email.mail.usbfund.com/c/eJxNkUmOwyAQRU9j74iYbJIFi5ZauYZVQJFGDXbEkCi3bzK1IiHB5wG_foGazYqyg9xPcnTaUDUzb8dSt4xLRq8ZE1KMP9pLCge0nCmFONsJuJ_VrKz1_oCGi7FmsL9gIi71dkY9cG4hnSGc1r4co_6p9VwG8TXwYx_X63XXivFtdTu7pb5T0LaMjlwKaetbxLAi2TyxXYR6vyqOraalbC1bHMS3gRuuJzjhwOc7SP1cSx28zQkmCPFF_yvq_PEiKbYHJX7LpCSIkZhWumUpH3GC6z2SdD8GzSnnjFPJBaVi2jFBnUA1KeEcBzMNkt7NPoONWbseJYeCnV4Cloox2gequq51eTa4apvM8poukJen5fMfWus19C468MLB3gBI0-UfWSeSug
302 Found 670 B URL HTTP/1.1 email.mail.usbfund.com/c/eJxNkUmOwyAQRU9j74iYbJIFi5ZauYZVQJFGDXbEkCi3bzK1IiHB5wG_foGazYqyg9xPcnTaUDUzb8dSt4xLRq8ZE1KMP9pLCge0nCmFONsJuJ_VrKz1_oCGi7FmsL9gIi71dkY9cG4hnSGc1r4co_6p9VwG8TXwYx_X63XXivFtdTu7pb5T0LaMjlwKaetbxLAi2TyxXYR6vyqOraalbC1bHMS3gRuuJzjhwOc7SP1cSx28zQkmCPFF_yvq_PEiKbYHJX7LpCSIkZhWumUpH3GC6z2SdD8GzSnnjFPJBaVi2jFBnUA1KeEcBzMNkt7NPoONWbseJYeCnV4Cloox2gequq51eTa4apvM8poukJen5fMfWus19C468MLB3gBI0-UfWSeSug
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (360)
Hash 1d93ebb2549840540329b3df3606c237
1cb80e08afc7dc94ce2b4919df4d1dd67bbf260e
2953648462532243de24ac5a9c396268fbfe94270b4b67c0e14d5f13119a7c6f
Analyzer Verdict Alert fortinet Malware
GET /c/eJxNkUmOwyAQRU9j74iYbJIFi5ZauYZVQJFGDXbEkCi3bzK1IiHB5wG_foGazYqyg9xPcnTaUDUzb8dSt4xLRq8ZE1KMP9pLCge0nCmFONsJuJ_VrKz1_oCGi7FmsL9gIi71dkY9cG4hnSGc1r4co_6p9VwG8TXwYx_X63XXivFtdTu7pb5T0LaMjlwKaetbxLAi2TyxXYR6vyqOraalbC1bHMS3gRuuJzjhwOc7SP1cSx28zQkmCPFF_yvq_PEiKbYHJX7LpCSIkZhWumUpH3GC6z2SdD8GzSnnjFPJBaVi2jFBnUA1KeEcBzMNkt7NPoONWbseJYeCnV4Cloox2gequq51eTa4apvM8poukJen5fMfWus19C468MLB3gBI0-UfWSeSug HTTP/1.1
Host: email.mail.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Length: 670
Content-Type: text/html
Date: Mon, 05 Dec 2022 07:06:47 GMT
Location: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=credit-score-for-small-business
X-Robots-Tag: noindex
X-Xss-Protection: 1; mode=block
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12272
Expires: Mon, 05 Dec 2022 10:31:19 GMT
Date: Mon, 05 Dec 2022 07:06:47 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6287
Cache-Control: max-age=104957
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:47 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 12:16:04 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11979
Expires: Mon, 05 Dec 2022 10:26:26 GMT
Date: Mon, 05 Dec 2022 07:06:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 06:20:13 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2794
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: xZSbjMZfFzFO3nNF5lW5KCAssz1TWdtGOw0VK5CK7tDjMRHNJEHoQWbuzpX9evdMP3M9+917970=
x-amz-request-id: 8STX7401RYVVETWN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 06:47:52 GMT
age: 1135
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 07:06:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9f173d2f092fea0ac66124173f169e5b
30dbaec80a1529e847e9f62adeab139644be2707
b96d1c3fad1be62e2672a3e91bcb6bbf00245e814817d7f516772785c89a8458
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B96D1C3FAD1BE62E2672A3E91BCB6BBF00245E814817D7F516772785C89A8458"
Last-Modified: Sun, 04 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21563
Expires: Mon, 05 Dec 2022 13:06:11 GMT
Date: Mon, 05 Dec 2022 07:06:48 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 06:08:58 GMT
cache-control: public,max-age=3600
age: 3470
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6276
Cache-Control: max-age=99879
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:48 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 10:51:27 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
200 OK 6.1 kB URL HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Hash 5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 01:28:24 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gNsBsFfb7D2CcInErJE8XGTCJlS1qIL6cPmq9_yyOGPouxYNmSaqfw==
age: 20305
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Dy4rZ+feLsuUl75wiQ0c3A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dVwyGhhnqVu4FK2Ot53qibFz69Q=
scripts.iconnode.com/100980.js
200 OK 7.7 kB URL HTTP/2 scripts.iconnode.com/100980.js
IP
File type Unicode text, UTF-8 text, with very long lines (46582), with no line terminators
Hash 05a6d57113e7870d8851ed0faf8ca12f
315c52641f469ec7e571648d5333982579cb6da3
0f4d04e15b0a5cb9f2e59f3cc9a7b36d522db0e7712454d1f962e77723348eb3
GET /100980.js HTTP/1.1
Host: scripts.iconnode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 7683
last-modified: Mon, 26 Sep 2022 18:10:24 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Mon, 05 Dec 2022 06:37:55 GMT
cache-control: max-age=0
etag: "05a6d57113e7870d8851ed0faf8ca12f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pMtMdh4tESbFS6wdAqWvNBi5AKRqRn0o2KWg9Pi_CJEIyMafewFMSg==
age: 29705
X-Firefox-Spdy: h2
code.jquery.com/jquery-migrate-1.2.1.js
200 OK 5.8 kB URL HTTP/2 code.jquery.com/jquery-migrate-1.2.1.js
IP
Hash ab50f392b13415af57f9720f4d24e981
8bee0d6d15bc0bf62197f6a33493df7494bf42c2
3c7ae468bcd5eefaf92cfac278a5a998f871e0aaa190f87b0f56fd79f93d00b7
GET /jquery-migrate-1.2.1.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:48 GMT
content-encoding: gzip
content-length: 5783
content-type: application/javascript; charset=utf-8
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
accept-ranges: bytes
server: nginx
etag: W/"62f659d6-40ed"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670224008.dop225.sk1.t,1670224008.cds260.sk1.hn,1670224008.cds234.sk1.c
X-Firefox-Spdy: h2
assets.anytrack.io/1y0o6qdBqYHr.js
200 OK 103 B URL HTTP/2 assets.anytrack.io/1y0o6qdBqYHr.js
IP
File type ASCII text, with no line terminators
Hash 69b5271584dd67a9e6ae79216fe30110
7753fe034a0843770954f6979f6830ff9a82f987
b55a87e172f834369dfb6a2176712509026e5b3de676343ccdc64410245081d9
GET /1y0o6qdBqYHr.js HTTP/1.1
Host: assets.anytrack.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 103
access-control-allow-origin: *
date: Mon, 05 Dec 2022 07:06:41 GMT
cache-control: public, max-age=600
etag: W/"67-d1P+A0oIQ3cJVPaXn2gw/5qC+Yc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IvnZwOD26xiaw72pAP3DunaYMSvXRcvWZ1olAlbrpCL_QG51JfImaw==
age: 156
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.usbfund.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css
200 OK 239 B URL HTTP/2 www.usbfund.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash 21fec527969cbcfec759744ce51f94c0
827130fb99b0005a5206028abfe82e93610184f2
fe2a280a5ffe9f5d3b1bf125035d478e46bae689a2f0cde07d48bef1ba7c74b1
GET /wp-content/plugins/wp-pagenavi/pagenavi-css.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=credit-score-for-small-business
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Oct 2021 18:28:51 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 239
content-type: text/css
date: Mon, 05 Dec 2022 07:06:48 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/css/forms.min.css
200 OK 1.1 kB URL HTTP/2 www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/css/forms.min.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3296), with no line terminators
Hash e4f0e46d63eb641d8cfe1579ff0217cb
37e2ef45ef74f0a3b869d447b4d9e22d0b424945
6b7e532056e7c449a8e080eb2967563fdb20ce9cfdcb95216205a769b65033c4
GET /wp-content/plugins/AffiliateWP-master/assets/css/forms.min.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=credit-score-for-small-business
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:24:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1141
content-type: text/css
date: Mon, 05 Dec 2022 07:06:48 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.usbfund.com/wp-content/themes/usb/css/grid.css
200 OK 10 kB URL HTTP/2 www.usbfund.com/wp-content/themes/usb/css/grid.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type assembler source, ASCII text, with very long lines (3536), with CRLF line terminators
Hash 8ca3e3908b8e627dd53a2bde9ab330b4
dfc94081f2e0acfbc95cb633810897271692e5db
5a17844298059c3adb2103842f6893bf6a798221afa1c7a3217c610fc4aebeec
GET /wp-content/themes/usb/css/grid.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=credit-score-for-small-business
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:35:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 10146
content-type: text/css
date: Mon, 05 Dec 2022 07:06:48 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
IP
File type ASCII text, with very long lines (32025)
Hash 83b3b5729cdff3976db52c51831e96b8
d23dc823e37f58e5366340be755730f3fa9a850d
675fa88b39008a09994460a93b310a7d4593735009a9b24b6f176c347ad12421
GET /ajax/libs/jquery/2.1.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29725
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 08:31:51 GMT
expires: Fri, 01 Dec 2023 08:31:51 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 340498
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 399d68606c3eca4bf8ad3253e90fbd8c
d0328251de27f93f94fce2e529b74931189a158a
9136e12c3eed4f1b9184d6ec4fd97fc08aec2972bd54e13ef740953e219f8bd0
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 07:06:49 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 09 Dec 2022 05:13:18 GMT
ETag: "d0328251de27f93f94fce2e529b74931189a158a"
Last-Modified: Mon, 05 Dec 2022 05:13:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 608
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774af0f8cd361c12-OSL
ocsp.digicert.com/
200 OK 280 B IP
Hash 955ed67bbb1ab4603216dbbd803b3d3a
55c7f2732bbc251aeab384e73c3b648a0be5e7c8
025c44944ac12bef7996938c5162897daa4c8f60d2d37ae636881cc2d03f7bc4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3030
Cache-Control: max-age=100249
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:49 GMT
Etag: "638c714c-118"
Expires: Tue, 06 Dec 2022 10:57:38 GMT
Last-Modified: Sun, 04 Dec 2022 10:07:08 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280
www.googletagmanager.com/gtag/js?id=UA-210860007-1
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-210860007-1
IP
File type ASCII text, with very long lines (1921)
Hash d2085e785d23412ab55ac918ef383469
3a6a1ef40120a665334e1833c844d331eafb6b66
b4f8f3945d6370bda348689b800ee2933e6f9656e25605e6a573213ad9897ff2
GET /gtag/js?id=UA-210860007-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Dec 2022 07:06:49 GMT
expires: Mon, 05 Dec 2022 07:06:49 GMT
cache-control: private, max-age=900
last-modified: Mon, 05 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43628
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-NW5DZCL
200 OK 55 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NW5DZCL
IP
File type ASCII text, with very long lines (7865)
Hash 888cd88ce1fdf8b0406b8345c8d2c599
8b13cc50877255b1744471ddf6086ab1e9dfee8d
1488215e112fe6e3f94d39117c9b81cf4eb357cae1c13e4ef4691b2a13c4d939
GET /gtm.js?id=GTM-NW5DZCL HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Dec 2022 07:06:49 GMT
expires: Mon, 05 Dec 2022 07:06:49 GMT
cache-control: private, max-age=900
last-modified: Mon, 05 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 55084
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
shield.sitelock.com/shield/usbfund.com
200 OK 10 kB URL HTTP/1.1 shield.sitelock.com/shield/usbfund.com
IP
File type PNG image data, 117 x 67, 8-bit/color RGBA, non-interlaced\012- data
Hash 7a0527f1498b72961c2b540f4ad53106
2c0d0f66db9224e0c2c34c79264f36df21b080e0
551c67d46342d431bfa8902dcfad8c1c3b581825f31ae550c61b4daa6a49ce3a
GET /shield/usbfund.com HTTP/1.1
Host: shield.sitelock.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Etag: "47119117"
Content-Type: image/png; charset=ISO-8859-1
Content-Length: 10454
Cache-Control: max-age=5400, public
Expires: Mon, 05 Dec 2022 08:36:48 GMT
Date: Mon, 05 Dec 2022 07:06:48 GMT
Set-Cookie: visid_incap_275317=qvgb/1QTSNaVNSy+KDV8SoiYjWMAAAAAQUIPAAAAAAB/kCtlBm/zG/zdrQA6FGEP; expires=Mon, 04 Dec 2023 22:33:41 GMT; HttpOnly; path=/; Domain=.sitelock.com
incap_ses_721_275317=1zH4KnURR2aStZDy84EBCoiYjWMAAAAAVMPKHb1OL/f+bRJgizrMgA==; path=/; Domain=.sitelock.com
X-CDN: Imperva
X-Iinfo: 12-47136999-0 0CNN RT(1670224008482 105) q(0 -1 -1 -1) r(0 -1)
ocsp.digicert.com/
200 OK 280 B IP
Hash fa0adba50b9f382d5237ac26fd03da57
15b0728336ee223ea66462229bd8486ac08c7a31
37170dd4856e554e9e3f77c1fe7fa2227529d7b8091ff34a5d22e6da846d4c1b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:49 GMT
Etag: "638c45a7-117"
Server: ECS (amb/6B8D)
Content-Length: 280
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 280 B IP
Hash 955ed67bbb1ab4603216dbbd803b3d3a
55c7f2732bbc251aeab384e73c3b648a0be5e7c8
025c44944ac12bef7996938c5162897daa4c8f60d2d37ae636881cc2d03f7bc4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3030
Cache-Control: max-age=100249
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:49 GMT
Etag: "638c714c-118"
Expires: Tue, 06 Dec 2022 10:57:38 GMT
Last-Modified: Sun, 04 Dec 2022 10:07:08 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280
www.usbfund.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
200 OK 4.6 kB URL HTTP/2 www.usbfund.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=credit-score-for-small-business
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Oct 2021 18:27:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 4618
content-type: application/javascript
date: Mon, 05 Dec 2022 07:06:48 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/js/jquery.cookie.min.js?ver=1.4.0
200 OK 758 B URL HTTP/2 www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/js/jquery.cookie.min.js?ver=1.4.0
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1667), with no line terminators
Hash 94c6b3b214659c68b42fb0c428cac279
eb3a852e1bcf8a32ac304dc89995ffdeaf623033
8cdab12fffba1162b02761c8e7631003efebf03e3af5ca9072023ffda52353ad
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/AffiliateWP-master/assets/js/jquery.cookie.min.js?ver=1.4.0 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=credit-score-for-small-business
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:24:32 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 758
content-type: application/javascript
date: Mon, 05 Dec 2022 07:06:48 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/us-business-funding-logo-small.png
200 OK 2.0 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/us-business-funding-logo-small.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash a5a71307aefd12c55fd16f36356f9a83
679b01f07d71f673b74fde71a5a0a9da8a8e486d
a2e02fabad9f481343e4e8050843b371e239956a637488eb7d2a9deff98245de
GET /wp-content/uploads/us-business-funding-logo-small.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=credit-score-for-small-business
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:14:51 GMT
accept-ranges: bytes
content-length: 2020
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Mon, 05 Dec 2022 07:06:49 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 118c6922fd407ff83a1e6ef4bae0c5d3
f3de58fb7fb3c2dfd12d55a7e2d99cb20e7576ee
0f6b02af32a84789f01ffde70dbe9e2b495de8164d233e4e1d6076acc35fbd87
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 07:06:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 02:09:18 GMT
Expires: Sun, 11 Dec 2022 02:09:17 GMT
Etag: "f3de58fb7fb3c2dfd12d55a7e2d99cb20e7576ee"
Cache-Control: max-age=499947,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774af0f8bd30b4f4-OSL
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 399d68606c3eca4bf8ad3253e90fbd8c
d0328251de27f93f94fce2e529b74931189a158a
9136e12c3eed4f1b9184d6ec4fd97fc08aec2972bd54e13ef740953e219f8bd0
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 07:06:49 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 09 Dec 2022 05:13:18 GMT
ETag: "d0328251de27f93f94fce2e529b74931189a158a"
Last-Modified: Mon, 05 Dec 2022 05:13:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 608
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774af0f9edec1c12-OSL
d.impactradius-event.com/A870624-b043-4b58-adb6-a8c4d22ccc5b1.js
200 OK 13 kB URL HTTP/2 d.impactradius-event.com/A870624-b043-4b58-adb6-a8c4d22ccc5b1.js
IP
File type C source, ASCII text, with very long lines (40914), with no line terminators
Hash 833e9c2431f16a9e4e590d8c18a01169
d932b0dc73f5dbe2f30c5991fbc95d598a7d6855
ba6dea3209c3bf545ed7db2f134ab8d241599d778988697a345124a4aa8d491a
GET /A870624-b043-4b58-adb6-a8c4d22ccc5b1.js HTTP/1.1
Host: d.impactradius-event.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdu8WoXpOPSEjWtywA-5PscS_mSp3q9rfryi5GkmUAvQ1au2x8lhuNIcbq9jlfGACKQS778BuCRZInFvIIGVuwRANVR9Ny94
x-goog-generation: 1581997649126919
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 12876
content-encoding: gzip
x-goog-hash: crc32c=PZt+Nw==, md5=gz6cJDHxap5OWQ2MGKARaQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 12876
server: UploadServer
date: Mon, 05 Dec 2022 07:06:41 GMT
expires: Mon, 05 Dec 2022 07:11:41 GMT
cache-control: public,max-age=900,s-maxage=300
age: 8
last-modified: Tue, 18 Feb 2020 03:47:29 GMT
etag: "833e9c2431f16a9e4e590d8c18a01169"
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/featured-logo-04.png
200 OK 5.8 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/featured-logo-04.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 123 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash e94a0244f1a51d7565de08744375bd07
dde753e74a85c5f094dda6661ada486fdae50422
47bff975ef1626c064613532b237bd114911cdc835effdccb0d124c1432c17b2
GET /wp-content/uploads/featured-logo-04.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=credit-score-for-small-business
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:15:18 GMT
accept-ranges: bytes
content-length: 5757
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Mon, 05 Dec 2022 07:06:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/featured-logo-05.png
200 OK 3.7 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/featured-logo-05.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 135 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash 646b30b6704a2457b04bb12da4144c97
acadca7b80819db2100f2cf8341acdf47a2eb773
b6e64d31c4f5ab917ad1cddfe7fa745e7c4bfc2d5af33cfdaa8130eb14247bc8
GET /wp-content/uploads/featured-logo-05.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=credit-score-for-small-business
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:15:03 GMT
accept-ranges: bytes
content-length: 3721
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Mon, 05 Dec 2022 07:06:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/featured-logo-01.png
200 OK 3.3 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/featured-logo-01.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 164 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash 30427e02eea1cec61004e2fdb293e4d2
d3ba51be6c31147f379670d59cab54ec01b3b448
32161c4a44a1dcdddeeb852e2b6eea070839630ac3a719ac79a503cfd4d3892d
GET /wp-content/uploads/featured-logo-01.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=credit-score-for-small-business
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:14:38 GMT
accept-ranges: bytes
content-length: 3311
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Mon, 05 Dec 2022 07:06:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/featured-logo-06.png
200 OK 2.7 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/featured-logo-06.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 175 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash b7b5570d5d29fd453a5e65063849fcb1
b07b87612c74febb32961e10ed154dc2efdf19cb
886d709e142c957b0d93269a57fccc13800907c8ab90acc1f18c8bec259d3992
GET /wp-content/uploads/featured-logo-06.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=credit-score-for-small-business
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:14:38 GMT
accept-ranges: bytes
content-length: 2693
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Mon, 05 Dec 2022 07:06:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/accredited-business-usbfunding.png
200 OK 2.2 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/accredited-business-usbfunding.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 180 x 75, 8-bit colormap, non-interlaced\012- data
Hash 3befe9c6fb5e6602893570b99d3920aa
1e7c1d352448864975a23135097e59593ae71456
d59962c29e3487892da60ef799f75523576b6f006d54fc3dd43bb6993588f1dc
GET /wp-content/uploads/accredited-business-usbfunding.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=credit-score-for-small-business
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:15:06 GMT
accept-ranges: bytes
content-length: 2244
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Mon, 05 Dec 2022 07:06:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/themes/usb/js/site.js
200 OK 4.8 kB URL HTTP/2 www.usbfund.com/wp-content/themes/usb/js/site.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash ba21d11b60199ed26dfb2a2d8352065a
3e78915e922b60ca87f5860c67b99861de96830c
c000c3cc081106de80fb4995e40b363752494290c9090e0980a5b4a4cfc37c49
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/usb/js/site.js HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=credit-score-for-small-business
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:35:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 4830
content-type: application/javascript
date: Mon, 05 Dec 2022 07:06:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/featured-logo-03.png
200 OK 3.8 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/featured-logo-03.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 83 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash ea461093328a47d28ed34df6be0ad850
5fad4dd9e9daea5b1cac739624cbd673c20fe7c2
37ea654d17c80dfb22d0ad091907b6d4009c76c4671728321fd51376a8df7cce
GET /wp-content/uploads/featured-logo-03.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=credit-score-for-small-business
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:15:13 GMT
accept-ranges: bytes
content-length: 3840
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Mon, 05 Dec 2022 07:06:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/themes/usb/images/logo_icon.png
200 OK 2.2 kB URL HTTP/2 www.usbfund.com/wp-content/themes/usb/images/logo_icon.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 53 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash 50946e7f85431c547526705a530f893f
573eff13df4dc4f2e6e0e1db1a9339d79e22ce3c
05bc3e4202452433d51079e0d6e348cb850ea55330da7786c1d5c7290d13400a
GET /wp-content/themes/usb/images/logo_icon.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=credit-score-for-small-business
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:36:10 GMT
accept-ranges: bytes
content-length: 2165
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Mon, 05 Dec 2022 07:06:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/norton-secured.png
200 OK 3.0 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/norton-secured.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 180 x 75, 8-bit colormap, non-interlaced\012- data
Hash 7d05b62893199c911ab6f798ec8127d2
e7dc7368c55a2fbccb17a82c1a25de39cea2907d
0b691c8e6d1b07ce3e066744ccfbf643d61f013ce51503b0a3ceb7a356562ed6
GET /wp-content/uploads/norton-secured.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=credit-score-for-small-business
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:14:45 GMT
accept-ranges: bytes
content-length: 3017
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Mon, 05 Dec 2022 07:06:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/themes/usb/images/logo_text.png
200 OK 6.3 kB URL HTTP/2 www.usbfund.com/wp-content/themes/usb/images/logo_text.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 250 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash 198c7fed73cadb12c23066fcad4e33e8
1f2616bb88b86ec79f3ce8cbbf74b3392c0b46bc
0053eb54a0f54484a915313939d858e1844208d2d0c4b410ce30e25d9cbc09ba
GET /wp-content/themes/usb/images/logo_text.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=credit-score-for-small-business
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:36:10 GMT
accept-ranges: bytes
content-length: 6307
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Mon, 05 Dec 2022 07:06:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/featured-logo-02.png
200 OK 5.8 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/featured-logo-02.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 93 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash d2bfb41e522705be8e4a48895b996bca
df2507b75f1c0362bd168ea7ecf829f11469a926
968570479e59e9ff339d5c1d25e4c15011f8cb5ad243776b8cf62f51d28b0903
GET /wp-content/uploads/featured-logo-02.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=credit-score-for-small-business
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:13:58 GMT
accept-ranges: bytes
content-length: 5795
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Mon, 05 Dec 2022 07:06:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/themes/usb/js/accounting.min.js
200 OK 1.3 kB URL HTTP/2 www.usbfund.com/wp-content/themes/usb/js/accounting.min.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3019)
Hash 05f645a76aff3fc02e18295a07c54e09
509581a5e2e4760e2163d704d21b2604329b514e
c7834a5ef896adfc8b40eb2a1db07bd867fe84da57ad234bfa487cfbc610a16a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/usb/js/accounting.min.js HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=credit-score-for-small-business
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:35:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1345
content-type: application/javascript
date: Mon, 05 Dec 2022 07:06:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
200 OK 5.3 kB URL HTTP/2 www.usbfund.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=credit-score-for-small-business
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 17 Aug 2022 11:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 5321
content-type: application/javascript
date: Mon, 05 Dec 2022 07:06:49 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 118c6922fd407ff83a1e6ef4bae0c5d3
f3de58fb7fb3c2dfd12d55a7e2d99cb20e7576ee
0f6b02af32a84789f01ffde70dbe9e2b495de8164d233e4e1d6076acc35fbd87
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 07:06:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 02:09:18 GMT
Expires: Sun, 11 Dec 2022 02:09:17 GMT
Etag: "f3de58fb7fb3c2dfd12d55a7e2d99cb20e7576ee"
Cache-Control: max-age=499947,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774af0fa6ed2b4f4-OSL
ocsp.digicert.com/
200 OK 279 B IP
Hash f5f13ebece32c8dd4ce5d4038b9330a1
2b68ee69f0c1c1b0484959c4b0b43ad5e644cd08
f530f5560a17e57214ceb8d1accebee9f48b1330c50a89bad2e64a62ca22fef6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4246
Cache-Control: max-age=102929
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:49 GMT
Etag: "638c7704-117"
Expires: Tue, 06 Dec 2022 11:42:18 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:32 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 9b5617499c7273752290acf2012b28dd
71b5048650cdec4ecb275f23f4eb66c8e389bccc
81bf1e6bef9b02d5540da0a2c853cbeb2245e3bc79c71a701d5328a70a2915f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5483
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:49 GMT
Last-Modified: Mon, 05 Dec 2022 05:35:26 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=credit-score-for-small-business
200 OK 22 kB URL HTTP/2 www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=credit-score-for-small-business
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash 320dcb09fcb40e439ec127b5b85ed975
85cea98e3075e31dd801a21882009ba332201a5d
25eeb3e774967b7c898a1be77f29243e64cc62c8d0787a8bb37cfc4881ab9de4
GET /secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=credit-score-for-small-business HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
link: <https://www.usbfund.com/wp-json/>; rel="https://api.w.org/", <https://www.usbfund.com/wp-json/wp/v2/posts/2701>; rel="alternate"; type="application/json", <https://www.usbfund.com/?p=2701>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: text/html; charset=UTF-8
date: Mon, 05 Dec 2022 07:06:48 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 387154
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15528, version 1.0\012- data
Hash 595fe3fc0b85f3cc9ef5aed2d519abc5
96e76de44987e9dec2f97f1e5eb7a18c738daf5d
747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 23:00:05 GMT
expires: Wed, 29 Nov 2023 23:00:05 GMT
cache-control: public, max-age=31536000
age: 461204
last-modified: Tue, 19 Apr 2022 18:53:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/bg-section-header.png
200 OK 22 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/bg-section-header.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1920 x 149, 8-bit colormap, non-interlaced\012- data
Hash 65b13235e26653c77b0ed328dfdb8dc2
2dcc21d12b909058345b01f087062f6b59f4f05c
acba6ce2f083bf3e78176be5f1c68dfbeb67e609472b4f8c034ba8676d0995b2
GET /wp-content/uploads/bg-section-header.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: __ss=1670224006697; __ss_referrer=https%3A//www.usbfund.com/secured-vs-unsecured-line-of-credit/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business; _gcl_au=1.1.1919072345.1670224007; wc_visitor=100980-055a9f26-7aed-146f-e719-11d517e17b4e; wc_client=bayengage+..+campaign-email+..+credit-score-for-small-business+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business+..+100980-055a9f26-7aed-146f-e719-11d517e17b4e+..+; wc_client_current=bayengage+..+campaign-email+..+credit-score-for-small-business+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business+..+100980-055a9f26-7aed-146f-e719-11d517e17b4e+..+; IR_gbd=usbfund.com; IR_7486=1670224006761%7C0%7C1670224006761%7C%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:14:58 GMT
accept-ranges: bytes
content-length: 22531
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Mon, 05 Dec 2022 07:06:49 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Hash b20371a6daf29d4a1f2e85dbbf40fb20
0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:42:34 GMT
expires: Thu, 30 Nov 2023 19:42:34 GMT
cache-control: public, max-age=31536000
age: 386655
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 65bc405f9c5bf030921b3635d9a760b6
1d9a95db0d7a8657aec2075630ebb8aa93f8597b
b546bcdf76a83c36c0cb2facd683be0a957f16193c8a8e5ecb79fef0a6eed70b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2678
Cache-Control: max-age=87307
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:49 GMT
Etag: "638c401e-117"
Expires: Tue, 06 Dec 2022 07:21:56 GMT
Last-Modified: Sun, 04 Dec 2022 06:37:18 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
www.usbfund.com/wp-content/uploads/icon-arrow-down-white.png
200 OK 172 B URL HTTP/2 www.usbfund.com/wp-content/uploads/icon-arrow-down-white.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 14 x 14, 8-bit gray+alpha, non-interlaced\012- data
Hash 26d3bceaf73fad28fb322b6646860f78
1b70241f618df47a01729534d376a57c57bd8c07
0077bc52b60eb51d8785f3aa812a2cdcce59acd3a0b70a801b82c563787e1a7c
GET /wp-content/uploads/icon-arrow-down-white.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: __ss=1670224006697; __ss_referrer=https%3A//www.usbfund.com/secured-vs-unsecured-line-of-credit/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business; _gcl_au=1.1.1919072345.1670224007; wc_visitor=100980-055a9f26-7aed-146f-e719-11d517e17b4e; wc_client=bayengage+..+campaign-email+..+credit-score-for-small-business+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business+..+100980-055a9f26-7aed-146f-e719-11d517e17b4e+..+; wc_client_current=bayengage+..+campaign-email+..+credit-score-for-small-business+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business+..+100980-055a9f26-7aed-146f-e719-11d517e17b4e+..+; IR_gbd=usbfund.com; IR_7486=1670224006761%7C0%7C1670224006761%7C%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:15:12 GMT
accept-ranges: bytes
content-length: 172
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Mon, 05 Dec 2022 07:06:49 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 387175
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 387154
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/icon-arrow-down-black.png
200 OK 195 B URL HTTP/2 www.usbfund.com/wp-content/uploads/icon-arrow-down-black.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 14 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash f984736b4b9dfe03bb8831a718c6a238
d95304fa5fed6fdf9020c21ece2b7e35aec4808c
4944824b4a23581a4660857551680fffd806f6fa42e3d9414fb1529ba78651b9
GET /wp-content/uploads/icon-arrow-down-black.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: __ss=1670224006697; __ss_referrer=https%3A//www.usbfund.com/secured-vs-unsecured-line-of-credit/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business; _gcl_au=1.1.1919072345.1670224007; wc_visitor=100980-055a9f26-7aed-146f-e719-11d517e17b4e; wc_client=bayengage+..+campaign-email+..+credit-score-for-small-business+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business+..+100980-055a9f26-7aed-146f-e719-11d517e17b4e+..+; wc_client_current=bayengage+..+campaign-email+..+credit-score-for-small-business+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business+..+100980-055a9f26-7aed-146f-e719-11d517e17b4e+..+; IR_gbd=usbfund.com; IR_7486=1670224006761%7C0%7C1670224006761%7C%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:15:09 GMT
accept-ranges: bytes
content-length: 195
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Mon, 05 Dec 2022 07:06:49 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:56 GMT
expires: Thu, 30 Nov 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 387173
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tag.getdrip.com/9726461.js
200 OK 8 B URL HTTP/2 tag.getdrip.com/9726461.js
IP
File type ASCII text, with no line terminators
Hash de2e1607e500ee465eca3ec4505c0859
cfd432c8178796a4af548a7ed62f09bdf5fbb897
295bdad3ed86f4eeb0249f30e724344ec7be85582094013a85403ecbb77a0047
GET /9726461.js HTTP/1.1
Host: tag.getdrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 8
last-modified: Fri, 20 May 2022 20:08:53 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 05 Dec 2022 07:06:42 GMT
etag: "de2e1607e500ee465eca3ec4505c0859"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MWszEHn9dPWMZUH84ti8cX44lFCT5gwiXKyAkXfsgZy82dhJj496lQ==
age: 156
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 277 B IP
Hash 1eca549b959e69c0e5da0d23026cc6b4
611b0f910b4e9de05b5a7a14121bcc939f89da55
c3bfd9cb0598952f0549867f7f4f2e49a3454272d4966748af07d8e022b59bc6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4182
Cache-Control: max-age=140288
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:49 GMT
Etag: "638d0933-115"
Expires: Tue, 06 Dec 2022 22:04:57 GMT
Last-Modified: Sun, 04 Dec 2022 20:55:15 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 277
ocsp.digicert.com/
200 OK 279 B IP
Hash 9b5617499c7273752290acf2012b28dd
71b5048650cdec4ecb275f23f4eb66c8e389bccc
81bf1e6bef9b02d5540da0a2c853cbeb2245e3bc79c71a701d5328a70a2915f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 581
Cache-Control: max-age=157559
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:49 GMT
Etag: "638d5abb-117"
Expires: Wed, 07 Dec 2022 02:52:48 GMT
Last-Modified: Mon, 05 Dec 2022 02:43:07 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
js.hs-banner.com/5627136.js
200 OK 15 kB URL HTTP/2 js.hs-banner.com/5627136.js
IP
File type ASCII text, with very long lines (60033)
Hash d8a4d07082b84e4b764fc3282662f736
1ec601da38f2a083a98eaa3322c2e8fdb70b51b2
551e73d0aa1cf89195058e161233570bf293b3453573c0343b3293359d585748
GET /5627136.js HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:49 GMT
content-type: text/javascript; charset=UTF-8
x-amz-id-2: 4bRtauNUvUssf8zVKdPGO7lwcZbsC12CeHr9iIrIvuvqSrXWH1oiLHWBNTX7qDHTEtNTgBDWlMI=
x-amz-request-id: 4K1ZGM4TG9ZHG7WT
last-modified: Tue, 25 Oct 2022 20:40:18 GMT
etag: W/"cac405a2f26900fc1b5f45bc4b2fbd5a"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: zI4pJTLFNjPt5tClOnwXN36nhgXVyIrD
access-control-allow-origin: https://www.usbfund.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin, Accept-Encoding
expires: Mon, 05 Dec 2022 07:11:42 GMT
cf-cache-status: HIT
age: 7
server: cloudflare
cf-ray: 774af0fd1cdf0b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
forms.hsforms.com/embed/v3/form/540751/8e06fd82-42e9-4211-9f65-32b7dbc43b43/json?hs_static_app=forms-embed&hs_static_app_version=1.2431&X-HubSpot-Static-App-Info=forms-embed-1.2431
404 Not Found 564 B URL HTTP/2 forms.hsforms.com/embed/v3/form/540751/8e06fd82-42e9-4211-9f65-32b7dbc43b43/json?hs_static_app=forms-embed&hs_static_app_version=1.2431&X-HubSpot-Static-App-Info=forms-embed-1.2431
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash c83df2e751d2a91add2a37b8e508116c
5a3c352a794e8854b38339f68c68e8633e4e1723
1a9bb60cd9b072891bbfa7ac2eb5eb1c828a405f7c9c1ba887f6d2b76bf4b27e
GET /embed/v3/form/540751/8e06fd82-42e9-4211-9f65-32b7dbc43b43/json?hs_static_app=forms-embed&hs_static_app_version=1.2431&X-HubSpot-Static-App-Info=forms-embed-1.2431 HTTP/1.1
Host: forms.hsforms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Mon, 05 Dec 2022 07:06:49 GMT
content-type: application/json;charset=utf-8
x-trace: 2B6E5C9285C3147B12504CFEB96F9442AF5B9FF95F000000000000000000
x-hubspot-notfound: true
x-origin-hublet: na1
vary: origin
x-hubspot-correlation-id: 5b93f74b-7dc1-4cbb-861e-c49458e6d9a9
access-control-allow-origin: https://www.usbfund.com
access-control-allow-methods: OPTIONS, GET
access-control-allow-headers: *
access-control-allow-credentials: false
access-control-max-age: 180
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 774af0fbbdf41bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash d26eb994333d199aa1d6e2abc22526c3
b6a4390096f7ea22b3f00620bd49da38e3b1b618
f7cd06d11a6f207f3c1cb4708e191f352e4ab6cb428937975abc0b548d4a29bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1310
Cache-Control: max-age=125130
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:49 GMT
Etag: "638cd935-116"
Expires: Tue, 06 Dec 2022 17:52:19 GMT
Last-Modified: Sun, 04 Dec 2022 17:30:29 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 280 B IP
Hash add99fbb4423b6041b4dd534c77941ea
1c4fb88dbd1419b0b8ae485127488e316365b55f
c1641a2aa162af0aaba271e2812ae196a24e0bd1ad7212a4fbd0e99d588c668a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6287
Cache-Control: max-age=99158
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:49 GMT
Etag: "638c6050-118"
Expires: Tue, 06 Dec 2022 10:39:27 GMT
Last-Modified: Sun, 04 Dec 2022 08:54:40 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280
tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
200 OK 14 kB URL HTTP/2 tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
IP
Hash 5f5b67ffabd440ed641f894f9ba1629f
0ed1923a494a7420e2dceec6a3b24290fe6c4f04
34244482126794f5219cb1200c66821029ee02abed9a9ad3ba026e2ea29f028b
GET /data.js?rnd=62fe5c0e6ad95 HTTP/1.1
Host: tags.clickagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:49 GMT
content-type: application/javascript
last-modified: Fri, 07 Oct 2022 12:51:20 GMT
x-amz-version-id: eiH8z613.BRzukjofzW7pfMQ5QqyyUJw
content-encoding: gzip
etag: W/"39cbfce65efed785f567d3a64646eed5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: d12MwPVyw1z_vC25lKeZP6q7Q2RUkNdCNI43UhPAjW4h1qtEk9WwOw==
age: 75449
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 774af0fd9dd11c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash ea1cfc4ab75f658f873244e426754e41
9a01309058cbc81e5ffa5315b89f5b75082aab25
059ccaa6bd69fa2c5718b94c77be0573f508a22883bde498fa44894338ca4f3d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=119711
Date: Mon, 05 Dec 2022 07:06:49 GMT
Etag: "638cb085-1d7"
Expires: Tue, 06 Dec 2022 16:22:00 GMT
Last-Modified: Sun, 04 Dec 2022 14:36:53 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7ZDR2USH8h6U71y3O95syyqTBAXyeCUiVHk1hBnBacIQeaUvHgzguA==
Age: 6307
js.hsforms.net/forms/v2.js
200 OK 153 kB URL HTTP/2 js.hsforms.net/forms/v2.js
IP
File type Unicode text, UTF-8 text, with very long lines (59286), with no line terminators
Size 153 kB (152655 bytes)
Hash 37572277c648287cc1737162a457f1f4
8a9fb505b073ae3b4b5805094a7ec8a1c8b20219
ea97ef4610d6df9d0a3cd242115a6943f9fef5b1d7cf0f645f8570ea6689b818
GET /forms/v2.js HTTP/1.1
Host: js.hsforms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:49 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Fri, 02 Dec 2022 11:19:56 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: ii__Cj1KR4hF5EMokiA8h.FRRe4t2Kk5
etag: W/"3c51dbe4a1cd853aee0ba979c190f8d2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 68a3b1d5c75429221abc685a453afb60.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: 2fxtMdoVTHSbOL3RMCVAV6Sr7gMssga40ygMfDVMl16TYLN7VO-nyQ==
cache-control: s-maxage=600, max-age=300
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-embed/static-1.2431/bundles/project-v2.js&cfRay=7733b9f2ab99be53-IAD
x-hs-target-asset: forms-embed/static-1.2431/bundles/project-v2.js
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 110
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5iIM5u3WnIYGjtGC7c7JY8O%2BHXOq%2FhzsL3Ez0r%2BhdrX90tFtC10i0r0cIHIDOWMvLXM5NXomxJmjMSyJDJOQkO0IC5IIztI57C5MnlFA2xq8en2Jjn%2BmclNo9ZZdOjo0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 774af0f8ff71b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
process.iconnode.com/google-ads/
200 OK 0 B URL HTTP/2 process.iconnode.com/google-ads/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /google-ads/ HTTP/1.1
Host: process.iconnode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:49 GMT
content-type: text/html; charset=UTF-8
content-length: 0
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://www.usbfund.com
access-control-allow-credentials: true
access-control-max-age: 86400
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/USBusinessFunding-Home1.png
200 OK 944 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/USBusinessFunding-Home1.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1696 x 1131, 8-bit colormap, non-interlaced\012- data
Size 944 kB (944072 bytes)
Hash b4b6bd078ef229456fc9d5b22d31ca0e
51cb87382bfb8b0029df296adb021229ad4cf6da
870b85b6771aeb0fc9c84c444ca24919dd6f71e4b34a6bb97003a0a4f34bdfd3
GET /wp-content/uploads/USBusinessFunding-Home1.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: __ss=1670224006697; __ss_referrer=https%3A//www.usbfund.com/secured-vs-unsecured-line-of-credit/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business; _gcl_au=1.1.1919072345.1670224007; wc_visitor=100980-055a9f26-7aed-146f-e719-11d517e17b4e; wc_client=bayengage+..+campaign-email+..+credit-score-for-small-business+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business+..+100980-055a9f26-7aed-146f-e719-11d517e17b4e+..+; wc_client_current=bayengage+..+campaign-email+..+credit-score-for-small-business+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business+..+100980-055a9f26-7aed-146f-e719-11d517e17b4e+..+; IR_gbd=usbfund.com; IR_7486=1670224006761%7C0%7C1670224006761%7C%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:14:13 GMT
accept-ranges: bytes
content-length: 944072
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Mon, 05 Dec 2022 07:06:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/fonts/socicon.woff
200 OK 31 kB URL HTTP/2 www.usbfund.com/fonts/socicon.woff
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 31444, version 1.0\012- data
Hash dcbd1f9c4275862f002f21619e96b8f4
a97cd865925e5102ae7c25aa5dd09112ccf50651
a680b776319127695950fd7c490b17cd15120d683bde57845707a2f7dc0f1a74
Analyzer Verdict Alert fortinet Malware
GET /fonts/socicon.woff HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: __ss=1670224006697; __ss_referrer=https%3A//www.usbfund.com/secured-vs-unsecured-line-of-credit/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business; _gcl_au=1.1.1919072345.1670224007; wc_visitor=100980-055a9f26-7aed-146f-e719-11d517e17b4e; wc_client=bayengage+..+campaign-email+..+credit-score-for-small-business+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business+..+100980-055a9f26-7aed-146f-e719-11d517e17b4e+..+; wc_client_current=bayengage+..+campaign-email+..+credit-score-for-small-business+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business+..+100980-055a9f26-7aed-146f-e719-11d517e17b4e+..+; IR_gbd=usbfund.com; IR_7486=1670224006761%7C0%7C1670224006761%7C%7C
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 Sep 2019 21:47:06 GMT
accept-ranges: bytes
content-length: 31444
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: font/woff
date: Mon, 05 Dec 2022 07:06:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/themes/usb/style.css
200 OK 31 kB URL HTTP/2 www.usbfund.com/wp-content/themes/usb/style.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash d32c19234d8d7c0ee0df5271472d4a12
5b3e035f95703a7302f2166cc9ab5d6353c0e799
9feaea4a384987a45495ae5aa7525919f4b5bef3d98298f44219e18c67e39cc4
GET /wp-content/themes/usb/style.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=credit-score-for-small-business
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Apr 2022 22:11:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: text/css
date: Mon, 05 Dec 2022 07:06:48 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 4d2314e9f3c51aaa368eef8f00037ad8
e83a51f1d17709329ca60e53189fe8e18181330a
d1c3a6f3afb942c6432ab948df09f4b0e410d663e11589ce558c76eb18578157
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1384
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:50 GMT
Etag: "638c6a44-116"
Last-Modified: Mon, 05 Dec 2022 06:43:46 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10453
Expires: Mon, 05 Dec 2022 10:01:03 GMT
Date: Mon, 05 Dec 2022 07:06:50 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10453
Expires: Mon, 05 Dec 2022 10:01:03 GMT
Date: Mon, 05 Dec 2022 07:06:50 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10453
Expires: Mon, 05 Dec 2022 10:01:03 GMT
Date: Mon, 05 Dec 2022 07:06:50 GMT
Connection: keep-alive
prism.app-us1.com/?a=224499963&u=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business
200 OK 666 B URL HTTP/2 prism.app-us1.com/?a=224499963&u=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business
IP
Hash 319fdc71560a38c90b59f7919d4bf818
b0202cd6782d279fd5b610884694c49b82e4eb13
69dea60277d156fd37cd261d6ea08b0c3a7823955cf43289e1a40c8c5b6dff7c
GET /?a=224499963&u=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business HTTP/1.1
Host: prism.app-us1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:50 GMT
content-type: application/javascript
cache-control: no-cache, private
set-cookie: prism_224499963=5f088d8c-1f7c-4ac6-8206-949f0afb285f; expires=Wed, 04-Jan-2023 07:06:50 GMT; Max-Age=2592000; path=/; secure; httponly; samesite=none
x-envoy-upstream-service-time: 50
x-powered-by: PHP/7.4.32
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 774af0feae7ffab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10453
Expires: Mon, 05 Dec 2022 10:01:03 GMT
Date: Mon, 05 Dec 2022 07:06:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b8e6f84dff61fedd8ff9baa9bb648883
f8d5cc7b315879b66a11b403463da1330617d2fa
025c66a4a0e7927353e1733d7f8cfb6ec3c9c0228d34267cbff11f09cf112127
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12348
x-amzn-requestid: 72f681ef-9ae7-4fc5-8539-230e1d4277a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKa_HpTIAMFrcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abddf-43ef45165fd982997e5018c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:09:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGsNaADKr1KoJT7rxDSFf8dxM1_IXsaF67Eqe8DIO9PAJy8HtqQKng==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 03:21:42 GMT
age: 13508
etag: "f8d5cc7b315879b66a11b403463da1330617d2fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6034ca-f8c1-4979-8165-5f755e5d12a1.jpeg
200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6034ca-f8c1-4979-8165-5f755e5d12a1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3c36448c65274ebbe1eb21e3bf02385e
e03cf1c7c2ec15b3cc50d9c54bebbf81aa08cf28
6f17788a394f1305755805a1b92117b1c1a03a1e3a075cb97a0da5184d574553
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6034ca-f8c1-4979-8165-5f755e5d12a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6430
x-amzn-requestid: ae2ec151-d383-4554-9ac2-3d204701251c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_ttFDKoAMFp0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1324-15aebb1a06253068472a6ab0;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hEiLpBd0Tubj3-Wgqh_jpK6XEekyrHfuQxpVD_JLlNSAQj41XK_1EA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:15 GMT
age: 33275
etag: "e03cf1c7c2ec15b3cc50d9c54bebbf81aa08cf28"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:49:44 GMT
age: 33426
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
forms.soundestlink.com/REST/inShop/v1/getSettings?callback=_omnisend.setSettings&responseType=jsonp&shopHostname=www.usbfund.com&shopType=api&brandID=60034c978a48f7337bc1a105
200 OK 11 kB URL HTTP/2 forms.soundestlink.com/REST/inShop/v1/getSettings?callback=_omnisend.setSettings&responseType=jsonp&shopHostname=www.usbfund.com&shopType=api&brandID=60034c978a48f7337bc1a105
IP
File type ASCII text, with no line terminators
Hash b5c0325d49411d4c39d18d1fb4cd0efb
3a7d7c96ad4f8e9b84d2f4d9fc7456e27aa80786
a24769ae3662c3b6afc88b01cffa95fb34d2d196050e03c4de9acb47d719c828
GET /REST/inShop/v1/getSettings?callback=_omnisend.setSettings&responseType=jsonp&shopHostname=www.usbfund.com&shopType=api&brandID=60034c978a48f7337bc1a105 HTTP/1.1
Host: forms.soundestlink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:49 GMT
content-type: application/json
cache-control: max-age=0, s-maxage=600, public
last-modified: Mon, 05 Dec 2022 07:06:42 GMT
x-envoy-upstream-service-time: 6
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 7
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 774af0fe6a59b50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b3b9022-ae31-4c4b-b4aa-3d82606d5c7c.jpeg
200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b3b9022-ae31-4c4b-b4aa-3d82606d5c7c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0402b0c3474a5bd3b1ba804528b64a8
2d47af0fb664d9fec52549bb3bdba1dfd8911bb2
7f87af77663b8bf22211e135554ada8865cdcf6499e9fcf0f3442b10ca3984e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b3b9022-ae31-4c4b-b4aa-3d82606d5c7c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5276
x-amzn-requestid: d337310e-59be-4268-bfd0-8cc4f2c91a11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_soE98IAMF0aA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-230591591f8fd0984c222549;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4Id8aWDt9bVlBXcsMK9LEAoqggewzLb9h4eZfuvYMGON2NnwyiP3Pg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:29 GMT
etag: "2d47af0fb664d9fec52549bb3bdba1dfd8911bb2"
content-type: image/jpeg
age: 33501
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 99d1ff8fa2e095dcf2bda3d1e1af1221
f914f04a0e1fb45a221d31d2105bfc73015b03e6
90325d4299a44dbd213857ada6f6880db8c33ad61685cfcb60c4a2455a84cf87
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10183
x-amzn-requestid: 0cdea572-aab4-4d52-948b-976170a787a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_uLHQZoAMF4hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1327-7948052f39c4f6071b4a0e0d;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WDqUFMBT59kulx4WLxNh5XTsHzr4_u524juvZJnGMYBH-mUaJclnTg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:49:03 GMT
age: 33467
etag: "f914f04a0e1fb45a221d31d2105bfc73015b03e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 4d2314e9f3c51aaa368eef8f00037ad8
e83a51f1d17709329ca60e53189fe8e18181330a
d1c3a6f3afb942c6432ab948df09f4b0e410d663e11589ce558c76eb18578157
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1384
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:50 GMT
Etag: "638c6a44-116"
Last-Modified: Mon, 05 Dec 2022 06:43:46 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 278
track.sendlane.com/track/event?event_id=xWMCUM2gF97YD&uri=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business&cb=zjrykytotu5jtz7pzycj
204 No Content 139 B URL HTTP/1.1 track.sendlane.com/track/event?event_id=xWMCUM2gF97YD&uri=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business&cb=zjrykytotu5jtz7pzycj
IP
File type gzip compressed data, max speed, from Unix\012- data
Hash 4b9540f1cd570d3ece1f041544e30fa6
83eb39c121acd877fc48d5343ac607759f9ab65f
4f5816ec3af0b4eeaa938161ed5b19053f1a5c904440a58b5670e83b69d9b0f3
GET /track/event?event_id=xWMCUM2gF97YD&uri=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business&cb=zjrykytotu5jtz7pzycj HTTP/1.1
Host: track.sendlane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Mon, 05 Dec 2022 07:06:50 GMT
Server: Apache
Cache-Control: no-cache, private, max-age=2592000
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 58
Set-Cookie: track_session=eyJpdiI6ImovZXdadlk2MnhxVGxnekI5bUlNWkE9PSIsInZhbHVlIjoiMGZObUg3cDJoZ0M4MXRZMVZTdi9tNEVmZ3Q2Rk91SkZ0TVpLWW1jaTdubGtLUG90VlkvdnJ0TmVTdHlBODI4aWtxN21rSFBwNzltZ3VwcmYydml1NHhNMFdEQmdjOUhmeVhwQStISHJMQTEwTGc4RzNwRThsZjZjbFJBVlhCRjgiLCJtYWMiOiIzZmIzZWE0MDhkYWMzNTRiMzNkYzYwZWIxYjVlYTVhNzc5NzE0ZjZhNzI2MWUxMWQzMzFiNzZmYzgwOWQyNWQ0IiwidGFnIjoiIn0%3D; expires=Mon, 05-Dec-2022 09:06:50 GMT; Max-Age=7200; path=/; domain=sendlane.com; secure; httponly; samesite=lax
Expires: Wed, 04 Jan 2023 07:06:50 GMT
Connection: close
ocsp.digicert.com/
200 OK 279 B IP
Hash a8094369996a2de7a4215291351ae444
c55a5ebc596b854e16820b489a0bda868a7f78be
252e18f7be54f26b6b162d2d115da68461b1ff58571d86f16f51fe7a6af54c5b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1880
Cache-Control: max-age=115312
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:50 GMT
Etag: "638cb0a2-117"
Expires: Tue, 06 Dec 2022 15:08:42 GMT
Last-Modified: Sun, 04 Dec 2022 14:37:22 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
www.checkbca.org/CompanyWidget.aspx?ID=100094667&WidgetType=1
301 Moved Permanently 196 B URL HTTP/2 www.checkbca.org/CompanyWidget.aspx?ID=100094667&WidgetType=1
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash e4450c4791dadbc8f0fe8409a9b278ec
70f8e597f291a8a247c4f1bbbc4586e300f75723
e350fe60679b3272336147b700171d459374f3a66c6e228673a94ec0d9239b7e
GET /CompanyWidget.aspx?ID=100094667&WidgetType=1 HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
date: Mon, 05 Dec 2022 07:06:50 GMT
content-length: 196
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash f2e65e29364fb83c36767fc96e406397
61b3cfedf0a44e02f937be4606d1ed5d62b337d0
fe3f3b09e4ac93e8cbb101047aa1578db94d51a34be14514aae8fdc5de8a807b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=115451
Date: Mon, 05 Dec 2022 07:06:50 GMT
Etag: "638ca0ff-1d7"
Expires: Tue, 06 Dec 2022 15:11:01 GMT
Last-Modified: Sun, 04 Dec 2022 13:30:39 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: VOa8LBpeY6AcdEqkVICN9Dw4KmpoeoC3LwNDXp_tNdUvAu9LJluwzw==
Age: 6022
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash f2e65e29364fb83c36767fc96e406397
61b3cfedf0a44e02f937be4606d1ed5d62b337d0
fe3f3b09e4ac93e8cbb101047aa1578db94d51a34be14514aae8fdc5de8a807b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=115494
Date: Mon, 05 Dec 2022 07:06:50 GMT
Etag: "638ca0ff-1d7"
Expires: Tue, 06 Dec 2022 15:11:44 GMT
Last-Modified: Sun, 04 Dec 2022 13:30:39 GMT
Server: ECS (nyb/1D22)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6udAwHKhYrjVMv5p2hJy3AlujqcRn5K51BzSECBl9kG3g1Gf-VtnAw==
Age: 6066
forms.soundestlink.com/REST/forms/v1/renderedForms?v=2022-12-05T07&brandID=60034c978a48f7337bc1a105&displayType=popup,embedded
200 OK 2 B URL HTTP/2 forms.soundestlink.com/REST/forms/v1/renderedForms?v=2022-12-05T07&brandID=60034c978a48f7337bc1a105&displayType=popup,embedded
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /REST/forms/v1/renderedForms?v=2022-12-05T07&brandID=60034c978a48f7337bc1a105&displayType=popup,embedded HTTP/1.1
Host: forms.soundestlink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Origin: https://www.usbfund.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:50 GMT
content-type: application/json
content-length: 2
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=600, public
expires: Mon, 05 Dec 2022 08:06:43 GMT
last-modified: Mon, 05 Dec 2022 07:06:43 GMT
x-envoy-upstream-service-time: 3
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 7
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 774af100def6b51e-OSL
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash f2e65e29364fb83c36767fc96e406397
61b3cfedf0a44e02f937be4606d1ed5d62b337d0
fe3f3b09e4ac93e8cbb101047aa1578db94d51a34be14514aae8fdc5de8a807b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=115454
Date: Mon, 05 Dec 2022 07:06:50 GMT
Etag: "638ca0ff-1d7"
Expires: Tue, 06 Dec 2022 15:11:04 GMT
Last-Modified: Sun, 04 Dec 2022 13:30:39 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: vxNezZyXn5VwHpX3woCbhsjlkHPYTL1vP6GDjMg498CCoo28tVeu0A==
Age: 6025
process.iconnode.com/keyword/
200 OK 37 B URL HTTP/2 process.iconnode.com/keyword/
IP
File type ASCII text, with no line terminators
Hash 47d237a9ed20cca7882969e1f7cabaad
b036919d16d1ffdce3bf3673d49edb255d5983e6
ac783c5fa4807f599b392fc3774e82e8fe8f33998e17f3f523a1c1358fd659c5
POST /keyword/ HTTP/1.1
Host: process.iconnode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 993
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:50 GMT
content-type: text/html; charset=UTF-8
content-length: 37
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://www.usbfund.com
access-control-allow-credentials: true
access-control-max-age: 86400
X-Firefox-Spdy: h2
trackcmp.net/t_prism_sitemessages.php?trackid=224499963&prismid=5f088d8c-1f7c-4ac6-8206-949f0afb285f&url=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business
200 OK 0 B URL HTTP/2 trackcmp.net/t_prism_sitemessages.php?trackid=224499963&prismid=5f088d8c-1f7c-4ac6-8206-949f0afb285f&url=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t_prism_sitemessages.php?trackid=224499963&prismid=5f088d8c-1f7c-4ac6-8206-949f0afb285f&url=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business HTTP/1.1
Host: trackcmp.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:50 GMT
content-type: text/javascript;charset=UTF-8
content-length: 0
x-powered-by: PHP/7.1.33
cache-control: no-cache, private
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 774af10079511bfe-OSL
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-YYEX7W0G95>m=2oebu0&_p=1641691141&cid=1909581537.1670224007&ul=en-us&sr=1280x1024&_s=1&sid=1670224007&sct=1&seg=0&dl=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business&dt=Secured%20Vs%20Unsecured%20Line%20of%20Credit%20-%20US%20Business%20Funding&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debud_mode=false
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-YYEX7W0G95>m=2oebu0&_p=1641691141&cid=1909581537.1670224007&ul=en-us&sr=1280x1024&_s=1&sid=1670224007&sct=1&seg=0&dl=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business&dt=Secured%20Vs%20Unsecured%20Line%20of%20Credit%20-%20US%20Business%20Funding&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debud_mode=false
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-YYEX7W0G95>m=2oebu0&_p=1641691141&cid=1909581537.1670224007&ul=en-us&sr=1280x1024&_s=1&sid=1670224007&sct=1&seg=0&dl=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business&dt=Secured%20Vs%20Unsecured%20Line%20of%20Credit%20-%20US%20Business%20Funding&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debud_mode=false HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.usbfund.com
date: Mon, 05 Dec 2022 07:06:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
aorta.clickagy.com/liveramp_redir
302 Found 0 B URL HTTP/2 aorta.clickagy.com/liveramp_redir
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /liveramp_redir HTTP/1.1
Host: aorta.clickagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 05 Dec 2022 07:06:50 GMT
content-type: application/json
content-length: 0
location: https://id.rlcdn.com/711861.gif
server: Aorta/20221117.e7edcc499
x-aorta-host: 46d7b1a75713
x-aorta-region: us-east-1
access-control-allow-credentials: true
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
access-control-expose-headers: Set-Cookie
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin:
access-control-max-age: 31536000
cache-control: no-cache, no-store, must-revalidate
expect: 0
X-Firefox-Spdy: h2
aorta.clickagy.com/data
200 OK 82 B IP
File type JSON data\012- , ASCII text, with no line terminators
Hash ba8d65c00c8917a6d8c0e5dd36e003f5
ffe9aeec3e34e77e989215172280fc2df29d2107
964609aad8a4e79bc70e6d6d6f3bc7d1071b5845cc18a4a6381c83590a79130b
POST /data HTTP/1.1
Host: aorta.clickagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 381
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:50 GMT
content-type: application/json
content-length: 82
server: Aorta/20221117.e7edcc499
x-aorta-host: 2dafa0546ef9
x-aorta-region: us-east-1
access-control-allow-credentials: true
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
access-control-expose-headers: Set-Cookie
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.usbfund.com
access-control-max-age: 31536000
cache-control: no-cache, no-store, must-revalidate
expect: 0
content-encoding: gzip
X-Firefox-Spdy: h2
aorta.clickagy.com/pixel.gif?clkgypv=jstag
302 Found 0 B URL HTTP/2 aorta.clickagy.com/pixel.gif?clkgypv=jstag
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel.gif?clkgypv=jstag HTTP/1.1
Host: aorta.clickagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 05 Dec 2022 07:06:50 GMT
content-type: application/json
content-length: 0
location: https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzozYjQ5NjgzYjY4YmU4NjE1NDNhZWVlMDE3MTNmYTUwYw
server: Aorta/20221117.e7edcc499
x-aorta-host: 88b15c534770
x-aorta-region: us-east-1
access-control-allow-credentials: true
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
access-control-expose-headers: Set-Cookie
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin:
access-control-max-age: 31536000
cache-control: no-cache, no-store, must-revalidate
expect: 0
X-Firefox-Spdy: h2
www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
200 OK 6.8 kB URL HTTP/2 www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (604), with CRLF line terminators
Hash b7e8849d5754f2f3c78c4db93786edec
fa7685561d75972ac95764f29c4e83541cfaaf82
66790a1b1f18f35fc666f30d27bd65962e2e87a50d6f22561ea243b7f42c5e47
GET /companywidget.aspx?ID=100094667&WidgetType=1 HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=xl0mspvd5t13wvv0njpsp4t5; path=/; secure; HttpOnly; SameSite=Lax
date: Mon, 05 Dec 2022 07:06:50 GMT
content-length: 6794
X-Firefox-Spdy: h2
hemsync.clickagy.com/external/hasHashes?clkgypv=jstag&cb=null
200 OK 28 B URL HTTP/2 hemsync.clickagy.com/external/hasHashes?clkgypv=jstag&cb=null
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 830cb026fae1a13104725d2b3100ec10
40188da405f4a93c90f0b5e060e0ccca8e483eba
4d32822dd4fd4e7b58950d7c693e301eaa19b29305077afaebc12852df7f4ee0
GET /external/hasHashes?clkgypv=jstag&cb=null HTTP/1.1
Host: hemsync.clickagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:50 GMT
content-type: text/plain; charset=utf-8
content-length: 28
access-control-allow-origin: https://www.usbfund.com
vary: origin
access-control-allow-credentials: true
access-control-expose-headers: content-length, last-modified, expires, content-type
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 288e63af9866c4bb3e06b5e1f77f300c
bbfe8b98577596f36a58e07a860268cd0cfe79be
2c3c513c12a0daf43f7b311ddbe52ddf6fb22d96d787bed9092ac24d4f3b2c20
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3839
Cache-Control: max-age=146779
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:50 GMT
Etag: "638d23e6-117"
Expires: Tue, 06 Dec 2022 23:53:09 GMT
Last-Modified: Sun, 04 Dec 2022 22:49:10 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
serve.albacross.com/track.js
200 OK 4.1 kB URL HTTP/1.1 serve.albacross.com/track.js
IP
File type ASCII text, with very long lines (10418)
Hash e062066a14a30b3ed3b72c5b31f21ffe
064e97457f03f59e40134ea46a21ba6e98a90c68
7bc78e48c07227b97701737a2799c978d37ff3f2350b02043ce69464de7399de
GET /track.js HTTP/1.1
Host: serve.albacross.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 08 Apr 2021 13:13:21 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 07:06:43 GMT
Cache-Control: max-age=120
ETag: W/"b769e9b4f23be6c9bab7c715fdf2526a"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: uNPWGKJpgfRUBcNA_LssdPh3h75S4jipnPHfG9TIMwuly9EycPuPvA==
Age: 7
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 05 Dec 2022 06:41:08 GMT
expires: Mon, 05 Dec 2022 08:41:08 GMT
cache-control: public, max-age=7200
age: 1542
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
munchkin.marketo.net/munchkin.js
200 OK 728 B URL HTTP/1.1 munchkin.marketo.net/munchkin.js
IP
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (521)
Hash 51a92d8c69733d719447dea0416ed039
69f4c1e0b7ebba812bc096708d57627927dff265
cb483c0ea4012ac512bcba6204b37622b388c1aefd4ae9028f60abb965f23d29
GET /munchkin.js HTTP/1.1
Host: munchkin.marketo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "92b41a298690c047b0c4602dd843cba4:1662686319.691662"
Last-Modified: Fri, 09 Sep 2022 01:18:39 GMT
Server: AkamaiNetStorage
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 07:06:50 GMT
Content-Length: 728
Connection: keep-alive
snap.licdn.com/li.lms-analytics/insight.min.js
200 OK 4.6 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (12961)
Hash c1a25b303b61b25e995516f5559bcdea
3c16a6fa3a2a6dc59d57a9ea1588c4f259884688
2063d2d1415ce9437e9331cb9a798714a5b2e106a65d6dc0ef0d426a5a4c30f2
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 18:52:45 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=51585
date: Mon, 05 Dec 2022 07:06:50 GMT
content-length: 4581
x-cdn: AKAM
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/font-awesome.min.css
200 OK 7.0 kB URL HTTP/2 www.checkbca.org/stylesheets/font-awesome.min.css
IP
File type ASCII text, with very long lines (30837)
Hash 775375b17c16dc85854ba29bbba28807
91c2f8c2838211a85090f061340b6c0c24e763af
e05c4f03a6c957e6b769e9ac46b9b6d7f1de8f46f49fc894be7c7493aaf4e033
GET /stylesheets/font-awesome.min.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: text/css
content-encoding: gzip
last-modified: Tue, 22 Nov 2022 21:47:32 GMT
accept-ranges: bytes
etag: "032466bcfed81:0"
vary: Accept-Encoding
date: Mon, 05 Dec 2022 07:06:50 GMT
content-length: 6965
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.checkbca.org/stylesheets/jquery.selectBox.css
301 Moved Permanently 180 B URL HTTP/2 www.checkbca.org/stylesheets/jquery.selectBox.css
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 65d99af646ca7622a01fc0d3eb7a6b6d
a6b71820c0572f17c183b5669255346947bc3492
425fea6b4acfc8c48eee414af2be035b5c77a87742cf0bb46b136d07e0c29f6a
GET /stylesheets/jquery.selectBox.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/stylesheets/jquery.selectbox.css
date: Mon, 05 Dec 2022 07:06:50 GMT
content-length: 180
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/style.css
200 OK 11 kB URL HTTP/2 www.checkbca.org/stylesheets/style.css
IP
File type assembler source, Unicode text, UTF-8 text, with very long lines (548), with CRLF line terminators
Hash a3ec3a585ca53c4eaa1082ae3427a329
7f08739e149ab8dc280a05b280c31b04bfb1bd6d
1e44bca5aecfd50bff07a4df9f9bb9c524f6addd9c24bb8c463eef67798283c9
GET /stylesheets/style.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: text/css
content-encoding: gzip
last-modified: Tue, 22 Nov 2022 21:47:32 GMT
accept-ranges: bytes
etag: "032466bcfed81:0"
vary: Accept-Encoding
date: Mon, 05 Dec 2022 07:06:50 GMT
content-length: 10899
X-Firefox-Spdy: h2
munchkin.marketo.net/162/munchkin.js
200 OK 4.7 kB URL HTTP/1.1 munchkin.marketo.net/162/munchkin.js
IP
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (606)
Hash 3e9baed982956735f6e0a0e756d97ed9
9223be6a494a10959101a7942419df7b05b84d73
930a508ed0ea6b4861d19c0738360182514010913c4ebfe9352064ae5006f8a1
GET /162/munchkin.js HTTP/1.1
Host: munchkin.marketo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "75daf56f6191efe42577301908659c29:1656637152.894482"
Last-Modified: Fri, 01 Jul 2022 00:59:12 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=8640000
Expires: Wed, 15 Mar 2023 07:06:50 GMT
Date: Mon, 05 Dec 2022 07:06:50 GMT
Content-Length: 4677
Connection: keep-alive
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
tag.simpli.fi/sifitag/7c49dfc0-b0ef-0139-b544-06a60fe5fe77
200 OK 3.1 kB URL HTTP/2 tag.simpli.fi/sifitag/7c49dfc0-b0ef-0139-b544-06a60fe5fe77
IP
File type ASCII text, with very long lines (3100)
Hash 3f39bd6aa96de4bb5bd9275b06354981
14f61e1cbeb536266027c98d8f48cc3211f1a2b2
4f8cbfd5c952dcec41e51c8cdf551acc7acf44e7e4d51ab90be179a503fb4b00
GET /sifitag/7c49dfc0-b0ef-0139-b544-06a60fe5fe77 HTTP/1.1
Host: tag.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 3101
set-cookie: suid=85E004AADB474AC5BC07E1F27AAC2CAC; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:50 GMT; SameSite=none; Secure;
suid_legacy=85E004AADB474AC5BC07E1F27AAC2CAC; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:50 GMT; Secure;
x-request-id: Fy3T43lx3HTWKDSZ7mKh
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache, no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzozYjQ5NjgzYjY4YmU4NjE1NDNhZWVlMDE3MTNmYTUwYw
302 Found 357 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzozYjQ5NjgzYjY4YmU4NjE1NDNhZWVlMDE3MTNmYTUwYw
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash bc322d093c370839097f9df9f81a670e
8d13c22098d746b540209ebba67ab40f9ba8c9f9
c50375f48b204af3f442f1feb19dab0a99ff661a1a4c97cebc1a8455bc37c7f0
GET /pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzozYjQ5NjgzYjY4YmU4NjE1NDNhZWVlMDE3MTNmYTUwYw HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc=&google_cm=&google_hm=YzozYjQ5NjgzYjY4YmU4NjE1NDNhZWVlMDE3MTNmYTUwYw&google_tc=
date: Mon, 05 Dec 2022 07:06:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 357
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Dec-2022 07:21:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
omnisnippet1.com/inShop/forms.js?v=2022-12-05T07
200 OK 30 kB URL HTTP/2 omnisnippet1.com/inShop/forms.js?v=2022-12-05T07
IP
File type ASCII text, with very long lines (32114)
Hash 952cccf6480cc0fe42f32ceb1f960e5e
dc9c7e062b36b68b4beaee4cc792a7ebe5d1789b
4c0df441b5fa35864c1de775208fa9db4e17cf420b0086a370ac932cb8746ebc
GET /inShop/forms.js?v=2022-12-05T07 HTTP/1.1
Host: omnisnippet1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:50 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 07:45:26 GMT
etag: W/"63885b96-2029c"
expires: Mon, 05 Dec 2022 07:02:57 GMT
cache-control: max-age=3600
x-envoy-upstream-service-time: 2
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 805
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 774af0ffdfaafac0-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/cropped-iconusbfund-192x192.png
200 OK 20 kB URL HTTP/2 www.usbfund.com/wp-content/uploads/cropped-iconusbfund-192x192.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 273b22a347363c8bfaa20ddcca897d53
0bf5106cb96db26030ae4bee997db3aef8914130
3c673a54e1fea64b6b57dc31365058249f665f327b0e032746b310a2f6a2c0b2
GET /wp-content/uploads/cropped-iconusbfund-192x192.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=credit-score-for-small-business
Cookie: __ss=1670224006697; __ss_referrer=https%3A//www.usbfund.com/secured-vs-unsecured-line-of-credit/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business; _gcl_au=1.1.1919072345.1670224007; wc_visitor=100980-055a9f26-7aed-146f-e719-11d517e17b4e; wc_client=bayengage+..+campaign-email+..+credit-score-for-small-business+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business+..+100980-055a9f26-7aed-146f-e719-11d517e17b4e+..+; wc_client_current=bayengage+..+campaign-email+..+credit-score-for-small-business+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business+..+100980-055a9f26-7aed-146f-e719-11d517e17b4e+..+; IR_gbd=usbfund.com; IR_7486=1670224006761%7C0%7C1670224006761%7C%7C; _ga_YYEX7W0G95=GS1.1.1670224007.1.0.1670224007.0.0.0; _ga=GA1.1.1909581537.1670224007; __ss_tk=202212%7C638d9889dfc22c6d4f7bd40f; soundestID=20221205070647-mV3tQmhwRcE9xYrCe92UruDqf68whr11B1yDCpdm4bxTE2NX4; omnisendAnonymousID=JC2ROh7MEtR5Ng-20221205070647; omnisendSessionID=qDc7NfTbOgwaMW-20221205070647; prism_224499963=5f088d8c-1f7c-4ac6-8206-949f0afb285f; soundest-views=1; wc_swap=9494033494+..+9494611140+..+68836
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 28 Sep 2019 00:15:06 GMT
accept-ranges: bytes
content-length: 19606
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Mon, 05 Dec 2022 07:06:50 GMT
server: Apache
X-Firefox-Spdy: h2
omnisnippet1.com/forms/main.js?v=2022-12-05T07
200 OK 17 kB URL HTTP/2 omnisnippet1.com/forms/main.js?v=2022-12-05T07
IP
File type ASCII text, with very long lines (56184)
Hash e647a3ad1546a1ba94e91a33e804eb7e
c9fbad6fb25be772e8d2f31f6ccf1a716b093cb4
d0f5b813c334317fa34630c2b7863faa65c49fe098ef1dbf0e519ac5b4eae248
GET /forms/main.js?v=2022-12-05T07 HTTP/1.1
Host: omnisnippet1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:50 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 07:46:26 GMT
etag: W/"63885bd2-db99"
expires: Mon, 05 Dec 2022 07:02:57 GMT
cache-control: max-age=3600
x-envoy-upstream-service-time: 1
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 805
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 774af1004fe4fac0-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.checkbca.org/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZBAd-3g2iBrrqGpefWWgmRAZw8TONzGF-aV_9TjkbkyCvwDWnstKlAYe583il9NLzw2&t=637823077705833095
200 OK 23 kB URL HTTP/2 www.checkbca.org/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZBAd-3g2iBrrqGpefWWgmRAZw8TONzGF-aV_9TjkbkyCvwDWnstKlAYe583il9NLzw2&t=637823077705833095
IP
File type ASCII text, with CRLF line terminators
Hash 20180537e2ac64e5c60143ac90c84998
82d03de61c4dededbc9fd79d8c3a8e18d3b43744
0999cb5dfb2dcd76a944ef880be49f8e2d66fc60d00817e2b251ba0a67090cbf
GET /WebResource.axd?d=pynGkmcFUV13He1Qd6_TZBAd-3g2iBrrqGpefWWgmRAZw8TONzGF-aV_9TjkbkyCvwDWnstKlAYe583il9NLzw2&t=637823077705833095 HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: application/x-javascript
content-encoding: gzip
expires: Tue, 05 Dec 2023 03:44:05 GMT
last-modified: Tue, 08 Mar 2022 11:42:50 GMT
vary: Accept-Encoding
date: Mon, 05 Dec 2022 07:06:50 GMT
content-length: 23086
X-Firefox-Spdy: h2
www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjax.js
301 Moved Permanently 188 B URL HTTP/2 www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjax.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 6f83537ac9d2567aa0049ad8d28282d8
7e4975fe0edee16d97ab1f59dd7473a95902f30e
c614ae1fc44d88ab3555782295fd0de23f7b1062ef93e0777530a9ff2fdb2fe6
GET /Scripts/WebForms/MsAjax/MicrosoftAjax.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
date: Mon, 05 Dec 2022 07:06:50 GMT
content-length: 188
X-Firefox-Spdy: h2
js.hs-analytics.net/analytics/1670223900000/5627136.js
200 OK 21 kB URL HTTP/2 js.hs-analytics.net/analytics/1670223900000/5627136.js
IP
File type ASCII text, with very long lines (64572)
Hash 829f1093cba036cebd2b0045001b0a41
b5d5d296d8b4382b6dee693a1fc8404dc579faed
9befe87bdbb08f21fdc1054a63e02f5a6bcc9b2fa77ae6ac1c8492870a122348
GET /analytics/1670223900000/5627136.js HTTP/1.1
Host: js.hs-analytics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:50 GMT
content-type: text/javascript
x-amz-id-2: qttXn6BujYoG4BcYzvYucTqYfRONI+BHZogFqVr9WzbRP134qoaunaawpuxDIwgQZU7BTxDtf2s=
x-amz-request-id: THRBEAW17JASPXZ3
last-modified: Thu, 01 Dec 2022 14:17:27 GMT
etag: W/"bd43dd938f6c21d85ba0c275e588340d"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: null
access-control-allow-credentials: false
vary: origin, Accept-Encoding
expires: Mon, 05 Dec 2022 07:11:43 GMT
cf-cache-status: HIT
age: 7
server: cloudflare
cf-ray: 774af102df07b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjaxWebForms.js
301 Moved Permanently 196 B URL HTTP/2 www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjaxWebForms.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 95d708e49ef3d81c5832e354dbdafb01
ddb6aa6d1990a59c42331129fef517bb9101fad1
429e36746d58356e8d7fd50c755f2ec8de5fcf67bc3980f782eef9c14e89db18
GET /Scripts/WebForms/MsAjax/MicrosoftAjaxWebForms.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/scripts/webforms/msajax/microsoftajaxwebforms.js
date: Mon, 05 Dec 2022 07:06:50 GMT
content-length: 196
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery-3.3.1.min.js
200 OK 30 kB URL HTTP/2 www.checkbca.org/scripts/jquery-3.3.1.min.js
IP
File type ASCII text, with very long lines (65451)
Hash a263be51483c81a54aa8c85104a93e55
555a54a73531c553bd2aede6abc25c128b63312e
b2f13ad730928958c09d89e6e32bb6a227c0260d032a39ca464d998a59e57a66
GET /scripts/jquery-3.3.1.min.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Mon, 05 Dec 2022 07:06:50 GMT
content-length: 30394
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/58092/domain/usbfund.com/token
200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/58092/domain/usbfund.com/token
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /partner/58092/domain/usbfund.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.usbfund.com/
Origin: https://www.usbfund.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Sun, 04 Dec 2022 12:51:29 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2oNEe5t5fKDdehX7oN9C55H0DsJ8Nx_7C7whG8bsT_yKL1LLDcm80Q==
age: 65721
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery.simplemodal.1.4.4.min.js
200 OK 3.1 kB URL HTTP/2 www.checkbca.org/scripts/jquery.simplemodal.1.4.4.min.js
IP
File type ASCII text, with very long lines (626), with CRLF, LF line terminators
Hash 487fda8eb4e12565909588706300e2fb
9224d8c027d499bb7ec852c2bf3c580e593f5d5b
664736273b9cff9b035c3c682e6ea5e1220468bf24d3199d45148b0a45e101dc
GET /scripts/jquery.simplemodal.1.4.4.min.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Mon, 05 Dec 2022 07:06:50 GMT
content-length: 3081
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 95b7c06c28263152be8f9b93be817df1
0832b6bda49d24e42a1a4d65691056a31831ee89
408abdb40f3e63a2c5fe8481e626fcf07181eb6d8ffb60474ad3b72adb0aef4f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 05 Dec 2022 07:06:50 GMT
Last-Modified: Mon, 05 Dec 2022 06:50:40 GMT
Server: ECS (nyb/1D0A)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: QhZF_9PJUz2gOIL4ucHzwr8fqHvfMraV8wopxBidgCG1--0nrjxVYQ==
Age: 970
www.checkbca.org/scripts/jquery.bxslider.min.js
200 OK 5.1 kB URL HTTP/2 www.checkbca.org/scripts/jquery.bxslider.min.js
IP
File type ASCII text, with very long lines (18813)
Hash 9777aab0bd6025cd5c7ecaebd409284d
ab73cc0c1c09e58a1fa0d5bda44c313f697f14da
7b01c6335fa7c91f0b359d56158676c2553323f6e09dd01db242b0da0d104d1b
GET /scripts/jquery.bxslider.min.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Mon, 05 Dec 2022 07:06:50 GMT
content-length: 5135
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery.selectBox.js
301 Moved Permanently 175 B URL HTTP/2 www.checkbca.org/scripts/jquery.selectBox.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 46da262b5b1399dfbf30fac73e57a298
c176cf3cfa6da6a0748c497591ff3619467d6434
4089029c368f61bcc5e6be36c952e1c440e0e20475e247b8316c6ce57ea7cc99
GET /scripts/jquery.selectBox.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/scripts/jquery.selectbox.js
date: Mon, 05 Dec 2022 07:06:50 GMT
content-length: 175
X-Firefox-Spdy: h2
www.checkbca.org/scripts/scripts.js
200 OK 4.3 kB URL HTTP/2 www.checkbca.org/scripts/scripts.js
IP
File type ASCII text, with CRLF line terminators
Hash 3b38a1caac14cc0685da48549e84da3b
2ce4f852dced2ddee12614640dcfeb0f3a96ae48
4e45d270791d6d30c782e95c1763ef0a1ac7b934d5cb703b651f3c6434c8b22b
GET /scripts/scripts.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 22 Nov 2022 21:47:29 GMT
accept-ranges: bytes
etag: "806e7c4bcfed81:0"
vary: Accept-Encoding
date: Mon, 05 Dec 2022 07:06:50 GMT
content-length: 4272
X-Firefox-Spdy: h2
www.checkbca.org/images/widget_member_seal.png
200 OK 4.9 kB URL HTTP/2 www.checkbca.org/images/widget_member_seal.png
IP
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash b16b18a3bc55b39e53d58026662582b1
f1ef3e2605c0eb6afd312dcc7b354b4d0dee54a2
fb715daa7fae403543290995b70576747818581d044e57b5ac072fd27c84e1bf
GET /images/widget_member_seal.png HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: image/png
last-modified: Sat, 09 May 2020 03:31:08 GMT
accept-ranges: bytes
etag: "8a855647b225d61:0"
date: Mon, 05 Dec 2022 07:06:50 GMT
content-length: 4897
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash a97c490a5f57669e4779f159c4dc7c2e
a8cb07e3ef5ff4963a1e303a9770ff752cc62ecc
440bae73a0f989f36ec69b72d2cd21fab3637efc498af4a5e77d74a55ea7fca7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 07:06:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 01:42:53 GMT
Expires: Sun, 11 Dec 2022 01:42:52 GMT
Etag: "a8cb07e3ef5ff4963a1e303a9770ff752cc62ecc"
Cache-Control: max-age=498360,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774af102ef0fb4f4-OSL
id.rlcdn.com/711861.gif
451 Unavailable For Legal Reasons 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /711861.gif HTTP/1.1
Host: id.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 451 Unavailable For Legal Reasons
date: Mon, 05 Dec 2022 07:06:51 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
aorta.clickagy.com/pixel.gif?ch=8&cm=&google_error=3
302 Found 0 B URL HTTP/2 aorta.clickagy.com/pixel.gif?ch=8&cm=&google_error=3
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel.gif?ch=8&cm=&google_error=3 HTTP/1.1
Host: aorta.clickagy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 05 Dec 2022 07:06:51 GMT
content-type: application/json
content-length: 0
location: https://idsync.rlcdn.com/420246.gif?partner_uid=c:3b49683b68be861543aeee01713fa50c
server: Aorta/20221117.e7edcc499
x-aorta-host: c2ae21490dc5
x-aorta-region: us-east-1
access-control-allow-credentials: true
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
access-control-expose-headers: Set-Cookie
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin:
access-control-max-age: 31536000
cache-control: no-cache, no-store, must-revalidate
expect: 0
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/jquery.selectbox.css
200 OK 844 B URL HTTP/2 www.checkbca.org/stylesheets/jquery.selectbox.css
IP
File type ASCII text, with very long lines (2823), with no line terminators
Hash ef6ac3dc00cd170fb2e40e76489dc10d
02964dcc31527690062facef2f5ca2c0cf24ea23
06e4f8e3d1d4e68a23c9fd4927304906f912307b71f80025f6b74dfe3945d813
GET /stylesheets/jquery.selectbox.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: text/css
content-encoding: gzip
last-modified: Fri, 02 Aug 2019 17:52:06 GMT
accept-ranges: bytes
etag: "0a783ff5a49d51:0"
vary: Accept-Encoding
date: Mon, 05 Dec 2022 07:06:50 GMT
content-length: 844
X-Firefox-Spdy: h2
rec.smartlook.com/es6/init.462db28866d53d1d25a1.js
200 OK 15 kB URL HTTP/2 rec.smartlook.com/es6/init.462db28866d53d1d25a1.js
IP
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (54308)
Hash 0f17234020eddd568ca5cc33def347f5
83c47453b4c1b336f183349b585f4b1b4fb656cc
114dd8454a89de204d3fbdcfa9cd8938629809a659349a17efa05a8f46a9935e
GET /es6/init.462db28866d53d1d25a1.js HTTP/1.1
Host: rec.smartlook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:50 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cross-origin-resource-policy: cross-origin
etag: W/"63861b50-d477"
last-modified: Tue, 29 Nov 2022 14:46:40 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-accel-expires: @1701270391
server: CDN77-Turbo
x-77-nzt: AblMCRSp4mr/k3gHAA
x-77-nzt-ray: af585630509658bb8a988d63b39b622d
x-cache: HIT
x-age: 489619
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
idsync.rlcdn.com/420246.gif?partner_uid=c:3b49683b68be861543aeee01713fa50c
451 Unavailable For Legal Reasons 0 B URL HTTP/2 idsync.rlcdn.com/420246.gif?partner_uid=c:3b49683b68be861543aeee01713fa50c
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /420246.gif?partner_uid=c:3b49683b68be861543aeee01713fa50c HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 451 Unavailable For Legal Reasons
date: Mon, 05 Dec 2022 07:06:51 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
200 OK 24 kB URL HTTP/2 www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
IP
File type ASCII text, with very long lines (65262), with CRLF line terminators
Hash 1aa546445a52ff5e781cb1e335f445c4
a8071c7d8f7c2798100ceed7ef5842a587cc41d2
6a3e80b4cc602560e187e061ff5070fdda5c608125956f878f417b01867f6b09
GET /scripts/webforms/msajax/microsoftajax.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 22 Nov 2022 21:47:32 GMT
accept-ranges: bytes
etag: "032466bcfed81:0"
vary: Accept-Encoding
date: Mon, 05 Dec 2022 07:06:50 GMT
content-length: 24320
X-Firefox-Spdy: h2
www.checkbca.org/scripts/webforms/msajax/microsoftajaxwebforms.js
200 OK 9.6 kB URL HTTP/2 www.checkbca.org/scripts/webforms/msajax/microsoftajaxwebforms.js
IP
File type ASCII text, with very long lines (39257), with CRLF line terminators
Hash 211aa6b9096a11187131cbc6c3ab6d16
380ff6b00fc93d78031319a6d1b0e78f2a9e6017
4f1ec7256c84b77776b8c75fd59dca0c6b5560fa3a5010a290e46b6b5d8d4f5f
GET /scripts/webforms/msajax/microsoftajaxwebforms.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 22 Nov 2022 21:47:32 GMT
accept-ranges: bytes
etag: "032466bcfed81:0"
vary: Accept-Encoding
date: Mon, 05 Dec 2022 07:06:50 GMT
content-length: 9603
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery.selectbox.js
200 OK 4.2 kB URL HTTP/2 www.checkbca.org/scripts/jquery.selectbox.js
IP
File type Unicode text, UTF-8 text, with very long lines (15896), with no line terminators
Hash 786f2eb7bf72098ca18b9afd6d127237
5e75cb575c23f13e064a913cbe55570670e718ab
d8a1f1df33bbe0f528bfd53be5c1388890220e54c5aaa7281b889a1e5dde3189
GET /scripts/jquery.selectbox.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Mon, 05 Dec 2022 07:06:50 GMT
content-length: 4192
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash d9e6901efe7120f273b10256a6c09bcd
8e1b9ce969db430c2812f340f9b84d7de4ad7529
31ec040b2c1552c3e4671ff2de82a68e6d82ea4ac03e3afc25f7438c7d0df802
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=170666
Date: Mon, 05 Dec 2022 07:06:51 GMT
Etag: "638d84d5-1d7"
Expires: Wed, 07 Dec 2022 06:31:17 GMT
Last-Modified: Mon, 05 Dec 2022 05:42:45 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fTCg4ELal2y3-yDBVZrpVtxh0r3fzIHNz8kiZpkfw3gLckizSmUnYw==
Age: 2912
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D58092%26time%3D1670224008239%26url%3Dhttps%253A%252F%252Fwww.usbfund.com%252Fsecured-vs-unsecured-line-of-credit%252F%253Futm_source%253Dbayengage%2526utm_medium%253Dcampaign-email%2526utm_campaign%253Dcredit-score-for-small-business%26liSync%3Dtrue
302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D58092%26time%3D1670224008239%26url%3Dhttps%253A%252F%252Fwww.usbfund.com%252Fsecured-vs-unsecured-line-of-credit%252F%253Futm_source%253Dbayengage%2526utm_medium%253Dcampaign-email%2526utm_campaign%253Dcredit-score-for-small-business%26liSync%3Dtrue
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D58092%26time%3D1670224008239%26url%3Dhttps%253A%252F%252Fwww.usbfund.com%252Fsecured-vs-unsecured-line-of-credit%252F%253Futm_source%253Dbayengage%2526utm_medium%253Dcampaign-email%2526utm_campaign%253Dcredit-score-for-small-business%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=58092&time=1670224008239&url=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&714ae411-36a1-4a37-8307-716d3dc9f652"; Domain=.linkedin.com; Expires=Tue, 05-Dec-2023 07:06:51 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20221205070651a22d8440-0598-4f38-825c-c371498b76a2AQFFEVu6IcD0z__Aqev-6LX6gZo6gsep"; Domain=.www.linkedin.com; Expires=Tue, 05-Dec-2023 07:06:51 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzAyMjQwMTE7MjswMjHKX5skEOzuPiueDjz9n5MGY2hetCk0lZg5cpREr2zm6g==; Domain=.linkedin.com; Expires=Sat, 03 Jun 2023 07:06:51 GMT; Path=/; Secure; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2443:u=1:x=1:i=1670224011:t=1670310411:v=2:sig=AQFwh7uDizvkpht_-iGxy9buy6tjmZK0"; Expires=Tue, 06 Dec 2022 07:06:51 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/status linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com onyx.www.linkedin.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXvD1TiT4FNdQvP4BC8ZQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 029769EEDC6D48EFAF8D40E4D0D86C73 Ref B: OSL30EDGE0412 Ref C: 2022-12-05T07:06:51Z
date: Mon, 05 Dec 2022 07:06:50 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash a97c490a5f57669e4779f159c4dc7c2e
a8cb07e3ef5ff4963a1e303a9770ff752cc62ecc
440bae73a0f989f36ec69b72d2cd21fab3637efc498af4a5e77d74a55ea7fca7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 07:06:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 01:42:53 GMT
Expires: Sun, 11 Dec 2022 01:42:52 GMT
Etag: "a8cb07e3ef5ff4963a1e303a9770ff752cc62ecc"
Cache-Control: max-age=498360,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774af10599c7b4f4-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash a97c490a5f57669e4779f159c4dc7c2e
a8cb07e3ef5ff4963a1e303a9770ff752cc62ecc
440bae73a0f989f36ec69b72d2cd21fab3637efc498af4a5e77d74a55ea7fca7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 07:06:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 01:42:53 GMT
Expires: Sun, 11 Dec 2022 01:42:52 GMT
Etag: "a8cb07e3ef5ff4963a1e303a9770ff752cc62ecc"
Cache-Control: max-age=498360,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774af105ff79b4f3-OSL
cdn.linkedin.oribi.io/partner/58092/domain/usbfund.com/token
200 OK 62 B URL HTTP/2 cdn.linkedin.oribi.io/partner/58092/domain/usbfund.com/token
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash d39abb34da93ec5faa48669ac4788977
cc2627a86b99e91540251b6fb7e17a9b1faa1ee7
b329d16bd7e06de93beac4a9e4d67b8be6d1c944b7b8e398b929460f73b7c4ce
GET /partner/58092/domain/usbfund.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Mon, 05 Dec 2022 06:13:09 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: izkgiMRiyqJljvZjmqf9ZCshTTUEMMh-C0mDecXMizmPOOPlVAvEIw==
age: 3221
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 362e1eb4231982165b50459c86067e2d
faec21185ab23938815a944665168a20278fee11
d61f6cf49f03018d6a4139e24135766e1ee78ed57d3ec0dd9d9831bfc15c1646
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4530
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:51 GMT
Etag: "638c989c-1d7"
Last-Modified: Mon, 05 Dec 2022 05:51:21 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2836e295833b779aa6b7cf3f590483fb
2309e95b835542006504b73c08e6bc23946a224e
3af6e9e3b03983fd28b2f804b34f3e89ae9ef287df1d83f28e80149bc64a7c3d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3AF6E9E3B03983FD28B2F804B34F3E89AE9EF287DF1D83F28E80149BC64A7C3D"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19880
Expires: Mon, 05 Dec 2022 12:38:11 GMT
Date: Mon, 05 Dec 2022 07:06:51 GMT
Connection: keep-alive
www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
200 OK 6.8 kB URL HTTP/2 www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (604), with CRLF line terminators
Hash b3aeea0a179f4c8187a225b2cf1426f0
125153b808549398693065c18bd02d135b78adc7
7b998bb983723ac1283d9298f88025a2ff625ae9270909ed606e51751b97d122
GET /companywidget.aspx?ID=100094667&WidgetType=1 HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=smchfiwv5m0qe1vwnbyytwth; path=/; secure; HttpOnly; SameSite=Lax
date: Mon, 05 Dec 2022 07:06:51 GMT
content-length: 6794
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash b6b458ae21a3d306bd53c0f4a6d6b06f
38c8bf5fe6d69b3daea87ed282e1c09c46313079
bfe3ec21d78efa6b37d90da8ddb147f5f849d598cd232f686d03a99ea2071ab9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2977
Cache-Control: max-age=127923
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:51 GMT
Etag: "638cdd9e-117"
Expires: Tue, 06 Dec 2022 18:38:54 GMT
Last-Modified: Sun, 04 Dec 2022 17:49:18 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
511-lvj-854.mktoresp.com/webevents/visitWebPage?_mchNc=1670224008358&_mchCn=&_mchId=511-LVJ-854&_mchTk=_mch-usbfund.com-1670224008357-45097&_mchHo=www.usbfund.com&_mchPo=&_mchRu=%2Fsecured-vs-unsecured-line-of-credit%2F&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=&_mchQp=utm_source%3Dbayengage__-__utm_medium%3Dcampaign-email__-__utm_campaign%3Dcredit-score-for-small-business
200 OK 43 B URL HTTP/1.0 511-lvj-854.mktoresp.com/webevents/visitWebPage?_mchNc=1670224008358&_mchCn=&_mchId=511-LVJ-854&_mchTk=_mch-usbfund.com-1670224008357-45097&_mchHo=www.usbfund.com&_mchPo=&_mchRu=%2Fsecured-vs-unsecured-line-of-credit%2F&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=&_mchQp=utm_source%3Dbayengage__-__utm_medium%3Dcampaign-email__-__utm_campaign%3Dcredit-score-for-small-business
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 7e1a751d6f8efada000e3df3aac35514
4c73d56e1221bcee6aca2e954b71b9d6216de36e
cbbd42bb1d88693e6805bd9d676840424af5ecf3e13d874fd06e6b57d53d8d40
POST /webevents/visitWebPage?_mchNc=1670224008358&_mchCn=&_mchId=511-LVJ-854&_mchTk=_mch-usbfund.com-1670224008357-45097&_mchHo=www.usbfund.com&_mchPo=&_mchRu=%2Fsecured-vs-unsecured-line-of-credit%2F&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=&_mchQp=utm_source%3Dbayengage__-__utm_medium%3Dcampaign-email__-__utm_campaign%3Dcredit-score-for-small-business HTTP/1.1
Host: 511-lvj-854.mktoresp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.0 200 OK
Server: BigIP
Connection: Keep-Alive
Content-Length: 43
speedyfox.io/anywhere/5f1d4e2f1d5e403592a56487267b609f40807d7ef69744e7aa045795455c9581?t=&u=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business&r=
403 Forbidden 18 B URL HTTP/1.1 speedyfox.io/anywhere/5f1d4e2f1d5e403592a56487267b609f40807d7ef69744e7aa045795455c9581?t=&u=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business&r=
IP
File type ASCII text, with no line terminators
Hash 25f009f228cd844020264ff74a36bb64
8e2ada0df86c2ea12930c55ebdc0575aa5e31d87
a4578829918d4df61d980bf0665df65a68d19ea4de6d0dfdb75fb099b47474bf
GET /anywhere/5f1d4e2f1d5e403592a56487267b609f40807d7ef69744e7aa045795455c9581?t=&u=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business&r= HTTP/1.1
Host: speedyfox.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Content-Type: application/json
Content-Length: 18
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS
X-Timing: lt=0
Date: Mon, 05 Dec 2022 07:06:51 GMT
Connection: close
track.hubspot.com/__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=504767505&v=1.1&a=5627136&ct=blog-post&rcu=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F&pu=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business&t=Secured+Vs+Unsecured+Line+of+Credit+-+US+Business+Funding&cts=1670224008966&vi=e68c74a7cadaaf309a644650344435c3&nc=true&u=152200550.e68c74a7cadaaf309a644650344435c3.1670224008964.1670224008964.1670224008964.1&b=152200550.1.1670224008964&cc=15
200 OK 45 B URL HTTP/2 track.hubspot.com/__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=504767505&v=1.1&a=5627136&ct=blog-post&rcu=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F&pu=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business&t=Secured+Vs+Unsecured+Line+of+Credit+-+US+Business+Funding&cts=1670224008966&vi=e68c74a7cadaaf309a644650344435c3&nc=true&u=152200550.e68c74a7cadaaf309a644650344435c3.1670224008964.1670224008964.1670224008964.1&b=152200550.1.1670224008964&cc=15
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash c8817d472077ebfc04593c1fa019d32d
e1e86f41c86c7b9cd2e8b76c6a925a1a3e7e3247
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
GET /__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=504767505&v=1.1&a=5627136&ct=blog-post&rcu=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F&pu=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business&t=Secured+Vs+Unsecured+Line+of+Credit+-+US+Business+Funding&cts=1670224008966&vi=e68c74a7cadaaf309a644650344435c3&nc=true&u=152200550.e68c74a7cadaaf309a644650344435c3.1670224008964.1670224008964.1670224008964.1&b=152200550.1.1670224008964&cc=15 HTTP/1.1
Host: track.hubspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:51 GMT
content-type: image/gif
content-length: 45
cf-ray: 774af1096b8ab503-OSL
cache-control: no-cache, no-store, no-transform
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-hubspot-correlation-id: 176f3fd6-cc66-4f3f-a0ca-c7e4afe9fbb4
x-robots-tag: none
set-cookie: __cf_bm=8r3_13hQjwuI_GP44sm8G0Hjyaujin6jPOZHLO0UX5s-1670224011-0-AVA96WPI3Zqq0ddP7amEXlffFngoJoi46OQCRCKJ5kFHNKIhR1PYito85qL7uaQriWW3T8rBCibnwOja77s2QGo=; path=/; expires=Mon, 05-Dec-22 07:36:51 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eKZ724DhvabbOJ5RaR72woR8o3x5PEg%2BeXYjjFnxhl%2B5flqAV2NwZY1cvVyDQ0UFled9wO8RccOk9ROqXP4p5ooFjPyrKiNEpgTWMeVMEGQAZFl4BVZkdVXIfxjm7O6qNY2J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash c79c7b37c4590cf35971dfdd1cd01272
937c294377c949f1c730f036d2324b46fbb9e5f6
15d825384982dfb5ca285b01c4dd92feb5fca5058bae4e8cec479ca554a0e253
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159882
Date: Mon, 05 Dec 2022 07:06:51 GMT
Etag: "638d5510-1d7"
Expires: Wed, 07 Dec 2022 03:31:33 GMT
Last-Modified: Mon, 05 Dec 2022 02:18:56 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: s9Kh3Zrw2nKBKx8UHKexQY-giyYCRcYZfnPb8AaBxs6AUOh87eoXcA==
Age: 4357
manager.eu.smartlook.cloud/rec/setup-recording/website
200 OK 222 B URL HTTP/1.1 manager.eu.smartlook.cloud/rec/setup-recording/website
IP
File type JSON data\012- , ASCII text, with very long lines (468), with no line terminators
Hash 4fb33f1a755c5b785705408312b0f32e
22858282ade6cf2ff7e7e70f188cdcef03d12cc5
a6e8e3df85085092d38d0fcaa71debd30a87d5ce2167359c87b1a068ab371b11
POST /rec/setup-recording/website HTTP/1.1
Host: manager.eu.smartlook.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www.usbfund.com
Content-Length: 122
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Request, X-Requested-With, Content-Type, Cookie
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://www.usbfund.com
Content-Encoding: br
Content-Type: application/json; charset=utf-8
Date: Mon, 05 Dec 2022 07:06:51 GMT
sl-trace-id: TAajXprkwMRpVQPXfuNwg
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
Content-Length: 222
Connection: keep-alive
www.checkbca.org/stylesheets/font-awesome.min.css
304 Not Modified 0 B URL HTTP/2 www.checkbca.org/stylesheets/font-awesome.min.css
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stylesheets/font-awesome.min.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 22 Nov 2022 21:47:32 GMT
If-None-Match: "032466bcfed81:0"
TE: trailers
HTTP/2 304 Not Modified
cache-control: no-cache
date: Mon, 05 Dec 2022 07:06:51 GMT
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/jquery.selectBox.css
301 Moved Permanently 180 B URL HTTP/2 www.checkbca.org/stylesheets/jquery.selectBox.css
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 65d99af646ca7622a01fc0d3eb7a6b6d
a6b71820c0572f17c183b5669255346947bc3492
425fea6b4acfc8c48eee414af2be035b5c77a87742cf0bb46b136d07e0c29f6a
GET /stylesheets/jquery.selectBox.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/stylesheets/jquery.selectbox.css
date: Mon, 05 Dec 2022 07:06:51 GMT
content-length: 180
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/style.css
304 Not Modified 0 B URL HTTP/2 www.checkbca.org/stylesheets/style.css
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stylesheets/style.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 22 Nov 2022 21:47:32 GMT
If-None-Match: "032466bcfed81:0"
TE: trailers
HTTP/2 304 Not Modified
cache-control: no-cache
date: Mon, 05 Dec 2022 07:06:51 GMT
X-Firefox-Spdy: h2
www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjax.js
301 Moved Permanently 188 B URL HTTP/2 www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjax.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 6f83537ac9d2567aa0049ad8d28282d8
7e4975fe0edee16d97ab1f59dd7473a95902f30e
c614ae1fc44d88ab3555782295fd0de23f7b1062ef93e0777530a9ff2fdb2fe6
GET /Scripts/WebForms/MsAjax/MicrosoftAjax.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
date: Mon, 05 Dec 2022 07:06:51 GMT
content-length: 188
X-Firefox-Spdy: h2
js.hs-scripts.com/5627136.js
200 OK 15 kB URL HTTP/2 js.hs-scripts.com/5627136.js
IP
File type ASCII text, with very long lines (857), with no line terminators
Hash a873fb29842f66eb3053b0d8e2a1cdd6
e5ed5a42eb1f4530b4739a0b4354a76bd1fd8bfc
d7e279862f8d4ad22600633ffc06ba302c5c521a4f50044f0eb476733dc0c952
GET /5627136.js HTTP/1.1
Host: js.hs-scripts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:49 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://www.usbfund.com
access-control-max-age: 3600
cache-control: public, max-age=60
cf-bgj: minify
cf-polished: origSize=964
last-modified: Mon, 05 Dec 2022 06:37:56 GMT
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 57b3b894-3726-485e-91bf-edecc75a338a
x-trace: 2B42263B9A36A184CA2B38206395960B99249EC33D000000000000000000
cf-cache-status: HIT
age: 8
expires: Mon, 05 Dec 2022 07:07:49 GMT
server: cloudflare
cf-ray: 774af0f8d93e1c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash b6b458ae21a3d306bd53c0f4a6d6b06f
38c8bf5fe6d69b3daea87ed282e1c09c46313079
bfe3ec21d78efa6b37d90da8ddb147f5f849d598cd232f686d03a99ea2071ab9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2978
Cache-Control: max-age=127923
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:52 GMT
Etag: "638cdd9e-117"
Expires: Tue, 06 Dec 2022 18:38:55 GMT
Last-Modified: Sun, 04 Dec 2022 17:49:18 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
www.checkbca.org/scripts/jquery-3.3.1.min.js
304 Not Modified 0 B URL HTTP/2 www.checkbca.org/scripts/jquery-3.3.1.min.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/jquery-3.3.1.min.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 16 Oct 2018 20:49:20 GMT
If-None-Match: "0c813b69165d41:0"
TE: trailers
HTTP/2 304 Not Modified
cache-control: no-cache
date: Mon, 05 Dec 2022 07:06:51 GMT
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery.simplemodal.1.4.4.min.js
304 Not Modified 0 B URL HTTP/2 www.checkbca.org/scripts/jquery.simplemodal.1.4.4.min.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/jquery.simplemodal.1.4.4.min.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 16 Oct 2018 20:49:20 GMT
If-None-Match: "0c813b69165d41:0"
TE: trailers
HTTP/2 304 Not Modified
cache-control: no-cache
date: Mon, 05 Dec 2022 07:06:51 GMT
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery.bxslider.min.js
304 Not Modified 0 B URL HTTP/2 www.checkbca.org/scripts/jquery.bxslider.min.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/jquery.bxslider.min.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 16 Oct 2018 20:49:20 GMT
If-None-Match: "0c813b69165d41:0"
TE: trailers
HTTP/2 304 Not Modified
cache-control: no-cache
date: Mon, 05 Dec 2022 07:06:51 GMT
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery.selectBox.js
301 Moved Permanently 175 B URL HTTP/2 www.checkbca.org/scripts/jquery.selectBox.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 46da262b5b1399dfbf30fac73e57a298
c176cf3cfa6da6a0748c497591ff3619467d6434
4089029c368f61bcc5e6be36c952e1c440e0e20475e247b8316c6ce57ea7cc99
GET /scripts/jquery.selectBox.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/scripts/jquery.selectbox.js
date: Mon, 05 Dec 2022 07:06:51 GMT
content-length: 175
X-Firefox-Spdy: h2
www.checkbca.org/scripts/scripts.js
304 Not Modified 0 B URL HTTP/2 www.checkbca.org/scripts/scripts.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/scripts.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 22 Nov 2022 21:47:29 GMT
If-None-Match: "806e7c4bcfed81:0"
TE: trailers
HTTP/2 304 Not Modified
cache-control: no-cache
date: Mon, 05 Dec 2022 07:06:51 GMT
X-Firefox-Spdy: h2
um.simpli.fi/triplelift
302 Found 142 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /triplelift HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty
date: Mon, 05 Dec 2022 07:06:52 GMT
content-type: text/html
content-length: 142
location: https://eb2.3lift.com/xuid?mid=7969&xuid=6EE63F2EED474D5387E89DB91F2E76FD&dongle=yf3
set-cookie: suid=6EE63F2EED474D5387E89DB91F2E76FD; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; SameSite=none; Secure;
suid_legacy=6EE63F2EED474D5387E89DB91F2E76FD; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; Secure;
expires: Sun, 04 Dec 2022 07:06:52 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/freewheel
200 OK 43 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /freewheel HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:52 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
set-cookie: suid=D857FF07F47643E9B777CD6A04262799; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; SameSite=none; Secure;
suid_legacy=D857FF07F47643E9B777CD6A04262799; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; Secure;
expires: Sun, 04 Dec 2022 07:06:52 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/dtnx
302 Found 142 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /dtnx HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Mon, 05 Dec 2022 07:06:52 GMT
content-type: text/html
content-length: 142
location: https://fei.pro-market.net/engine?du=24;csync=0B7E64586E954630B330CD35FE2EBD21;mimetype=img;
set-cookie: suid=0B7E64586E954630B330CD35FE2EBD21; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; SameSite=none; Secure;
suid_legacy=0B7E64586E954630B330CD35FE2EBD21; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; Secure;
expires: Sun, 04 Dec 2022 07:06:52 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/exelatem
302 Found 142 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /exelatem HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Mon, 05 Dec 2022 07:06:52 GMT
content-type: text/html
content-length: 142
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=F6A7F26999F64B1B915CC80701677569&j=0
set-cookie: suid=F6A7F26999F64B1B915CC80701677569; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; SameSite=none; Secure;
suid_legacy=F6A7F26999F64B1B915CC80701677569; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; Secure;
expires: Sun, 04 Dec 2022 07:06:52 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/yahoo
200 OK 43 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /yahoo HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:52 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
set-cookie: suid=B5F497C1AFF344CF87CE1B658E60FFE2; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; SameSite=none; Secure;
suid_legacy=B5F497C1AFF344CF87CE1B658E60FFE2; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; Secure;
expires: Sun, 04 Dec 2022 07:06:52 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/beachfront
302 Found 142 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /beachfront HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Mon, 05 Dec 2022 07:06:52 GMT
content-type: text/html
content-length: 142
location: https://sync.bfmio.com/sync?pid=141&uid=E720ED0CC27C4E609C69F2A21BA83857
set-cookie: suid=E720ED0CC27C4E609C69F2A21BA83857; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; SameSite=none; Secure;
suid_legacy=E720ED0CC27C4E609C69F2A21BA83857; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; Secure;
expires: Sun, 04 Dec 2022 07:06:52 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/bluekai
302 Found 142 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /bluekai HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Mon, 05 Dec 2022 07:06:52 GMT
content-type: text/html
content-length: 142
location: https://stags.bluekai.com/site/29931?id=D5A6AEB4B4904B259467A12822193D06
set-cookie: suid=D5A6AEB4B4904B259467A12822193D06; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; SameSite=none; Secure;
suid_legacy=D5A6AEB4B4904B259467A12822193D06; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; Secure;
expires: Sun, 04 Dec 2022 07:06:52 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/crwdcntrl
302 Found 142 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /crwdcntrl HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Mon, 05 Dec 2022 07:06:52 GMT
content-type: text/html
content-length: 142
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=ABD853AD50394E0F9BB06C4F21FBCD45
set-cookie: suid=ABD853AD50394E0F9BB06C4F21FBCD45; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; SameSite=none; Secure;
suid_legacy=ABD853AD50394E0F9BB06C4F21FBCD45; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; Secure;
expires: Sun, 04 Dec 2022 07:06:52 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/lj_match
302 Found 142 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /lj_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Mon, 05 Dec 2022 07:06:52 GMT
content-type: text/html
content-length: 142
location: https://ce.lijit.com/merge?pid=2&3pid=10AE8BEAF54A46E7B4440BA8684DC6CF
set-cookie: suid=10AE8BEAF54A46E7B4440BA8684DC6CF; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; SameSite=none; Secure;
suid_legacy=10AE8BEAF54A46E7B4440BA8684DC6CF; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; Secure;
expires: Sun, 04 Dec 2022 07:06:52 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/liveramp_match
302 Found 142 B URL HTTP/2 um.simpli.fi/liveramp_match
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /liveramp_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Mon, 05 Dec 2022 07:06:52 GMT
content-type: text/html
content-length: 142
location: https://idsync.rlcdn.com/419566.gif?partner_uid=CE22901C6AD5464CAA3EFAC72AC8682B
set-cookie: suid=CE22901C6AD5464CAA3EFAC72AC8682B; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; SameSite=none; Secure;
suid_legacy=CE22901C6AD5464CAA3EFAC72AC8682B; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; Secure;
expires: Sun, 04 Dec 2022 07:06:52 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/spotx_match
302 Found 142 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /spotx_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Mon, 05 Dec 2022 07:06:52 GMT
content-type: text/html
content-length: 142
location: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=72AD42D4CC114620B5432246CCB32866
set-cookie: suid=72AD42D4CC114620B5432246CCB32866; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; SameSite=none; Secure;
suid_legacy=72AD42D4CC114620B5432246CCB32866; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; Secure;
expires: Sun, 04 Dec 2022 07:06:52 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/an
302 Found 142 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /an HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Mon, 05 Dec 2022 07:06:52 GMT
content-type: text/html
content-length: 142
location: https://ib.adnxs.com/setuid?entity=66&code=1413AB50CB1C4D41BA1B341A02823D2C
set-cookie: suid=1413AB50CB1C4D41BA1B341A02823D2C; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; SameSite=none; Secure;
suid_legacy=1413AB50CB1C4D41BA1B341A02823D2C; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; Secure;
expires: Sun, 04 Dec 2022 07:06:52 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/rb_match
302 Found 142 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rb_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Mon, 05 Dec 2022 07:06:52 GMT
content-type: text/html
content-length: 142
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=9C998203AB5C4B08B1BE799DD8E2F4A7&expires=365
set-cookie: suid=9C998203AB5C4B08B1BE799DD8E2F4A7; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; SameSite=none; Secure;
suid_legacy=9C998203AB5C4B08B1BE799DD8E2F4A7; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; Secure;
expires: Sun, 04 Dec 2022 07:06:52 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/ox_match
302 Found 142 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /ox_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Mon, 05 Dec 2022 07:06:52 GMT
content-type: text/html
content-length: 142
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=B11A657E932D49B2AF1F80D2E5DA8DAC
set-cookie: suid=B11A657E932D49B2AF1F80D2E5DA8DAC; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; SameSite=none; Secure;
suid_legacy=B11A657E932D49B2AF1F80D2E5DA8DAC; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; Secure;
expires: Sun, 04 Dec 2022 07:06:52 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/g_match?id=&google_error=3
204 No Content 0 B URL HTTP/2 um.simpli.fi/g_match?id=&google_error=3
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /g_match?id=&google_error=3 HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 07:06:52 GMT
set-cookie: suid=75FF390EB41D40498128FD65D311C459; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; SameSite=none; Secure;
suid_legacy=75FF390EB41D40498128FD65D311C459; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; Secure;
expires: Sun, 04 Dec 2022 07:06:52 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b01b16fb7e18301251b0a89703e5895a
5237d4cd06bcfc464411fe5cdceaf93d13dcbd83
944a7b4600d41a8ea2fa5acb7ecb8021ecafd9d736a10f968682b3d189b77783
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
um.simpli.fi/telaria_p
302 Found 142 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /telaria_p HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty
date: Mon, 05 Dec 2022 07:06:52 GMT
content-type: text/html
content-length: 142
location: https://simplifi.partners.tremorhub.com/sync?UISF=12FDDE8FAF85408F92CF29145A645E2E
set-cookie: suid=12FDDE8FAF85408F92CF29145A645E2E; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; SameSite=none; Secure;
suid_legacy=12FDDE8FAF85408F92CF29145A645E2E; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; Secure;
expires: Sun, 04 Dec 2022 07:06:52 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/ad_advisor
302 Found 142 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /ad_advisor HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty
date: Mon, 05 Dec 2022 07:06:52 GMT
content-type: text/html
content-length: 142
location: https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=820666298DAD4410BBA54570D6682041
set-cookie: suid=820666298DAD4410BBA54570D6682041; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; SameSite=none; Secure;
suid_legacy=820666298DAD4410BBA54570D6682041; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; Secure;
expires: Sun, 04 Dec 2022 07:06:52 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/intentiq
302 Found 142 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /intentiq HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty
date: Mon, 05 Dec 2022 07:06:52 GMT
content-type: text/html
content-length: 142
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=46D39C242BDF422CAE382B98DAC35DC5
set-cookie: suid=46D39C242BDF422CAE382B98DAC35DC5; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; SameSite=none; Secure;
suid_legacy=46D39C242BDF422CAE382B98DAC35DC5; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; Secure;
expires: Sun, 04 Dec 2022 07:06:52 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/pubmatic
200 OK 43 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /pubmatic HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:52 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
set-cookie: suid=FC515A28D22643698404770F3FEFACDB; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; SameSite=none; Secure;
suid_legacy=FC515A28D22643698404770F3FEFACDB; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; Secure;
expires: Sun, 04 Dec 2022 07:06:52 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion/1026675585/?random=1670224011714&cv=7&fst=1670224011714&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
302 Found 42 B URL HTTP/2 www.googleadservices.com/pagead/conversion/1026675585/?random=1670224011714&cv=7&fst=1670224011714&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/conversion/1026675585/?random=1670224011714&cv=7&fst=1670224011714&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 07:06:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
location: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1774061976&cv=7&fst=1670224011714&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=jJiNY8L9CeyNiQbGmpfIAg&sscte=1&crd=
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 181b661534dc3f6bbe887293452f685b
bf4e024b51870992b7b41ee50e570bebf4705bfb
4d7472e9a604e69e65040a318534883d14275d6ef7e19c6eb42a8a25099d8eeb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.checkbca.org/stylesheets/jquery.selectbox.css
304 Not Modified 0 B URL HTTP/2 www.checkbca.org/stylesheets/jquery.selectbox.css
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stylesheets/jquery.selectbox.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Fri, 02 Aug 2019 17:52:06 GMT
If-None-Match: "0a783ff5a49d51:0"
TE: trailers
HTTP/2 304 Not Modified
cache-control: no-cache
date: Mon, 05 Dec 2022 07:06:51 GMT
X-Firefox-Spdy: h2
www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
304 Not Modified 0 B URL HTTP/2 www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/webforms/msajax/microsoftajax.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 22 Nov 2022 21:47:32 GMT
If-None-Match: "032466bcfed81:0"
TE: trailers
HTTP/2 304 Not Modified
cache-control: no-cache
date: Mon, 05 Dec 2022 07:06:52 GMT
X-Firefox-Spdy: h2
rec.smartlook.com/es6/bundle.766e6d0f96e22d2b6500.js
200 OK 34 kB URL HTTP/2 rec.smartlook.com/es6/bundle.766e6d0f96e22d2b6500.js
IP
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (65451)
Hash cf8251555ac4cf6b8bb1da3e8073152e
136fc79322903b3e60d7bd76cae1bc63a1882523
e4d5abb06bf601d71d414a6e91ff4052b6a27d785cfa262f93708701e4878ec5
GET /es6/bundle.766e6d0f96e22d2b6500.js HTTP/1.1
Host: rec.smartlook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:52 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cross-origin-resource-policy: cross-origin
etag: W/"63861b50-227d0"
last-modified: Tue, 29 Nov 2022 14:46:40 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-accel-expires: @1701270425
server: CDN77-Turbo
x-77-nzt: AblMCRSLSiv/c3gHAA
x-77-nzt-ray: af585630509658bb8c988d638d12b002
x-cache: HIT
x-age: 489587
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash fa9d0c9ccc7700108195e28acb4cf584
0943f764a369f0448c6ba1703d186630889f5be7
a62a76dcd60e4aba7d3a24fbd90046c6b0273c798990594cb4ef28e7f2274a2c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4409
Cache-Control: max-age=166389
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:52 GMT
Etag: "638d6e48-1d7"
Expires: Wed, 07 Dec 2022 05:20:01 GMT
Last-Modified: Mon, 05 Dec 2022 04:06:32 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.usertrust.com/
200 OK 472 B IP
Hash a61c25da0f593fcc685902b0ad889b51
e826c5bc5060e84b82d779639903796e6ce43d09
388d6e76134527e9c6f99288e03f9b550b0d001a2bc97ee30ac2be4bb0fab09a
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 07:06:52 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 22:10:18 GMT
Expires: Sat, 10 Dec 2022 22:10:17 GMT
Etag: "e826c5bc5060e84b82d779639903796e6ce43d09"
Cache-Control: max-age=603503,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 512
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774af10db81c1c0e-OSL
ocsp.digicert.com/
200 OK 471 B IP
Hash aa6cf67ee3fe0989ba6ab2ea5223c482
e77d928b60522f88db0c34b30423c48119823762
e8f87a9b4c6379ee6285c9623108d4cf2030cfbede1476f33d1ab28c871017bd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3957
Cache-Control: max-age=118449
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:52 GMT
Etag: "638cb4c8-1d7"
Expires: Tue, 06 Dec 2022 16:01:01 GMT
Last-Modified: Sun, 04 Dec 2022 14:55:04 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
200 OK 471 B IP
Hash a1c3dcd903e006874b4a35db44c4063c
9b4dec9be09f1f3b8a084b0532d4ffeae115b956
63a968cf1ed0760cedd3561a6870372d7b57a28cd30ac47b3450f91f9884d9e7
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6318
Cache-Control: max-age=120796
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:52 GMT
Etag: "638cb4ba-1d7"
Expires: Tue, 06 Dec 2022 16:40:08 GMT
Last-Modified: Sun, 04 Dec 2022 14:54:50 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
200 OK 471 B IP
Hash 345bb700ba4027282c1883db30c6abeb
aca3b6ddf5da09aab213ee53fe3b2a2303df222c
ffe4b6ddd34034c6db80029b2019bab2cbb638343350b61201885c1b4cf13347
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6272
Cache-Control: max-age=154243
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:52 GMT
Etag: "638d378f-1d7"
Expires: Wed, 07 Dec 2022 01:57:35 GMT
Last-Modified: Mon, 05 Dec 2022 00:13:03 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=82377A2B4A1F42AB90C6BD9D89B7AC50
302 Found 0 B URL HTTP/2 pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=82377A2B4A1F42AB90C6BD9D89B7AC50
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /idsync/ex/receive?partner_id=2305&partner_device_id=82377A2B4A1F42AB90C6BD9D89B7AC50 HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 05 Dec 2022 07:06:52 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1670224012458;Expires=Fri, 03 Feb 2023 07:06:52 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=c2fa895f-ae02-4a21-ab2e-6c1f045a33d3;Expires=Fri, 03 Feb 2023 07:06:52 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=82377A2B4A1F42AB90C6BD9D89B7AC50
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 4e7b418157c36d6de9afca4b6bd2075e
bda4aab996c6dd33b05dce7d5b61073a03662bc0
0a30286f8b9a72d72df9ff1493b0cd68b0c88e19ed69866d00ebef298e574bbb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=113958
Date: Mon, 05 Dec 2022 07:06:52 GMT
Etag: "638c9a1e-1d7"
Expires: Tue, 06 Dec 2022 14:46:10 GMT
Last-Modified: Sun, 04 Dec 2022 13:01:18 GMT
Server: ECS (nyb/1D06)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Kcyq2y39E3sf-Uw0kCybDiNCIECMkLU1BmN_kMTmxaEpvPmyuIWiNA==
Age: 6292
sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=46D39C242BDF422CAE382B98DAC35DC5
403 Forbidden 986 B URL HTTP/2 sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=46D39C242BDF422CAE382B98DAC35DC5
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fc67fa4aa88a7e3e08cf1e12555dc1af
216cd6fa7ddc7b943c0bd29dd8c63c7636c7f458
e61c9cb1c92e15affa990c2c0104972349479944be021eee10e1906e1dc1b139
GET /profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=46D39C242BDF422CAE382B98DAC35DC5 HTTP/1.1
Host: sync.intentiq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: CloudFront
date: Mon, 05 Dec 2022 07:06:52 GMT
content-type: text/html
content-length: 986
x-cache: Error from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6A392XlaZgjg8sI5-3GbNPXMVZIFtlF7C76XqA-tZ0i3Iu8lm3mDNg==
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 9d27fd2680313b3918e17b38080c6d2a
55dd64eacda90f27d3feeb321e459e6300bea215
0b240b7b6e40de91769829ab07af9335c920927a7babd05ff377dd1c37239ca9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6150
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:52 GMT
Last-Modified: Mon, 05 Dec 2022 05:24:22 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
fei.pro-market.net/engine?du=24;csync=0B7E64586E954630B330CD35FE2EBD21;mimetype=img;
302 Found 0 B URL HTTP/2 fei.pro-market.net/engine?du=24;csync=0B7E64586E954630B330CD35FE2EBD21;mimetype=img;
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /engine?du=24;csync=0B7E64586E954630B330CD35FE2EBD21;mimetype=img; HTTP/1.1
Host: fei.pro-market.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
anserver: gapp-eu-5.c.datonics-gcp-01.internal
set-cookie: anProfile="1+1+1f=1+1g=2+1j=57:1+rs=s+rt=5B5A2A9A+s2=(rmep3g)"; Domain=.pro-market.net; Max-Age=15552000; Path=/; Secure; SameSite=None;
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: Mon, 1 Jan 1990 0:0:0 GMT
access-control-allow-origin: *
location: https://fei.pro-market.net/engine?du=24;csync=0B7E64586E954630B330CD35FE2EBD21;mimetype=img;sr
content-type: image/gif
content-length: 0
date: Mon, 05 Dec 2022 07:06:52 GMT
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?adv_id=7797&uid=72AD42D4CC114620B5432246CCB32866
302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7797&uid=72AD42D4CC114620B5432246CCB32866
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?adv_id=7797&uid=72AD42D4CC114620B5432246CCB32866 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 05 Dec 2022 07:06:52 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=651aea0d-746b-11ed-b6a9-16a7f9820206; expires=Mon, 02-Jan-2023 07:06:52 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?adv_id=7797&uid=72AD42D4CC114620B5432246CCB32866&__user_check__=1&sync_id=651aea3f-746b-11ed-b6a9-16a7f9820206
X-fe: 106
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ocsp.digicert.com/
200 OK 727 B IP
Hash 5fb333840ee6a4cbed1cc07b4c1d6ccf
8933670471f3042ea2957218d5abdd4d546f8303
d60461ff4beb9347c9e40c56a4313ffa1027c56edda01a104ddc1d34a98ebaf6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3184
Cache-Control: max-age=87420
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:52 GMT
Etag: "638c3e98-2d7"
Expires: Tue, 06 Dec 2022 07:23:52 GMT
Last-Modified: Sun, 04 Dec 2022 06:30:48 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
200 OK 471 B IP
Hash fa9d0c9ccc7700108195e28acb4cf584
0943f764a369f0448c6ba1703d186630889f5be7
a62a76dcd60e4aba7d3a24fbd90046c6b0273c798990594cb4ef28e7f2274a2c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4409
Cache-Control: max-age=166389
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:52 GMT
Etag: "638d6e48-1d7"
Expires: Wed, 07 Dec 2022 05:20:01 GMT
Last-Modified: Mon, 05 Dec 2022 04:06:32 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
eb2.3lift.com/xuid?mid=7969&xuid=6EE63F2EED474D5387E89DB91F2E76FD&dongle=yf3
200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=7969&xuid=6EE63F2EED474D5387E89DB91F2E76FD&dongle=yf3
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=7969&xuid=6EE63F2EED474D5387E89DB91F2E76FD&dongle=yf3 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:52 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
us-u.openx.net/w/1.0/sd?id=537072966&val=B11A657E932D49B2AF1F80D2E5DA8DAC
200 OK 43 B URL HTTP/2 us-u.openx.net/w/1.0/sd?id=537072966&val=B11A657E932D49B2AF1F80D2E5DA8DAC
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /w/1.0/sd?id=537072966&val=B11A657E932D49B2AF1F80D2E5DA8DAC HTTP/1.1
Host: us-u.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Mon, 05 Dec 2022 07:06:52 GMT
content-type: image/gif
content-length: 43
cache-control: private, max-age=0, no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1774061976&cv=7&fst=1670224011714&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=jJiNY8L9CeyNiQbGmpfIAg&sscte=1&crd=
302 Found 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1774061976&cv=7&fst=1670224011714&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=jJiNY8L9CeyNiQbGmpfIAg&sscte=1&crd=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/1026675585/?random=1774061976&cv=7&fst=1670224011714&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=jJiNY8L9CeyNiQbGmpfIAg&sscte=1&crd= HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 07:06:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-conversion/1026675585/?random=1774061976&cv=7&fst=1670224011714&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=jJiNY8L9CeyNiQbGmpfIAg&random=2438201718
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Dec-2022 07:21:52 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=9C998203AB5C4B08B1BE799DD8E2F4A7&expires=365
204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=9C998203AB5C4B08B1BE799DD8E2F4A7&expires=365
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6286&nid=2132&put=9C998203AB5C4B08B1BE799DD8E2F4A7&expires=365 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif
stags.bluekai.com/site/29931?id=D5A6AEB4B4904B259467A12822193D06
200 OK 62 B URL HTTP/2 stags.bluekai.com/site/29931?id=D5A6AEB4B4904B259467A12822193D06
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3f386f5061436a0338a64e0910db495d
599fe4a552c991a2b3ce5a1660732bf7b21fb901
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
GET /site/29931?id=D5A6AEB4B4904B259467A12822193D06 HTTP/1.1
Host: stags.bluekai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 62
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Mon, 05 Dec 2022 07:06:52 GMT
set-cookie: bku=blx99/0RMVwl5m/i; Path=/; Domain=.bluekai.com; Expires=Mon, 05 Jun 2023 07:06:52 GMT; Secure; SameSite=None
bkpa=KJy9nyexd02pSUHknp/8mE1hwtkAwDxNxEjOHD/6xMx81eHY1MD8BeRlxEW0me/01EApHe9t9y9GCy+r; Path=/; Domain=.bluekai.com; Expires=Mon, 05 Jun 2023 07:06:52 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2
ib.adnxs.com/setuid?entity=66&code=1413AB50CB1C4D41BA1B341A02823D2C
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/setuid?entity=66&code=1413AB50CB1C4D41BA1B341A02823D2C
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /setuid?entity=66&code=1413AB50CB1C4D41BA1B341A02823D2C HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 07:06:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D1413AB50CB1C4D41BA1B341A02823D2C
AN-X-Request-Uuid: 3bc591b7-a4e9-4252-b461-cd2056910fab
Set-Cookie: uuid2=3438536349032131027; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 05-Mar-2023 07:06:52 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
loadm.exelator.com/load/?p=204&g=2191&simid=F6A7F26999F64B1B915CC80701677569&j=0
204 No Content 0 B URL HTTP/2 loadm.exelator.com/load/?p=204&g=2191&simid=F6A7F26999F64B1B915CC80701677569&j=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /load/?p=204&g=2191&simid=F6A7F26999F64B1B915CC80701677569&j=0 HTTP/1.1
Host: loadm.exelator.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Mon, 05 Dec 2022 07:06:52 GMT
cache-control: no-cache
x-powered-by: Undertow/1
access-control-allow-credentials: true
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
X-Firefox-Spdy: h2
pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=82377A2B4A1F42AB90C6BD9D89B7AC50
200 OK 95 B URL HTTP/2 pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=82377A2B4A1F42AB90C6BD9D89B7AC50
IP
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /idsync/ex/receive/check?partner_id=2305&partner_device_id=82377A2B4A1F42AB90C6BD9D89B7AC50 HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:52 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1670224012529;Expires=Fri, 03 Feb 2023 07:06:52 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=36d1934a-6115-4edd-8798-2deff95fa919;Expires=Fri, 03 Feb 2023 07:06:52 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_3WAY_SYNCS=;Expires=Fri, 03 Feb 2023 07:06:52 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
content-type: image/png
content-length: 95
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
status.geotrust.com/
200 OK 471 B IP
Hash a1c3dcd903e006874b4a35db44c4063c
9b4dec9be09f1f3b8a084b0532d4ffeae115b956
63a968cf1ed0760cedd3561a6870372d7b57a28cd30ac47b3450f91f9884d9e7
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6318
Cache-Control: max-age=120796
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:52 GMT
Etag: "638cb4ba-1d7"
Expires: Tue, 06 Dec 2022 16:40:08 GMT
Last-Modified: Sun, 04 Dec 2022 14:54:50 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
sync.search.spotxchange.com/partner?adv_id=7797&uid=72AD42D4CC114620B5432246CCB32866&__user_check__=1&sync_id=651aea3f-746b-11ed-b6a9-16a7f9820206
200 OK 43 B URL HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7797&uid=72AD42D4CC114620B5432246CCB32866&__user_check__=1&sync_id=651aea3f-746b-11ed-b6a9-16a7f9820206
IP
ASN #35220 SpotXchange, INC
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55fade2068e7503eae8d7ddf5eb6bd09
317496a096d6c86486a71d4521994bcd171a6bb3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
GET /partner?adv_id=7797&uid=72AD42D4CC114620B5432246CCB32866&__user_check__=1&sync_id=651aea3f-746b-11ed-b6a9-16a7f9820206 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 07:06:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Set-Cookie: audience=6524ee66-746b-11ed-bbae-1a3233820506; expires=Mon, 02-Jan-2023 07:06:52 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 109
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
fei.pro-market.net/engine?du=24;csync=0B7E64586E954630B330CD35FE2EBD21;mimetype=img;sr
200 OK 43 B URL HTTP/2 fei.pro-market.net/engine?du=24;csync=0B7E64586E954630B330CD35FE2EBD21;mimetype=img;sr
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 968c3ad2c1183fee0bf0dd479f7904b7
1d770800ecb05eb9133f9b51620c9e4349656859
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
GET /engine?du=24;csync=0B7E64586E954630B330CD35FE2EBD21;mimetype=img;sr HTTP/1.1
Host: fei.pro-market.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
anserver: gapp-eu-5.c.datonics-gcp-01.internal
set-cookie: anProfile="0+1+1f=1+1g=2+1j=57:1+rs=s+rt=5B5A2A9A+s2=(rmep3g)"; Domain=.pro-market.net; Max-Age=15552000; Path=/; Secure; SameSite=None;
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: Mon, 1 Jan 1990 0:0:0 GMT
access-control-allow-origin: *
content-type: image/gif
content-length: 43
date: Mon, 05 Dec 2022 07:06:52 GMT
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 379decf0dc0986be08cfc8df099b3f26
500090e4cb61ad13466d8a17dbd116b1a2376b0b
6e86f187248ce593d53ed7a86593916c6d02e0933ca010f7844349d8ee0ed0b5
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 05 Dec 2022 07:06:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 04 Dec 2022 21:04:13 GMT
Expires: Mon, 05 Dec 2022 21:04:13 GMT
ETag: "500090e4cb61ad13466d8a17dbd116b1a2376b0b"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash ab705253a128d07f3875e4fba69a9452
577f5c62a9992fbb4637af473c42c5b24cb5dd5e
796b5b07126753a12a8e43da5ba89046a5ef89a05e6576277b391741c02b4a9b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=129101
Date: Mon, 05 Dec 2022 07:06:52 GMT
Etag: "638cd676-1d7"
Expires: Tue, 06 Dec 2022 18:58:33 GMT
Last-Modified: Sun, 04 Dec 2022 17:18:46 GMT
Server: ECS (nyb/1D1B)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: NHJKybXwoy7loO-U2ayHWBaHYGg0H3uj02TRNn2zwOdB1y4UvoNUYg==
Age: 5987
www.checkbca.org/images/widget_member_seal.png
304 Not Modified 0 B URL HTTP/2 www.checkbca.org/images/widget_member_seal.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/widget_member_seal.png HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Sat, 09 May 2020 03:31:08 GMT
If-None-Match: "8a855647b225d61:0"
TE: trailers
HTTP/2 304 Not Modified
cache-control: no-cache
date: Mon, 05 Dec 2022 07:06:52 GMT
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D1413AB50CB1C4D41BA1B341A02823D2C
200 OK 43 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D1413AB50CB1C4D41BA1B341A02823D2C
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fsetuid%3Fentity%3D66%26code%3D1413AB50CB1C4D41BA1B341A02823D2C HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 07:06:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: a59b8eac-0363-440b-91bf-b0d52857c1d8
Set-Cookie: anj=dTM7k!M4.FE:2jUF']wIg2C%uiD51A!]tbPl1N!7On*M$=BWzsi.LfkjE3g_i.UDZe9h[Vi+ov^i-b^QdX>FOfFB3Oo3lxf(j#iP(Md+>)fy*FMQC?r; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 05-Mar-2023 07:06:52 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2e388f1ab4ec88104f57cf23944ee684
39178c45ed645709cc388d5790b1b58a3272a62f
e33b88f6f77d90b65a8fed943a45623e51f1efbdae401a1652f24be68408dba0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ce.lijit.com/merge?pid=2&3pid=10AE8BEAF54A46E7B4440BA8684DC6CF
204 No Content 0 B URL HTTP/1.1 ce.lijit.com/merge?pid=2&3pid=10AE8BEAF54A46E7B4440BA8684DC6CF
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /merge?pid=2&3pid=10AE8BEAF54A46E7B4440BA8684DC6CF HTTP/1.1
Host: ce.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Mon, 05 Dec 2022 07:06:52 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Sovrn-Pod: ad_ap7ams1
www.google.com/pagead/1p-conversion/1026675585/?random=1774061976&cv=7&fst=1670224011714&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=jJiNY8L9CeyNiQbGmpfIAg&random=2438201718
302 Found 42 B URL HTTP/2 www.google.com/pagead/1p-conversion/1026675585/?random=1774061976&cv=7&fst=1670224011714&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=jJiNY8L9CeyNiQbGmpfIAg&random=2438201718
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-conversion/1026675585/?random=1774061976&cv=7&fst=1670224011714&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=jJiNY8L9CeyNiQbGmpfIAg&random=2438201718 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 07:06:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/1026675585/?random=1774061976&cv=7&fst=1670224011714&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=jJiNY8L9CeyNiQbGmpfIAg&random=2438201718&ipr=y&prhg=0
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sync.bfmio.com/sync?pid=141&uid=E720ED0CC27C4E609C69F2A21BA83857
204 0 B URL HTTP/1.1 sync.bfmio.com/sync?pid=141&uid=E720ED0CC27C4E609C69F2A21BA83857
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?pid=141&uid=E720ED0CC27C4E609C69F2A21BA83857 HTTP/1.1
Host: sync.bfmio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204
Date: Mon, 05 Dec 2022 07:06:52 GMT
Set-Cookie: __141_cid=E720ED0CC27C4E609C69F2A21BA83857; Domain=.bfmio.com; Expires=Tue, 05-Dec-2023 07:06:52 GMT; Path=/
__io_cid=afa7b46533cb221dbb2caab6396e26c13801f83b; Domain=.bfmio.com; Expires=Tue, 05-Dec-2023 07:06:52 GMT; Path=/
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 917d281ca22c901597795b51fd9df338
be0e026d76f26092edfc1f67ea98ddc4a539439a
5f47f5ac32d4c80f29c4a69a830ec9427dd0055fc57973f01f73ec22503cd30c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d.agkn.com/pixel/10751/?che=1670224012529&ip=91.90.42.154&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216713104356000543245
302 Found 0 B URL HTTP/1.1 d.agkn.com/pixel/10751/?che=1670224012529&ip=91.90.42.154&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216713104356000543245
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/10751/?che=1670224012529&ip=91.90.42.154&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216713104356000543245 HTTP/1.1
Host: d.agkn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache, must-revalidate
Date: Mon, 05 Dec 2022 07:06:52 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: https://um.simpli.fi/aa_px?sk=216713104356000543245
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Server: Apache-Coyote/1.1
Set-Cookie: ab=0001%3AKRlbNIDqalGAD9S%2FzALNxzxbWZMS%2FSu1;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure
u=C|0AAArIFUMKyBVDAAAAAAA;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure
Content-Length: 0
Connection: keep-alive
www.google.no/pagead/1p-conversion/1026675585/?random=1774061976&cv=7&fst=1670224011714&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=jJiNY8L9CeyNiQbGmpfIAg&random=2438201718&ipr=y&prhg=0
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-conversion/1026675585/?random=1774061976&cv=7&fst=1670224011714&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=jJiNY8L9CeyNiQbGmpfIAg&random=2438201718&ipr=y&prhg=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-conversion/1026675585/?random=1774061976&cv=7&fst=1670224011714&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=jJiNY8L9CeyNiQbGmpfIAg&random=2438201718&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 07:06:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 838d243942d48827243c3bcee18d11ed
26243d17a8493cbaa1759bde860c0a2a54f36e02
bf818584bae52201d47f2fadf57114acdcadf908a7003b26b846196ccef11ede
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=129092
Date: Mon, 05 Dec 2022 07:06:52 GMT
Etag: "638cd528-1d7"
Expires: Tue, 06 Dec 2022 18:58:24 GMT
Last-Modified: Sun, 04 Dec 2022 17:13:12 GMT
Server: ECS (nyb/1D22)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4wrTcjJopurBAWO7Id0YJRJJ2oYc8Gm67C3A65WacWahDO7Nrr8o4A==
Age: 6312
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 917d281ca22c901597795b51fd9df338
be0e026d76f26092edfc1f67ea98ddc4a539439a
5f47f5ac32d4c80f29c4a69a830ec9427dd0055fc57973f01f73ec22503cd30c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 07:06:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash a3a7dc16e02a92f3b0eae4310a08cd9d
e499e7ad1a50909acce05c96c45d4cd1c9ece7d0
570a227ca84863a7bdb10a9bf0dff799c2cd76db0adc2e50357cca7bfdbf0bc4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 05 Dec 2022 07:06:52 GMT
Last-Modified: Mon, 05 Dec 2022 06:24:52 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mrccDTxdBNG1gVHRrEOgvQ1ezk80YQQAFObAYvgpTCLlxmqJN40B6Q==
Age: 2520
um.simpli.fi/aa_px?sk=216713104356000543245
302 Found 142 B URL HTTP/2 um.simpli.fi/aa_px?sk=216713104356000543245
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /aa_px?sk=216713104356000543245 HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Mon, 05 Dec 2022 07:06:52 GMT
content-type: text/html
content-length: 142
set-cookie: suid=F95D59EAD3C4441899E9B5650DC20D22; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; SameSite=none; Secure;
suid_legacy=F95D59EAD3C4441899E9B5650DC20D22; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; Secure;
location: /empty.gif
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/empty.gif
200 OK 43 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /empty.gif HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:52 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
set-cookie: suid=2C494A29CBA0456A9C4065FBD035FDF0; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; SameSite=none; Secure;
suid_legacy=2C494A29CBA0456A9C4065FBD035FDF0; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:52 GMT; Secure;
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
web-writer.eu.smartlook.cloud/rec/v3/write?rid=-fA-iw9YSFt6xntPWxaws&sid=jHOEdD_MHFYSkMyE7nhlm&vid=wvvVghzMfIgbInlnQYicy
204 No Content 0 B URL HTTP/1.1 web-writer.eu.smartlook.cloud/rec/v3/write?rid=-fA-iw9YSFt6xntPWxaws&sid=jHOEdD_MHFYSkMyE7nhlm&vid=wvvVghzMfIgbInlnQYicy
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /rec/v3/write?rid=-fA-iw9YSFt6xntPWxaws&sid=jHOEdD_MHFYSkMyE7nhlm&vid=wvvVghzMfIgbInlnQYicy HTTP/1.1
Host: web-writer.eu.smartlook.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Content-Type: multipart/form-data; boundary=---------------------------1851046134803689142815336226
Origin: https://www.usbfund.com
Content-Length: 117988
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Request, X-Requested-With, Content-Type, Cookie
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.usbfund.com
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 05 Dec 2022 07:06:52 GMT
sl-trace-id: KbS8BJ8xvC6lJBr4GdnTo
Strict-Transport-Security: max-age=63072000; includeSubDomains
Connection: keep-alive
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=ABD853AD50394E0F9BB06C4F21FBCD45
404 Not Found 49 B URL HTTP/2 bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=ABD853AD50394E0F9BB06C4F21FBCD45
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 56398e76be6355ad5999b262208a17c9
a1fdee122b95748d81cee426d717c05b5174fe96
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
GET /map/c=7625/tp=SIMP/tpid=ABD853AD50394E0F9BB06C4F21FBCD45 HTTP/1.1
Host: bcp.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Mon, 05 Dec 2022 07:06:53 GMT
content-type: image/gif
content-length: 49
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.22.198
access-control-allow-origin: *
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 20f2c66323bb5dfc8dddf12b5bfefa52
a9b61b2f7d14cb53904ec27a7cc6daaed97058ff
1975127fe3123e40eeda198ba1c547ad655d72ad404f9ec96e9c7f4a022da655
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=162250
Date: Mon, 05 Dec 2022 07:06:53 GMT
Etag: "638d68c2-1d7"
Expires: Wed, 07 Dec 2022 04:11:03 GMT
Last-Modified: Mon, 05 Dec 2022 03:42:58 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WT-a6BR6SDrn2FeZg2LqGVqgY0JQ56iHergg4tzicbCsvxlfJ0zK_g==
Age: 1685
new-collect.albacross.com/e.gif?s=JSCollector%2C3.1.1&e0=pageview&ci0=ba759469-8018-45d5-3315-c72f22d6ed46&v0=3fb288d7-2c24-f465-9225-a0c99aae283a&p0=d9bd27b1-4ffb-c6b8-518f-202930431f76&u0=d9bd27b1-4ffb-c6b8-518f-202930431f76&c0=89342177&t0=1670224008129&ur0=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business&ti0=Secured%20Vs%20Unsecured%20Line%20of%20Credit%20-%20US%20Business%20Funding&re0=1280&re0=1024&o0=landscape-primary&us0=bayengage&um0=campaign-email&uca0=credit-score-for-small-business&e1=pageview_ping&ci1=ba759469-8018-45d5-3315-c72f22d6ed46&v1=3fb288d7-2c24-f465-9225-a0c99aae283a&p1=d9bd27b1-4ffb-c6b8-518f-202930431f76&u1=0f70e229-36db-4fda-e40f-ab1fb77559c8&c1=89342177&t1=1670224008130&li1=1670224008127&e2=pageview_ping&ci2=ba759469-8018-45d5-3315-c72f22d6ed46&v2=3fb288d7-2c24-f465-9225-a0c99aae283a&p2=d9bd27b1-4ffb-c6b8-518f-202930431f76&u2=f2c3c9db-a796-eb0a-f136-1926db8fa73e&c2=89342177&t2=1670224008131&li2=1670224008127
200 OK 37 B URL HTTP/2 new-collect.albacross.com/e.gif?s=JSCollector%2C3.1.1&e0=pageview&ci0=ba759469-8018-45d5-3315-c72f22d6ed46&v0=3fb288d7-2c24-f465-9225-a0c99aae283a&p0=d9bd27b1-4ffb-c6b8-518f-202930431f76&u0=d9bd27b1-4ffb-c6b8-518f-202930431f76&c0=89342177&t0=1670224008129&ur0=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business&ti0=Secured%20Vs%20Unsecured%20Line%20of%20Credit%20-%20US%20Business%20Funding&re0=1280&re0=1024&o0=landscape-primary&us0=bayengage&um0=campaign-email&uca0=credit-score-for-small-business&e1=pageview_ping&ci1=ba759469-8018-45d5-3315-c72f22d6ed46&v1=3fb288d7-2c24-f465-9225-a0c99aae283a&p1=d9bd27b1-4ffb-c6b8-518f-202930431f76&u1=0f70e229-36db-4fda-e40f-ab1fb77559c8&c1=89342177&t1=1670224008130&li1=1670224008127&e2=pageview_ping&ci2=ba759469-8018-45d5-3315-c72f22d6ed46&v2=3fb288d7-2c24-f465-9225-a0c99aae283a&p2=d9bd27b1-4ffb-c6b8-518f-202930431f76&u2=f2c3c9db-a796-eb0a-f136-1926db8fa73e&c2=89342177&t2=1670224008131&li2=1670224008127
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 637eb2cda011678b8ccd6b5b3c6e3570
300ffa6cb3b70adc05038ef2a4e9936978459ff2
49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d
GET /e.gif?s=JSCollector%2C3.1.1&e0=pageview&ci0=ba759469-8018-45d5-3315-c72f22d6ed46&v0=3fb288d7-2c24-f465-9225-a0c99aae283a&p0=d9bd27b1-4ffb-c6b8-518f-202930431f76&u0=d9bd27b1-4ffb-c6b8-518f-202930431f76&c0=89342177&t0=1670224008129&ur0=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business&ti0=Secured%20Vs%20Unsecured%20Line%20of%20Credit%20-%20US%20Business%20Funding&re0=1280&re0=1024&o0=landscape-primary&us0=bayengage&um0=campaign-email&uca0=credit-score-for-small-business&e1=pageview_ping&ci1=ba759469-8018-45d5-3315-c72f22d6ed46&v1=3fb288d7-2c24-f465-9225-a0c99aae283a&p1=d9bd27b1-4ffb-c6b8-518f-202930431f76&u1=0f70e229-36db-4fda-e40f-ab1fb77559c8&c1=89342177&t1=1670224008130&li1=1670224008127&e2=pageview_ping&ci2=ba759469-8018-45d5-3315-c72f22d6ed46&v2=3fb288d7-2c24-f465-9225-a0c99aae283a&p2=d9bd27b1-4ffb-c6b8-518f-202930431f76&u2=f2c3c9db-a796-eb0a-f136-1926db8fa73e&c2=89342177&t2=1670224008131&li2=1670224008127 HTTP/1.1
Host: new-collect.albacross.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:53 GMT
content-type: image/gif
content-length: 37
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash ba3e9a2efa547ae31f6deb0bf26ed328
d53b7d4d39e04e39db7b625ed5e3ed3ef94ef3c4
8cd24e12e6f7464c3a8c4838237bb24e42c66e899a9224f1ac0c17d225014834
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 05 Dec 2022 07:06:54 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 04 Dec 2022 22:11:49 GMT
Expires: Mon, 05 Dec 2022 22:11:49 GMT
ETag: "d53b7d4d39e04e39db7b625ed5e3ed3ef94ef3c4"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
new-collect.albacross.com/e.gif?s=JSCollector%2C3.1.1&e0=pageview_ping&ci0=ba759469-8018-45d5-3315-c72f22d6ed46&v0=3fb288d7-2c24-f465-9225-a0c99aae283a&p0=d9bd27b1-4ffb-c6b8-518f-202930431f76&u0=88a9d67f-c929-1ec8-136c-5548829c68ef&c0=89342177&t0=1670224012632&li0=1670224008127
200 OK 37 B URL HTTP/2 new-collect.albacross.com/e.gif?s=JSCollector%2C3.1.1&e0=pageview_ping&ci0=ba759469-8018-45d5-3315-c72f22d6ed46&v0=3fb288d7-2c24-f465-9225-a0c99aae283a&p0=d9bd27b1-4ffb-c6b8-518f-202930431f76&u0=88a9d67f-c929-1ec8-136c-5548829c68ef&c0=89342177&t0=1670224012632&li0=1670224008127
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 637eb2cda011678b8ccd6b5b3c6e3570
300ffa6cb3b70adc05038ef2a4e9936978459ff2
49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d
GET /e.gif?s=JSCollector%2C3.1.1&e0=pageview_ping&ci0=ba759469-8018-45d5-3315-c72f22d6ed46&v0=3fb288d7-2c24-f465-9225-a0c99aae283a&p0=d9bd27b1-4ffb-c6b8-518f-202930431f76&u0=88a9d67f-c929-1ec8-136c-5548829c68ef&c0=89342177&t0=1670224012632&li0=1670224008127 HTTP/1.1
Host: new-collect.albacross.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:56 GMT
content-type: image/gif
content-length: 37
X-Firefox-Spdy: h2
new-collect.albacross.com/e.gif?s=JSCollector%2C3.1.1&e0=pageview_ping&ci0=ba759469-8018-45d5-3315-c72f22d6ed46&v0=3fb288d7-2c24-f465-9225-a0c99aae283a&p0=d9bd27b1-4ffb-c6b8-518f-202930431f76&u0=85f8daf5-6912-cdbf-a525-3697981c8637&c0=89342177&t0=1670224014189&li0=1670224008127
200 OK 37 B URL HTTP/2 new-collect.albacross.com/e.gif?s=JSCollector%2C3.1.1&e0=pageview_ping&ci0=ba759469-8018-45d5-3315-c72f22d6ed46&v0=3fb288d7-2c24-f465-9225-a0c99aae283a&p0=d9bd27b1-4ffb-c6b8-518f-202930431f76&u0=85f8daf5-6912-cdbf-a525-3697981c8637&c0=89342177&t0=1670224014189&li0=1670224008127
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 637eb2cda011678b8ccd6b5b3c6e3570
300ffa6cb3b70adc05038ef2a4e9936978459ff2
49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d
GET /e.gif?s=JSCollector%2C3.1.1&e0=pageview_ping&ci0=ba759469-8018-45d5-3315-c72f22d6ed46&v0=3fb288d7-2c24-f465-9225-a0c99aae283a&p0=d9bd27b1-4ffb-c6b8-518f-202930431f76&u0=85f8daf5-6912-cdbf-a525-3697981c8637&c0=89342177&t0=1670224014189&li0=1670224008127 HTTP/1.1
Host: new-collect.albacross.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:56 GMT
content-type: image/gif
content-length: 37
X-Firefox-Spdy: h2
ws.zoominfo.com/pixel/62e2c4ac62a6b2008e05e3be
200 OK 0 B URL HTTP/2 ws.zoominfo.com/pixel/62e2c4ac62a6b2008e05e3be
IP
GET /pixel/62e2c4ac62a6b2008e05e3be HTTP/1.1
Host: ws.zoominfo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:49 GMT
content-type: text/javascript
vary: Accept-Encoding
x-powered-by: Express
x-content-type-options: nosniff
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
set-cookie: visitorId=b87e7daad2469410fa38a3fc560b9da2edee66c7fb431a9a743e705fcb1645b9; Max-Age=31536000; Domain=ws.zoominfo.com; Path=/; Expires=Tue, 05 Dec 2023 07:06:49 GMT; Secure; SameSite=None
__cf_bm=6Qvb59USRFZLTEm3K3A2J_iGTnYveAUi3SjJBPgswhs-1670224009-0-AcsTExW78pmvyurESttVjW+b0bpQwnTofZDsjV0Np4uTXn7QOjQJpuWuciwJOi34tdMRY7dol65j6xWO+lbpu5Y=; path=/; expires=Mon, 05-Dec-22 07:36:49 GMT; domain=.zoominfo.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 774af0fb9bdcb4eb-OSL
X-Firefox-Spdy: h2
diffuser-cdn.app-us1.com/diffuser/diffuser.js
200 OK 0 B URL HTTP/2 diffuser-cdn.app-us1.com/diffuser/diffuser.js
IP
GET /diffuser/diffuser.js HTTP/1.1
Host: diffuser-cdn.app-us1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:49 GMT
content-type: application/javascript
last-modified: Thu, 21 Oct 2021 17:42:06 GMT
etag: W/"4d482a43613d3966f353ec9d97452e0c"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=300
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 059f85e5e664bc876c915622803d9e28.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: LYgb7O-05A19YisedsHdW7Gqa3Bw46pjlPKvIkZSVBpaULKohYEzzQ==
cf-cache-status: HIT
age: 76
server: cloudflare
cf-ray: 774af0fd6df3fab4-OSL
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400,900,700,500,300,100
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,900,700,500,300,100
IP
GET /css?family=Roboto:400,900,700,500,300,100 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 07:06:49 GMT
date: Mon, 05 Dec 2022 07:06:49 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700
IP
GET /css?family=Roboto+Condensed:300,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 07:06:49 GMT
date: Mon, 05 Dec 2022 07:06:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/plugins/formidable/css/formidableforms.css
200 OK 0 B URL HTTP/2 www.usbfund.com/wp-content/plugins/formidable/css/formidableforms.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/plugins/formidable/css/formidableforms.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=credit-score-for-small-business
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 30 Aug 2022 16:10:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: text/css
date: Mon, 05 Dec 2022 07:06:48 GMT
server: Apache
X-Firefox-Spdy: h2
koi-3qnetrwct6.marketingautomation.services/client/ss.js?ver=1.1.1
200 OK 0 B URL HTTP/2 koi-3qnetrwct6.marketingautomation.services/client/ss.js?ver=1.1.1
IP
GET /client/ss.js?ver=1.1.1 HTTP/1.1
Host: koi-3qnetrwct6.marketingautomation.services
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Mon, 05 Dec 2022 07:06:49 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 10:41:50 GMT
vary: Accept-Encoding
etag: W/"638884ee-2fc8"
expires: Mon, 12 Dec 2022 07:06:49 GMT
cache-control: max-age=604800, public
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
beacon.cdnma.com/apps/capture.php?p=18595&l=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business&u=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business&r=&uq=81f8ee98-81df-43cf-8650-18595f61f0de&c=0&o=&ac=ad714ff9-4c5a-495e-a5be-18595ff32cdb&t=1670224008360
200 OK 0 B URL HTTP/2 beacon.cdnma.com/apps/capture.php?p=18595&l=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business&u=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business&r=&uq=81f8ee98-81df-43cf-8650-18595f61f0de&c=0&o=&ac=ad714ff9-4c5a-495e-a5be-18595ff32cdb&t=1670224008360
IP
GET /apps/capture.php?p=18595&l=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business&u=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dcredit-score-for-small-business&r=&uq=81f8ee98-81df-43cf-8650-18595f61f0de&c=0&o=&ac=ad714ff9-4c5a-495e-a5be-18595ff32cdb&t=1670224008360 HTTP/1.1
Host: beacon.cdnma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
pragma: public
cache-control: max-age=1209600
expires: Mon, 19 Dec 2022 07:06:51 GMT
access-control-allow-origin: *
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
sc.cdnma.com/apps/18595/capture.js
200 OK 0 B URL HTTP/2 sc.cdnma.com/apps/18595/capture.js
IP
GET /apps/18595/capture.js HTTP/1.1
Host: sc.cdnma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 05 Dec 2022 05:05:23 GMT
last-modified: Mon, 13 Jun 2022 17:04:49 GMT
etag: W/"62a76e31-6b96"
expires: Mon, 05 Dec 2022 09:05:23 GMT
cache-control: max-age=14400
access-control-allow-origin: *
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 6EPgKQQniLfBQ46uEyLNNpKOgvXj5eJGw-3bAN1sO66gKB19PfIBhg==
age: 7287
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
IP
GET /css?family=Open+Sans:300,400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 07:06:49 GMT
date: Mon, 05 Dec 2022 07:06:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.simpli.fi/p?cid=323546&cb=sifi_att_42656._hp
200 OK 0 B URL HTTP/2 i.simpli.fi/p?cid=323546&cb=sifi_att_42656._hp
IP
GET /p?cid=323546&cb=sifi_att_42656._hp HTTP/1.1
Host: i.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:51 GMT
content-type: application/javascript; charset=UTF-8
set-cookie: suid=AB84B463FC6A4873BB3F47DC4623EBA4; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:51 GMT; SameSite=none; Secure;
suid_legacy=AB84B463FC6A4873BB3F47DC4623EBA4; Path=/; domain=simpli.fi; Expires=Wed, 06-Dec-23 07:06:51 GMT; Secure;
uid_syncd=true; path=/; expires=Mon, 12 Dec 2022 07:06:51 GMT; domain=.simpli.fi; secure
uid_syncd_secure=true; path=/; expires=Mon, 12 Dec 2022 07:06:51 GMT; domain=.simpli.fi; samesite=none; secure
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache, no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2
sendlane.com/js/eventing.js
200 OK 0 B URL HTTP/2 sendlane.com/js/eventing.js
IP
GET /js/eventing.js HTTP/1.1
Host: sendlane.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:49 GMT
content-type: text/javascript
cache-control: public, max-age=60
cf-bgj: minify
etag: W/"711-5900675a88b6e-gzip"
expires: Mon, 05 Dec 2022 07:07:49 GMT
last-modified: Tue, 13 Aug 2019 21:38:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 7
x-content-type-options: nosniff
server: cloudflare
cf-ray: 774af0f96ae20b55-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.usbfund.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
200 OK 0 B URL HTTP/2 www.usbfund.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=credit-score-for-small-business
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Oct 2021 18:27:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: application/javascript
date: Mon, 05 Dec 2022 07:06:48 GMT
server: Apache
X-Firefox-Spdy: h2
js.hs-scripts.com/5627136.js?integration=WordPress&ver=8.16.28
200 OK 0 B URL HTTP/2 js.hs-scripts.com/5627136.js?integration=WordPress&ver=8.16.28
IP
GET /5627136.js?integration=WordPress&ver=8.16.28 HTTP/1.1
Host: js.hs-scripts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:49 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://www.usbfund.com
access-control-max-age: 3600
cache-control: public, max-age=60
cf-bgj: minify
cf-polished: origSize=964
last-modified: Mon, 05 Dec 2022 06:37:56 GMT
vary: origin, Accept-Encoding
x-hubspot-correlation-id: ca70bf7c-b6fe-48d9-8fec-b79da499887c
x-trace: 2B8409FD685F93E9908263191555E03257C32BFB6A000000000000000000
cf-cache-status: HIT
age: 8
expires: Mon, 05 Dec 2022 07:07:49 GMT
server: cloudflare
cf-ray: 774af0f8f9631c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/themes/usb/js/plugins.js
0 B URL www.usbfund.com/wp-content/themes/usb/js/plugins.js
IP
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/usb/js/plugins.js HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=credit-score-for-small-business
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
rec.smartlook.com/recorder.js
200 OK 0 B URL HTTP/2 rec.smartlook.com/recorder.js
IP
ASN #60068 Datacamp Limited
GET /recorder.js HTTP/1.1
Host: rec.smartlook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 07:06:50 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600
cross-origin-resource-policy: cross-origin
etag: W/"63861b50-bc2"
last-modified: Tue, 29 Nov 2022 14:46:40 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-accel-expires: @1670224522
server: CDN77-Turbo
x-77-nzt: AblMCRScWBX/WAAAAA
x-77-nzt-ray: af585630668f1aba8a988d638d09fb28
x-cache: HIT
x-age: 88
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=820666298DAD4410BBA54570D6682041
302 Found 0 B URL HTTP/2 aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=820666298DAD4410BBA54570D6682041
IP
GET /adscores/g.pixel?sid=9201915418&sifi_uid=820666298DAD4410BBA54570D6682041 HTTP/1.1
Host: aa.agkn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 05 Dec 2022 07:06:52 GMT
location: https://d.agkn.com/pixel/10751/?che=1670224012529&ip=91.90.42.154&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216713104356000543245
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
set-cookie: ab=0001%3Aoai%2FcHCfyew0tUTao69PEebcGdt05qmk; Path=/; Domain=.agkn.com; Expires=Tue, 05-Dec-2023 07:06:52 GMT; Max-Age=31536000; Secure; SameSite=None
X-Firefox-Spdy: h2
34.127.83.42
104.18.17.174
37.252.171.53
52.49.181.242
23.36.76.121
93.184.220.29
34.91.62.186
23.53.51.106