.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 16 Oct 2018 20:49:20 GMT
If-None-Match: "0c813b69165d41:0"
TE: trailers
HTTP/2 304 Not Modified
cache-control: no-cache
date: Sat, 10 Dec 2022 07:43:25 GMT
X-Firefox-Spdy: h2
rec.smartlook.com/es6/bundle.4611c7e160dd922b35da.js
185.76.9.16200 OK 37 kB URL HTTP/2 rec.smartlook.com/es6/bundle.4611c7e160dd922b35da.js
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (65451)
Hash c1d58f4e870f58301d19c07f59f179d0
a3e80e4abd8e58929c1ccbba1895dcf498706463
3d089deddc4534f95deaaa34d4929f9d737e174407908308c810c4ca6475d621
GET /es6/bundle.4611c7e160dd922b35da.js HTTP/1.1
Host: rec.smartlook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:43:25 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cross-origin-resource-policy: cross-origin
etag: W/"6390556d-22b25"
last-modified: Wed, 07 Dec 2022 08:57:17 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-accel-expires: @1701952458
server: CDN77-Turbo
x-77-nzt: AblMCQ2ZtF7/U7ADAA
x-77-nzt-ray: c0a4cc284322c67a9d3894634928a529
x-cache: HIT
x-age: 241747
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash ad17d91b6fdb941934c6958ff4132446
9727d59147d2eb9e52039bcd121186ffe9c61d97
68fc04f057fe1dda621ccc21f356e93c820e58bf4cc55989e7c636081aae6e94
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=101456
Date: Sat, 10 Dec 2022 07:43:26 GMT
Etag: "63930a26-1d7"
Expires: Sun, 11 Dec 2022 11:54:22 GMT
Last-Modified: Fri, 09 Dec 2022 10:12:54 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Vu5AHqtLckoqwV2QlChPzQW44LfeupZbJlc0GQe-Z20eTX04Ct8AWg==
Age: 6088
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 105ed58f0fc9af9a1ea51666d128800c
62c933d75b2783e4336c05de72767e23c3655eca
9e5111ccc95b44111108a8bbac540c7a7df060fb8085dcc6a16bca15b228ea46
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 10 Dec 2022 07:43:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 09 Dec 2022 22:09:31 GMT
Expires: Sat, 10 Dec 2022 22:09:31 GMT
ETag: "62c933d75b2783e4336c05de72767e23c3655eca"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 44527a188121fd3534bf9710e2c89af3
f0828b9a3a770e878fc8c16c05fdd1687e1cbbd5
8c2268b792b25b3bee10c3be4192fe21afe983007aa3c018375cd860e3a96341
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 10 Dec 2022 07:43:26 GMT
Last-Modified: Sat, 10 Dec 2022 06:08:59 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: W72ri_JFwXt8arPkGQguzU5fNwW-Ppccj9PFl3x5rDxG7jf6erWa1A==
Age: 5668
web-writer.eu.smartlook.cloud/rec/v3/write?rid=FsBmB0HfeFRfT18aBRN5h&sid=bmB0oN1s0wUcN22qTog2S&vid=P-3TEmgV3oeSUNObaNIcf
3.67.121.103204 No Content 0 B URL HTTP/1.1 web-writer.eu.smartlook.cloud/rec/v3/write?rid=FsBmB0HfeFRfT18aBRN5h&sid=bmB0oN1s0wUcN22qTog2S&vid=P-3TEmgV3oeSUNObaNIcf
IP 3.67.121.103:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /rec/v3/write?rid=FsBmB0HfeFRfT18aBRN5h&sid=bmB0oN1s0wUcN22qTog2S&vid=P-3TEmgV3oeSUNObaNIcf HTTP/1.1
Host: web-writer.eu.smartlook.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Content-Type: multipart/form-data; boundary=---------------------------263629482934601133792591247550
Origin: https://www.usbfund.com
Content-Length: 129850
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Request, X-Requested-With, Content-Type, Cookie
Access-Control-Allow-Methods: OPTIONS, POST
Access-Control-Allow-Origin: https://www.usbfund.com
Cross-Origin-Resource-Policy: cross-origin
Date: Sat, 10 Dec 2022 07:43:26 GMT
sl-trace-id: M2Y1kEFNCRLa25Jvj6Hxe
Strict-Transport-Security: max-age=63072000; includeSubDomains
Connection: keep-alive
new-collect.albacross.com/e.gif?s=JSCollector%2C3.1.1&e0=pageview&ci0=8a7f1047-ce8d-aad8-f293-8b934be42b6f&v0=8b82f69c-7355-4c52-538e-a698d86d132a&p0=f1f3e445-f9e5-e862-7737-d7b73b8b20b7&u0=f1f3e445-f9e5-e862-7737-d7b73b8b20b7&c0=89342177&t0=1670658202079&ur0=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&ti0=Free%20Quote%20-%20US%20Business%20Funding&re0=1280&re0=1024&o0=landscape-primary&us0=bayengage&um0=campaign-email&uca0=4-cash-flow-management-tips-that-will-blow-your-mind&e1=pageview_ping&ci1=8a7f1047-ce8d-aad8-f293-8b934be42b6f&v1=8b82f69c-7355-4c52-538e-a698d86d132a&p1=f1f3e445-f9e5-e862-7737-d7b73b8b20b7&u1=3e6f226f-33fd-4584-7991-bd23c245b223&c1=89342177&t1=1670658202079&li1=1670658202077&e2=pageview_ping&ci2=8a7f1047-ce8d-aad8-f293-8b934be42b6f&v2=8b82f69c-7355-4c52-538e-a698d86d132a&p2=f1f3e445-f9e5-e862-7737-d7b73b8b20b7&u2=f26cfbe4-8c0d-2866-d8a1-135ea1d8a9cd&c2=89342177&t2=1670658202080&li2=1670658202077
52.18.163.224200 OK 37 B URL HTTP/2 new-collect.albacross.com/e.gif?s=JSCollector%2C3.1.1&e0=pageview&ci0=8a7f1047-ce8d-aad8-f293-8b934be42b6f&v0=8b82f69c-7355-4c52-538e-a698d86d132a&p0=f1f3e445-f9e5-e862-7737-d7b73b8b20b7&u0=f1f3e445-f9e5-e862-7737-d7b73b8b20b7&c0=89342177&t0=1670658202079&ur0=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&ti0=Free%20Quote%20-%20US%20Business%20Funding&re0=1280&re0=1024&o0=landscape-primary&us0=bayengage&um0=campaign-email&uca0=4-cash-flow-management-tips-that-will-blow-your-mind&e1=pageview_ping&ci1=8a7f1047-ce8d-aad8-f293-8b934be42b6f&v1=8b82f69c-7355-4c52-538e-a698d86d132a&p1=f1f3e445-f9e5-e862-7737-d7b73b8b20b7&u1=3e6f226f-33fd-4584-7991-bd23c245b223&c1=89342177&t1=1670658202079&li1=1670658202077&e2=pageview_ping&ci2=8a7f1047-ce8d-aad8-f293-8b934be42b6f&v2=8b82f69c-7355-4c52-538e-a698d86d132a&p2=f1f3e445-f9e5-e862-7737-d7b73b8b20b7&u2=f26cfbe4-8c0d-2866-d8a1-135ea1d8a9cd&c2=89342177&t2=1670658202080&li2=1670658202077
IP 52.18.163.224:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 637eb2cda011678b8ccd6b5b3c6e3570
300ffa6cb3b70adc05038ef2a4e9936978459ff2
49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d
GET /e.gif?s=JSCollector%2C3.1.1&e0=pageview&ci0=8a7f1047-ce8d-aad8-f293-8b934be42b6f&v0=8b82f69c-7355-4c52-538e-a698d86d132a&p0=f1f3e445-f9e5-e862-7737-d7b73b8b20b7&u0=f1f3e445-f9e5-e862-7737-d7b73b8b20b7&c0=89342177&t0=1670658202079&ur0=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind&ti0=Free%20Quote%20-%20US%20Business%20Funding&re0=1280&re0=1024&o0=landscape-primary&us0=bayengage&um0=campaign-email&uca0=4-cash-flow-management-tips-that-will-blow-your-mind&e1=pageview_ping&ci1=8a7f1047-ce8d-aad8-f293-8b934be42b6f&v1=8b82f69c-7355-4c52-538e-a698d86d132a&p1=f1f3e445-f9e5-e862-7737-d7b73b8b20b7&u1=3e6f226f-33fd-4584-7991-bd23c245b223&c1=89342177&t1=1670658202079&li1=1670658202077&e2=pageview_ping&ci2=8a7f1047-ce8d-aad8-f293-8b934be42b6f&v2=8b82f69c-7355-4c52-538e-a698d86d132a&p2=f1f3e445-f9e5-e862-7737-d7b73b8b20b7&u2=f26cfbe4-8c0d-2866-d8a1-135ea1d8a9cd&c2=89342177&t2=1670658202080&li2=1670658202077 HTTP/1.1
Host: new-collect.albacross.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:43:26 GMT
content-type: image/gif
content-length: 37
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3aa5c262-0114-433f-bea5-d75296b8bcd2.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3aa5c262-0114-433f-bea5-d75296b8bcd2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ccbd106eb57e1a4f6d60408118fe2dd
cc916150425f00b44ede3ec473e3e248afabaf8d
740c62dfdd20f2fb7270ea602825ba7eaad99c4fe5ab8d726072909c6b73c87f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3aa5c262-0114-433f-bea5-d75296b8bcd2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9209
x-amzn-requestid: a740ddf7-5325-4ac1-a694-aaa3d4345fe4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eNUGIroAMFdlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa55-08856c7b0757108a5c6811c9;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YUoiKVdDbKhNYwvJrsKp8RbC8Otq3ClQEmIx-HDe4wQYYompXjy2Yw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:04:44 GMT
age: 34723
etag: "cc916150425f00b44ede3ec473e3e248afabaf8d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
new-collect.albacross.com/e.gif?s=JSCollector%2C3.1.1&e0=pageview_ping&ci0=8a7f1047-ce8d-aad8-f293-8b934be42b6f&v0=8b82f69c-7355-4c52-538e-a698d86d132a&p0=f1f3e445-f9e5-e862-7737-d7b73b8b20b7&u0=d39db2d2-a869-e2ab-7992-ca9dbdf334b7&c0=89342177&t0=1670658206580&li0=1670658202077&e1=pageview_ping&ci1=8a7f1047-ce8d-aad8-f293-8b934be42b6f&v1=8b82f69c-7355-4c52-538e-a698d86d132a&p1=f1f3e445-f9e5-e862-7737-d7b73b8b20b7&u1=cc72f174-7dd8-531a-6358-6f6c1d18efaf&c1=89342177&t1=1670658207589&li1=1670658202077
52.18.163.224200 OK 37 B URL HTTP/2 new-collect.albacross.com/e.gif?s=JSCollector%2C3.1.1&e0=pageview_ping&ci0=8a7f1047-ce8d-aad8-f293-8b934be42b6f&v0=8b82f69c-7355-4c52-538e-a698d86d132a&p0=f1f3e445-f9e5-e862-7737-d7b73b8b20b7&u0=d39db2d2-a869-e2ab-7992-ca9dbdf334b7&c0=89342177&t0=1670658206580&li0=1670658202077&e1=pageview_ping&ci1=8a7f1047-ce8d-aad8-f293-8b934be42b6f&v1=8b82f69c-7355-4c52-538e-a698d86d132a&p1=f1f3e445-f9e5-e862-7737-d7b73b8b20b7&u1=cc72f174-7dd8-531a-6358-6f6c1d18efaf&c1=89342177&t1=1670658207589&li1=1670658202077
IP 52.18.163.224:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 637eb2cda011678b8ccd6b5b3c6e3570
300ffa6cb3b70adc05038ef2a4e9936978459ff2
49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d
GET /e.gif?s=JSCollector%2C3.1.1&e0=pageview_ping&ci0=8a7f1047-ce8d-aad8-f293-8b934be42b6f&v0=8b82f69c-7355-4c52-538e-a698d86d132a&p0=f1f3e445-f9e5-e862-7737-d7b73b8b20b7&u0=d39db2d2-a869-e2ab-7992-ca9dbdf334b7&c0=89342177&t0=1670658206580&li0=1670658202077&e1=pageview_ping&ci1=8a7f1047-ce8d-aad8-f293-8b934be42b6f&v1=8b82f69c-7355-4c52-538e-a698d86d132a&p1=f1f3e445-f9e5-e862-7737-d7b73b8b20b7&u1=cc72f174-7dd8-531a-6358-6f6c1d18efaf&c1=89342177&t1=1670658207589&li1=1670658202077 HTTP/1.1
Host: new-collect.albacross.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:43:28 GMT
content-type: image/gif
content-length: 37
X-Firefox-Spdy: h2
koi-3qnetrwct6.marketingautomation.services/client/ss.js?ver=1.1.1
130.211.21.179200 OK 0 B URL HTTP/2 koi-3qnetrwct6.marketingautomation.services/client/ss.js?ver=1.1.1
IP 130.211.21.179:0
GET /client/ss.js?ver=1.1.1 HTTP/1.1
Host: koi-3qnetrwct6.marketingautomation.services
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Sat, 10 Dec 2022 07:43:21 GMT
content-type: application/javascript
last-modified: Wed, 30 Nov 2022 20:16:54 GMT
vary: Accept-Encoding
etag: W/"6387ba36-2fc8"
expires: Sat, 17 Dec 2022 07:43:21 GMT
cache-control: max-age=604800, public
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
omnisrc.com/inshop/launcher-v2.js
104.18.25.198200 OK 0 B URL HTTP/2 omnisrc.com/inshop/launcher-v2.js
IP 104.18.25.198:0
GET /inshop/launcher-v2.js HTTP/1.1
Host: omnisrc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:43:22 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 07:45:26 GMT
etag: W/"63885b96-d5b0"
expires: Sat, 10 Dec 2022 07:28:49 GMT
cache-control: max-age=3600
x-envoy-upstream-service-time: 1
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 2622
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 777459641eec0b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
IP 142.250.74.106:0
GET /css?family=Open+Sans:300,400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 10 Dec 2022 07:43:21 GMT
date: Sat, 10 Dec 2022 07:43:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400,900,700,500,300,100
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,900,700,500,300,100
IP 142.250.74.106:0
GET /css?family=Roboto:400,900,700,500,300,100 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 10 Dec 2022 07:43:21 GMT
date: Sat, 10 Dec 2022 07:43:21 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
diffuser-cdn.app-us1.com/diffuser/diffuser.js
104.17.145.91200 OK 0 B URL HTTP/2 diffuser-cdn.app-us1.com/diffuser/diffuser.js
IP 104.17.145.91:0
GET /diffuser/diffuser.js HTTP/1.1
Host: diffuser-cdn.app-us1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:43:22 GMT
content-type: application/javascript
last-modified: Thu, 21 Oct 2021 17:42:06 GMT
etag: W/"4d482a43613d3966f353ec9d97452e0c"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=300
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 059f85e5e664bc876c915622803d9e28.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: LYgb7O-05A19YisedsHdW7Gqa3Bw46pjlPKvIkZSVBpaULKohYEzzQ==
cf-cache-status: HIT
age: 54
server: cloudflare
cf-ray: 777459642883b4fd-OSL
X-Firefox-Spdy: h2
prism.app-us1.com/?a=224499963&u=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind
104.17.145.91200 OK 0 B URL HTTP/2 prism.app-us1.com/?a=224499963&u=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind
IP 104.17.145.91:0
GET /?a=224499963&u=https%3A%2F%2Fwww.usbfund.com%2Ffree-quote%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3D4-cash-flow-management-tips-that-will-blow-your-mind HTTP/1.1
Host: prism.app-us1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:43:22 GMT
content-type: application/javascript
cache-control: no-cache, private
set-cookie: prism_224499963=dadbad4e-caba-49f2-b3db-4662f90d87e8; expires=Mon, 09-Jan-2023 07:43:22 GMT; Max-Age=2592000; path=/; secure; httponly; samesite=none
x-envoy-upstream-service-time: 49
x-powered-by: PHP/7.4.32
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 777459653950b4fd-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
simplifi.partners.tremorhub.com/sync?UISF=2628A4364F4F42A5B6C137035572985C
18.207.5.163200 OK 0 B URL HTTP/2 simplifi.partners.tremorhub.com/sync?UISF=2628A4364F4F42A5B6C137035572985C
IP 18.207.5.163:0
GET /sync?UISF=2628A4364F4F42A5B6C137035572985C HTTP/1.1
Host: simplifi.partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:43:24 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-NW5DZCL
142.250.74.168200 OK 0 B URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NW5DZCL
IP 142.250.74.168:0
GET /gtm.js?id=GTM-NW5DZCL HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 10 Dec 2022 07:43:21 GMT
expires: Sat, 10 Dec 2022 07:43:21 GMT
cache-control: private, max-age=900
last-modified: Sat, 10 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 55082
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/themes/usb/style.css
50.87.170.174200 OK 0 B URL HTTP/2 www.usbfund.com/wp-content/themes/usb/style.css
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/themes/usb/style.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Apr 2022 22:11:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: text/css
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
50.87.170.174200 OK 0 B URL HTTP/2 www.usbfund.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Oct 2021 18:27:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: application/javascript
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
50.87.170.174200 OK 0 B URL HTTP/2 www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
link: <https://www.usbfund.com/wp-json/>; rel="https://api.w.org/", <https://www.usbfund.com/wp-json/wp/v2/pages/1017>; rel="alternate"; type="application/json", <https://www.usbfund.com/?p=1017>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: text/html; charset=UTF-8
date: Sat, 10 Dec 2022 07:43:20 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/plugins/formidable/css/formidableforms.css
50.87.170.174200 OK 0 B URL HTTP/2 www.usbfund.com/wp-content/plugins/formidable/css/formidableforms.css
IP 50.87.170.174:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/plugins/formidable/css/formidableforms.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/free-quote/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=4-cash-flow-management-tips-that-will-blow-your-mind
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 30 Aug 2022 16:10:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: text/css
date: Sat, 10 Dec 2022 07:43:21 GMT
server: Apache
X-Firefox-Spdy: h2
sendlane.com/js/eventing.js
104.16.166.6200 OK 0 B URL HTTP/2 sendlane.com/js/eventing.js
IP 104.16.166.6:0
GET /js/eventing.js HTTP/1.1
Host: sendlane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:43:22 GMT
content-type: text/javascript
cache-control: public, max-age=60
cf-bgj: minify
etag: W/"711-5900675a88b6e-gzip"
expires: Sat, 10 Dec 2022 07:44:22 GMT
last-modified: Tue, 13 Aug 2019 21:38:21 GMT
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-content-type-options: nosniff
server: cloudflare
cf-ray: 777459608d950b41-OSL
content-encoding: br
X-Firefox-Spdy: h2
js.hs-scripts.com/5627136.js?integration=WordPress&ver=8.16.28
104.17.214.204200 OK 0 B URL HTTP/2 js.hs-scripts.com/5627136.js?integration=WordPress&ver=8.16.28
IP 104.17.214.204:0
GET /5627136.js?integration=WordPress&ver=8.16.28 HTTP/1.1
Host: js.hs-scripts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:43:21 GMT
content-type: application/javascript;charset=utf-8
x-trace: 2B82E7C3EDF57154C0C05023D541478FFFBE0AF220000000000000000000
cache-control: public, max-age=60
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 243e5d39-10a6-4feb-b2a3-dbca6b7139c0
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-origin: https://www.usbfund.com
last-modified: Sat, 10 Dec 2022 02:15:31 GMT
cf-cache-status: EXPIRED
expires: Sat, 10 Dec 2022 07:44:21 GMT
server: cloudflare
cf-ray: 7774596009a91bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2