Overview

URL email.mail.usbfund.com/c/eJyNkduKwyAQhp8m3qV4iDlceFEofY0w6tiEjSYYbenbryXt0ssFQf_5R745oGJtKymlA--JVZp2LXOG7GmNOEZ0ijHRCDKpwbIGnJXQ8RaYYbx3VDPbdEBBAg4kRTA_oBcc03NDVXFuwG8w30J5kkVNKW17Jc4Vv5bzeDxOedcuB3syqy-RHU2OaOv7XufwEcscsF5dbYqY0-uruObkx33N0WAlLhqeGG5ww4q3L8OXvOyL8YHX6GFe3u5fReLyD9xXS7NVTEgxkFlxyjmjVHLKJJOnzgEwZ7EHPrRm6KuGvoDfzZGo9Kqn4kyl0ODWeISTSiGNx4CTMl6P7-sOcTxwxx5yLvwyRQtOWOg1QKOL_AX42pJd
IP34.127.83.42
ASNGOOGLE
Location United States
Report completed2022-10-05 20:16:05 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-05 2 email.mail.usbfund.com/c/eJyNkduKwyAQhp8m3qV4iDlceFEofY0w6tiEjSYYbenbryXt0s (...) Malware
2022-10-05 2 www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/js/tracking.mi (...) Malware
2022-10-05 2 www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/js/jquery.cook (...) Malware
2022-10-05 2 www.usbfund.com/wp-content/themes/usb/js/site.js Malware
2022-10-05 2 www.usbfund.com/wp-content/themes/usb/js/accounting.min.js Malware
2022-10-05 2 www.usbfund.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 Malware
2022-10-05 2 www.usbfund.com/fonts/socicon.woff Malware
2022-10-05 2 www.usbfund.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Malware
2022-10-05 2 www.usbfund.com/wp-content/themes/usb/js/plugins.js Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (85)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ocsp.sca1b.amazontrust.com (12) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.110
mnemonic passive DNS js.hsforms.net (1) 7264 2013-09-26 02:52:40 UTC 2022-10-05 10:40:42 UTC 104.17.182.73
mnemonic passive DNS www.checkbca.org (31) 541438 2015-08-11 23:57:00 UTC 2022-10-05 17:14:38 UTC 207.137.0.213
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-10-05 16:49:33 UTC 142.250.74.164
mnemonic passive DNS stags.bluekai.com (2) 471 2012-06-27 19:59:37 UTC 2022-10-05 18:04:07 UTC 23.38.201.22
mnemonic passive DNS px.ads.linkedin.com (1) 522 2017-08-08 16:28:50 UTC 2022-10-05 13:35:11 UTC 13.107.42.14
mnemonic passive DNS cm.g.doubleclick.net (2) 202 2013-05-30 23:19:45 UTC 2022-10-05 19:13:18 UTC 142.250.74.34
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-05 06:03:19 UTC 54.230.111.7
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-05 05:01:05 UTC 34.117.237.239
mnemonic passive DNS www.usbfund.com (33) 0 2017-02-10 14:01:41 UTC 2022-10-04 16:11:11 UTC 50.87.170.174 Unknown ranking
mnemonic passive DNS region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-10-05 11:39:01 UTC 216.239.34.36 Domain (google-analytics.com) ranked at: 8401
mnemonic passive DNS prism.app-us1.com (1) 8479 2019-01-09 06:40:26 UTC 2022-10-05 06:29:29 UTC 104.17.145.91
mnemonic passive DNS ib.adnxs.com (2) 241 2012-05-23 22:36:14 UTC 2022-10-05 14:50:27 UTC 185.89.210.101
mnemonic passive DNS d.agkn.com (1) 524 2015-09-01 17:02:34 UTC 2022-10-05 18:04:07 UTC 34.248.212.187
mnemonic passive DNS new-collect.albacross.com (2) 53310 2020-08-29 10:59:45 UTC 2022-10-05 09:02:21 UTC 52.48.206.34
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-10-05 07:13:38 UTC 23.36.77.32
mnemonic passive DNS assets.anytrack.io (1) 73313 2020-04-27 16:14:57 UTC 2022-10-05 08:02:20 UTC 54.230.111.87
mnemonic passive DNS snap.licdn.com (1) 1044 2014-10-06 08:43:45 UTC 2022-10-05 07:32:13 UTC 23.36.76.210
mnemonic passive DNS sc.cdnma.com (1) 84971 2017-01-29 16:49:37 UTC 2022-10-05 20:15:56 UTC 54.230.111.99
mnemonic passive DNS simplifi.partners.tremorhub.com (1) 7073 2019-08-12 15:15:44 UTC 2022-10-05 18:04:07 UTC 34.239.98.225
mnemonic passive DNS js.hs-analytics.net (1) 2411 2013-09-26 02:22:44 UTC 2022-10-05 11:49:29 UTC 104.17.67.176
mnemonic passive DNS process.iconnode.com (2) 63404 2017-01-30 21:39:31 UTC 2022-10-05 18:22:35 UTC 76.223.116.242
mnemonic passive DNS hubspot-forms-static-embed.s3.amazonaws.com (1) 236210 2020-01-07 14:59:18 UTC 2022-10-05 20:15:56 UTC 52.216.146.163
mnemonic passive DNS munchkin.marketo.net (2) 3550 2012-12-17 00:39:54 UTC 2022-10-05 11:49:57 UTC 88.221.99.189
mnemonic passive DNS ocsp.usertrust.com (1) 899 2012-05-21 15:43:18 UTC 2022-10-05 10:10:20 UTC 172.64.155.188
mnemonic passive DNS hemsync.clickagy.com (1) 0 2022-05-16 06:14:28 UTC 2022-10-05 18:06:24 UTC 34.200.202.85 Domain (clickagy.com) ranked at: 2303
mnemonic passive DNS status.geotrust.com (3) 3662 2017-12-01 08:55:31 UTC 2022-10-05 11:59:59 UTC 93.184.220.29
mnemonic passive DNS pixel.rubiconproject.com (1) 314 2012-10-09 03:17:38 UTC 2022-10-05 14:50:27 UTC 213.19.162.90
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-05 09:14:56 UTC 35.161.6.128
mnemonic passive DNS shield.sitelock.com (1) 65503 2012-07-12 10:25:01 UTC 2022-10-04 13:53:01 UTC 45.60.14.54
mnemonic passive DNS aorta.clickagy.com (3) 2306 2020-07-29 17:59:06 UTC 2022-10-05 04:58:26 UTC 35.169.130.67
mnemonic passive DNS forms.soundestlink.com (1) 16969 2016-03-10 06:08:55 UTC 2022-10-05 06:16:15 UTC 104.18.26.48
mnemonic passive DNS beacon.cdnma.com (1) 72077 2019-06-19 21:00:32 UTC 2022-10-04 07:43:06 UTC 44.208.154.31
mnemonic passive DNS omnisnippet1.com (2) 16560 2021-04-01 18:46:48 UTC 2022-10-05 14:17:21 UTC 104.18.40.169
mnemonic passive DNS email.mail.usbfund.com (1) 0 2022-07-06 20:38:09 UTC 2022-10-05 18:57:51 UTC 52.7.139.118 Unknown ranking
mnemonic passive DNS code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2022-10-05 07:49:36 UTC 69.16.175.42
mnemonic passive DNS ocsp.globalsign.com (2) 2075 2012-05-25 06:20:55 UTC 2022-10-05 11:38:58 UTC 104.18.21.226
mnemonic passive DNS img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-10-05 12:33:02 UTC 34.120.237.76
mnemonic passive DNS js.hs-banner.com (1) 2426 2020-03-26 17:45:21 UTC 2022-10-05 16:23:05 UTC 172.64.154.85
mnemonic passive DNS 511-lvj-854.mktoresp.com (1) 0 2016-11-21 23:15:54 UTC 2022-10-05 20:15:57 UTC 199.15.214.243 Domain (mktoresp.com) ranked at: 2732
mnemonic passive DNS speedyfox.io (1) 268478 2019-02-15 09:24:11 UTC 2022-10-04 07:43:07 UTC 23.253.207.75
mnemonic passive DNS www.googleadservices.com (1) 107 2012-07-21 05:05:30 UTC 2022-10-05 18:29:46 UTC 142.250.74.162
mnemonic passive DNS loadm.exelator.com (1) 1042 2012-05-22 07:59:51 UTC 2022-10-05 18:04:07 UTC 34.254.143.3
mnemonic passive DNS widget.trustpilot.com (1) 6018 2017-09-05 07:45:53 UTC 2022-10-05 12:52:14 UTC 54.230.111.50
mnemonic passive DNS sync.bfmio.com (1) 1205 2017-01-30 04:50:02 UTC 2022-10-05 12:32:05 UTC 54.145.148.127
mnemonic passive DNS bcp.crwdcntrl.net (2) 699 2020-02-08 17:13:11 UTC 2022-10-05 18:17:12 UTC 34.247.1.169
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-10-05 11:20:17 UTC 142.250.74.168
mnemonic passive DNS ocsp.sectigo.com (4) 487 2018-12-17 11:31:55 UTC 2022-10-05 15:14:22 UTC 104.18.32.68
mnemonic passive DNS scripts.iconnode.com (1) 40696 2017-10-11 16:27:18 UTC 2022-10-04 09:33:32 UTC 54.230.111.96
mnemonic passive DNS diffuser-cdn.app-us1.com (1) 8451 2019-06-13 03:58:17 UTC 2022-10-05 06:29:28 UTC 104.17.145.91
mnemonic passive DNS serve.albacross.com (1) 64177 2017-09-21 06:16:03 UTC 2022-10-05 06:23:53 UTC 54.230.111.89
mnemonic passive DNS tag.simpli.fi (1) 5216 2016-08-25 21:56:15 UTC 2022-10-05 18:04:04 UTC 169.50.137.179
mnemonic passive DNS fei.pro-market.net (2) 2658 2012-10-30 06:46:59 UTC 2022-10-05 12:32:07 UTC 107.178.240.89
mnemonic passive DNS sendlane.com (1) 82414 2014-12-13 15:20:03 UTC 2022-10-04 07:43:04 UTC 104.16.166.6
mnemonic passive DNS forms.hsforms.com (2) 5160 2018-03-07 15:21:13 UTC 2022-10-05 13:55:55 UTC 104.16.89.5
mnemonic passive DNS pixel.tapad.com (2) 400 2012-10-01 07:23:01 UTC 2022-10-05 14:35:52 UTC 35.227.248.159
mnemonic passive DNS sync.intentiq.com (1) 1476 2020-05-11 16:09:42 UTC 2022-10-05 18:44:14 UTC 54.230.111.112
mnemonic passive DNS sync.search.spotxchange.com (2) 523 2014-05-29 23:15:03 UTC 2022-10-05 15:18:31 UTC 185.94.180.125
mnemonic passive DNS eb2.3lift.com (1) 402 2014-09-24 15:03:42 UTC 2022-10-05 17:50:32 UTC 76.223.111.18
mnemonic passive DNS ocsp.digicert.com (9) 86 2012-05-21 07:02:23 UTC 2022-10-05 16:07:29 UTC 93.184.220.29
mnemonic passive DNS ocsp.pki.goog (23) 175 2017-06-14 07:23:31 UTC 2022-10-05 06:59:18 UTC 142.250.74.3
mnemonic passive DNS koi-3qnetrwct6.marketingautomation.services (1) 0 2018-10-02 20:17:26 UTC 2022-10-04 07:43:04 UTC 130.211.21.179 Domain (marketingautomation.services) ranked at: 12857
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-10-05 16:26:49 UTC 142.250.74.174
mnemonic passive DNS id.rlcdn.com (1) 618 2018-09-04 15:59:44 UTC 2022-10-05 17:56:40 UTC 35.244.174.68
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-05 14:02:21 UTC 54.230.111.65
mnemonic passive DNS omnisrc.com (1) 48023 2017-10-18 09:33:08 UTC 2022-10-05 12:23:43 UTC 104.18.5.28
mnemonic passive DNS um.simpli.fi (22) 744 2012-05-22 05:45:01 UTC 2022-10-05 18:04:07 UTC 34.91.62.186
mnemonic passive DNS ajax.googleapis.com (1) 12905 2013-08-16 09:51:31 UTC 2022-10-05 17:56:20 UTC 142.250.74.74
mnemonic passive DNS wt.soundestlink.com (1) 17559 2018-02-06 08:21:20 UTC 2022-10-05 06:16:15 UTC 104.18.26.48
mnemonic passive DNS rec.smartlook.com (1) 17636 2017-01-30 04:27:35 UTC 2022-10-05 18:20:22 UTC 185.76.9.16
mnemonic passive DNS googleads.g.doubleclick.net (1) 42 2021-02-20 15:43:32 UTC 2022-10-05 19:30:04 UTC 216.58.207.194
mnemonic passive DNS aa.agkn.com (1) 431 2017-01-30 05:01:07 UTC 2022-10-05 17:50:29 UTC 52.212.110.18
mnemonic passive DNS us-u.openx.net (1) 357 2013-08-30 19:43:55 UTC 2022-10-05 18:04:07 UTC 34.98.64.218
mnemonic passive DNS www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-10-05 11:20:17 UTC 142.250.74.3
mnemonic passive DNS ce.lijit.com (1) 812 2012-05-22 05:45:01 UTC 2022-10-05 18:04:07 UTC 216.52.2.48
mnemonic passive DNS d.impactradius-event.com (1) 2612 2017-02-01 08:42:43 UTC 2022-10-05 06:37:46 UTC 35.186.249.72
mnemonic passive DNS fonts.gstatic.com (6) 0 2014-08-29 13:43:22 UTC 2022-10-05 11:30:49 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS tag.getdrip.com (1) 20100 2018-08-25 09:40:26 UTC 2022-10-05 19:36:33 UTC 54.230.111.55
mnemonic passive DNS www.linkedin.com (1) 608 2014-04-09 13:16:08 UTC 2022-10-05 11:39:14 UTC 13.107.42.14
mnemonic passive DNS fonts.googleapis.com (3) 8877 2013-06-10 20:14:26 UTC 2022-10-05 17:39:00 UTC 142.250.74.10
mnemonic passive DNS js.hs-scripts.com (2) 2571 2016-08-09 10:18:36 UTC 2022-10-05 11:49:28 UTC 104.17.210.204
mnemonic passive DNS tags.clickagy.com (1) 44715 2018-09-26 07:45:45 UTC 2022-10-05 07:32:51 UTC 104.18.34.141
mnemonic passive DNS ws.zoominfo.com (1) 8735 2019-11-13 21:26:54 UTC 2022-10-05 18:06:24 UTC 104.16.168.82
mnemonic passive DNS track.sendlane.com (1) 270591 2017-01-30 16:03:15 UTC 2022-10-05 17:49:13 UTC 23.250.2.183
mnemonic passive DNS i.simpli.fi (1) 3482 2012-05-30 00:30:03 UTC 2022-10-05 18:29:52 UTC 169.50.137.179


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 34.127.83.42

Date UQ / IDS / BL URL IP
2022-12-04 23:01:32 +0000
0 - 0 - 1 email.mail.usbfund.com/c/eJxNkN1uwyAMhZ8m3KXi (...) 34.127.83.42
2022-12-04 22:25:17 +0000
0 - 0 - 1 email.mail.usbfund.com/c/eJxNkMtuwyAQRb_G7Bzx (...) 34.127.83.42
2022-12-02 05:15:10 +0000
0 - 0 - 3 email.notify.thinkific.com/c/eJwVjktuxCAQBU9j (...) 34.127.83.42
2022-12-01 14:41:51 +0000
0 - 0 - 1 email.mail.usbfund.com/c/eJxNUF2LwyAQ_DXxLSF- (...) 34.127.83.42
2022-12-01 12:26:32 +0000
0 - 0 - 9 email.mail.usbfund.com/c/eJyNkd2OwiAQhZ-m3LXh (...) 34.127.83.42

Last 5 reports on ASN: GOOGLE

Date UQ / IDS / BL URL IP
2022-12-04 23:11:44 +0000
0 - 0 - 2 jin-kazama-cosplay-news.blogspot.ca/search/la (...) 172.217.21.161
2022-12-04 23:05:54 +0000
0 - 0 - 8 colchoesma.blogspot.co.uk/ 172.217.21.161
2022-12-04 23:05:42 +0000
0 - 0 - 7 colchoesma.blogspot.co.nz/ 172.217.21.161
2022-12-04 23:01:32 +0000
0 - 0 - 1 email.mail.usbfund.com/c/eJxNkN1uwyAMhZ8m3KXi (...) 34.127.83.42
2022-12-04 23:00:51 +0000
0 - 0 - 2 storage.googleapis.com/anjumaa0059.appspot.co (...) 216.58.211.16

Last 5 reports on domain: usbfund.com

Date UQ / IDS / BL URL IP
2022-12-04 23:01:32 +0000
0 - 0 - 1 email.mail.usbfund.com/c/eJxNkN1uwyAMhZ8m3KXi (...) 34.127.83.42
2022-12-04 22:25:17 +0000
0 - 0 - 1 email.mail.usbfund.com/c/eJxNkMtuwyAQRb_G7Bzx (...) 34.127.83.42
2022-12-04 15:04:16 +0000
0 - 0 - 9 email.mail.usbfund.com/c/eJxNUUmOwyAQfI19I2Lx (...) 34.86.85.56
2022-12-03 13:10:21 +0000
0 - 0 - 10 www.usbfund.com/15-best-blogs-cash-flow/?utm_ (...) 50.87.170.174
2022-12-03 11:13:07 +0000
0 - 0 - 8 email.mail.usbfund.com/c/eJxNkUluwzAMRU9j7xRo (...) 34.86.85.56

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-12-04 15:04:16 +0000
0 - 0 - 9 email.mail.usbfund.com/c/eJxNUUmOwyAQfI19I2Lx (...) 34.86.85.56
2022-12-03 13:10:21 +0000
0 - 0 - 10 www.usbfund.com/15-best-blogs-cash-flow/?utm_ (...) 50.87.170.174
2022-12-03 11:13:07 +0000
0 - 0 - 8 email.mail.usbfund.com/c/eJxNkUluwzAMRU9j7xRo (...) 34.86.85.56
2022-12-03 04:04:06 +0000
0 - 0 - 8 email.mail.usbfund.com/c/eJxNUdtuwyAM_ZrkjYoA (...) 34.86.85.56
2022-12-03 04:04:08 +0000
0 - 0 - 11 email.mail.usbfund.com/c/eJxNkMtuwyAQRb_G7Ih4 (...) 34.86.85.56


JavaScript

Executed Scripts (86)


Executed Evals (3)

#1 JavaScript::Eval (size: 618, repeated: 1) - SHA256: f9a86e5f4e4fa64ebc8b4d07c63565ebd86c6f37b904d41386a202915afcb249

                                        (function() {
    var f = 17,
        g = 14,
        h = 13;
    return function(a) {
        var d, b, e;
        "number" === typeof f && a.set("dimension" + f, a.get("clientId"));
        "number" === typeof g && a.set("dimension" + g, a.get("hitType"));
        if ("number" === typeof h) {
            var k = "_" + a.get("trackingId") + "_sendHitTask";
            var l = window[k] = window[k] || a.get("sendHitTask");
            a.set("sendHitTask", function(c) {
                try {
                    d = c.get("HPl"), b = c.get("HPl"), e = "\x26cd" + h, -1 < b.indexOf(e + "\x3d") ? console.log("GA error: tried to send hPL in assigned CD") : (b += e + "\x3d", b += b.length + b.length.toString().length,
                        c.set("HPl", b, !0)), l(c)
                } catch (m) {
                    console.error("Error sending hPL to GA " + d), c.set("HPl", d, !0), l(c)
                }
            })
        }
    }
})();
                                    

#2 JavaScript::Eval (size: 300, repeated: 1) - SHA256: d41e1dcde991113b31463b01bf26258e4a9ff50dc530bd1a66eb61d1c685bb7f

                                        (function() {
    var a = (new Date).getTime();
    "undefined" !== typeof performance && "function" === typeof performance.now && (a += performance.now());
    return "xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g, function(c) {
        var b = (a + 16 * Math.random()) % 16 | 0;
        a = Math.floor(a / 16);
        return ("x" === c ? b : b & 3 | 8).toString(16)
    })
})();
                                    

#3 JavaScript::Eval (size: 311, repeated: 1) - SHA256: 83b34ed574c9630f2d800fa605bcc5d84e287907f47456c7bd1be0deabd38901

                                        (function() {
    var a = new Date,
        d = -a.getTimezoneOffset(),
        e = 0 <= d ? "+" : "-",
        b = function(c) {
            c = Math.abs(Math.floor(c));
            return (10 > c ? "0" : "") + c
        };
    return a.getFullYear() + "-" + b(a.getMonth() + 1) + "-" + b(a.getDate()) + "T" + b(a.getHours()) + ":" + b(a.getMinutes()) + ":" + b(a.getSeconds()) + "." + b(a.getMilliseconds()) + e + b(d / 60) + ":" + b(d % 60)
})();
                                    

Executed Writes (0)



HTTP Transactions (246)


Request Response
                                        
                                            GET /c/eJyNkduKwyAQhp8m3qV4iDlceFEofY0w6tiEjSYYbenbryXt0ssFQf_5R745oGJtKymlA--JVZp2LXOG7GmNOEZ0ijHRCDKpwbIGnJXQ8RaYYbx3VDPbdEBBAg4kRTA_oBcc03NDVXFuwG8w30J5kkVNKW17Jc4Vv5bzeDxOedcuB3syqy-RHU2OaOv7XufwEcscsF5dbYqY0-uruObkx33N0WAlLhqeGG5ww4q3L8OXvOyL8YHX6GFe3u5fReLyD9xXS7NVTEgxkFlxyjmjVHLKJJOnzgEwZ7EHPrRm6KuGvoDfzZGo9Kqn4kyl0ODWeISTSiGNx4CTMl6P7-sOcTxwxx5yLvwyRQtOWOg1QKOL_AX42pJd HTTP/1.1 
Host: email.mail.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         52.7.139.118
HTTP/1.1 302 Found
Content-Type: text/html
                                        
Date: Wed, 05 Oct 2022 20:15:53 GMT
Location: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Server: nginx
X-Robots-Tag: noindex
Content-Length: 678
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (368)
Size:   678
Md5:    e022423dddec4795139b6497ba891d19
Sha1:   3fd84219ffb7028091df06d1f7130feca3a0132a
Sha256: 9a28a034cb2656579f4e93bc9e7c48397ccbfa335404aa8b445ddae1d551c33f

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ts_wbPy37ro5KK9xncU_4T1fq10M7o57cFHotJ3WqcpRQRPxtDrvpA==
Age: 16115


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3813
Expires: Wed, 05 Oct 2022 21:19:26 GMT
Date: Wed, 05 Oct 2022 20:15:53 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 04:02:33 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SOdHOwu9Y1DWNsD9QFyfA-03fmAekM1OlfZBZppPFvRVo7WS9q5BPA==
age: 58401
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 05 Oct 2022 20:15:53 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Wed, 05 Oct 2022 19:32:19 GMT
Expires: Wed, 05 Oct 2022 19:38:44 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: sgo-MYCmlXnjjA_ZAKeEqgs55J3e2Jtx4S5HucmozkiOngxi89AU4Q==
Age: 2615


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6412
Cache-Control: max-age=135469
Date: Wed, 05 Oct 2022 20:15:54 GMT
Etag: "633d3b1b-1d7"
Expires: Fri, 07 Oct 2022 09:53:43 GMT
Last-Modified: Wed, 05 Oct 2022 08:06:51 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5D03E84DFEDDE1BC836202A7EA934791F2783DA178177D24AE5BF0C2728937ED"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21544
Expires: Thu, 06 Oct 2022 02:14:58 GMT
Date: Wed, 05 Oct 2022 20:15:54 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CTNjhzCExOyZ8uO+7sQz6g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.161.6.128
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9+Lecd+Re70DolVx/FCEnGw4GkU=

                                        
                                            GET /jquery-migrate-1.2.1.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.42
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 05 Oct 2022 20:15:55 GMT
content-encoding: gzip
content-length: 5783
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-40ed"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1665000955.dop012.sk1.t,1665000955.cds215.sk1.hn,1665000955.cds216.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   5783
Md5:    ab50f392b13415af57f9720f4d24e981
Sha1:   8bee0d6d15bc0bf62197f6a33493df7494bf42c2
Sha256: 3c7ae468bcd5eefaf92cfac278a5a998f871e0aaa190f87b0f56fd79f93d00b7
                                        
                                            GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1 
Host: widget.trustpilot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.50
HTTP/2 200 OK
content-type: application/x-javascript
                                        
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Wed, 05 Oct 2022 05:35:19 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DWFLuchb7_FZzZTSkwHE8ln33h5KDKVncR0ln0Fxu11GMJAmR1Oe-Q==
age: 52837
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Size:   6124
Md5:    5add60196e5f96a414fb4b9586764e5d
Sha1:   633f471b3c2fcedeef9cad90cb5bf56f5fe55588
Sha256: 5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 20:15:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 20:15:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 20:15:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 20:15:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/jquery/2.1.4/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.74
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29725
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 02 Oct 2022 22:46:19 GMT
expires: Mon, 02 Oct 2023 22:46:19 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 250176
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32025)
Size:   29725
Md5:    83b3b5729cdff3976db52c51831e96b8
Sha1:   d23dc823e37f58e5366340be755730f3fa9a850d
Sha256: 675fa88b39008a09994460a93b310a7d4593735009a9b24b6f176c347ad12421
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 20:15:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 20:15:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.110
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 20:15:55 GMT
Last-Modified: Wed, 05 Oct 2022 19:04:41 GMT
Server: ECS (nyb/1D17)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Fda6309PShDlVsyPJKu2jYaY75aF7wRvFdQKf5zp98qiE3NCt1o6Yw==
Age: 4274

                                        
                                            GET /wp-content/plugins/wp-pagenavi/pagenavi-css.css HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Mon, 11 Oct 2021 18:28:51 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 239
date: Wed, 05 Oct 2022 20:15:55 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   239
Md5:    21fec527969cbcfec759744ce51f94c0
Sha1:   827130fb99b0005a5206028abfe82e93610184f2
Sha256: fe2a280a5ffe9f5d3b1bf125035d478e46bae689a2f0cde07d48bef1ba7c74b1
                                        
                                            GET /wp-content/plugins/AffiliateWP-master/assets/js/tracking.min.js?ver=2.1.6.1 HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sat, 28 Sep 2019 00:24:33 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1315
date: Wed, 05 Oct 2022 20:15:55 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2972), with no line terminators
Size:   1315
Md5:    da0e82022a32e0c42e125fe915cf9955
Sha1:   1c583a11b9e444a26cfd1443d3dade9c6f9e996a
Sha256: e205081b6febab912d75f2aa70bc3ae2af58bb7d2b1e44927f17cb7631374ff0

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/AffiliateWP-master/assets/css/forms.min.css HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sat, 28 Sep 2019 00:24:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1141
date: Wed, 05 Oct 2022 20:15:55 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3296), with no line terminators
Size:   1141
Md5:    e4f0e46d63eb641d8cfe1579ff0217cb
Sha1:   37e2ef45ef74f0a3b869d447b4d9e22d0b424945
Sha256: 6b7e532056e7c449a8e080eb2967563fdb20ce9cfdcb95216205a769b65033c4
                                        
                                            GET /wp-content/plugins/AffiliateWP-master/assets/js/jquery.cookie.min.js?ver=1.4.0 HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sat, 28 Sep 2019 00:24:32 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 758
date: Wed, 05 Oct 2022 20:15:55 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1667), with no line terminators
Size:   758
Md5:    94c6b3b214659c68b42fb0c428cac279
Sha1:   eb3a852e1bcf8a32ac304dc89995ffdeaf623033
Sha256: 8cdab12fffba1162b02761c8e7631003efebf03e3af5ca9072023ffda52353ad

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 11 Oct 2021 18:27:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 4618
date: Wed, 05 Oct 2022 20:15:55 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   4618
Md5:    acdb97105af28a7066790c6748ae2e1e
Sha1:   65794d2c5a9d04f747faf370bc8bacd330e69e5a
Sha256: dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 20:15:55 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 09 Oct 2022 18:19:54 GMT
ETag: "b4412032d136d270af73e59e18a02bd7d4cda256"
Last-Modified: Wed, 05 Oct 2022 18:19:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1681
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7558d503ccfa0b65-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    f42a9bd9d5fecd598e9b7370c55a3b14
Sha1:   b4412032d136d270af73e59e18a02bd7d4cda256
Sha256: 86fe27bb6af324ed8dc161f82eb637f822b15a500b4f0450eea905984af5f64f
                                        
                                            GET /gtm.js?id=GTM-NW5DZCL HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 05 Oct 2022 20:15:55 GMT
expires: Wed, 05 Oct 2022 20:15:55 GMT
cache-control: private, max-age=900
last-modified: Wed, 05 Oct 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 53711
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7865)
Size:   53711
Md5:    0e6492f1cc904dc6841bdc209e1baf12
Sha1:   93ddd49c70e34421f3e06970e29beb22452cbc6d
Sha256: b7a54fd38d09954fb152114fd5328d95e7e1ef2b2ac95e02bde67d4913fbc3be
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 20:15:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 20:15:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /1y0o6qdBqYHr.js HTTP/1.1 
Host: assets.anytrack.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.87
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
content-length: 103
access-control-allow-origin: *
date: Wed, 05 Oct 2022 20:06:16 GMT
cache-control: public, max-age=600
etag: W/"67-d1P+A0oIQ3cJVPaXn2gw/5qC+Yc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3K46-WEG7n4sW-r6tP2oWsZ4nbKD-92LsRBrQOTrKQDaps6zq5TQRA==
age: 579
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   103
Md5:    69b5271584dd67a9e6ae79216fe30110
Sha1:   7753fe034a0843770954f6979f6830ff9a82f987
Sha256: b55a87e172f834369dfb6a2176712509026e5b3de676343ccdc64410245081d9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 20:15:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 20:15:55 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 14:09:21 GMT
Expires: Wed, 12 Oct 2022 14:09:20 GMT
Etag: "16593fb816a725eab4ace2f613739c12cb1c815c"
Cache-Control: max-age=582204,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7558d5036851b505-OSL

                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 20:15:55 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 09 Oct 2022 18:19:54 GMT
ETag: "b4412032d136d270af73e59e18a02bd7d4cda256"
Last-Modified: Wed, 05 Oct 2022 18:19:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1681
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7558d504de900b65-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    f42a9bd9d5fecd598e9b7370c55a3b14
Sha1:   b4412032d136d270af73e59e18a02bd7d4cda256
Sha256: 86fe27bb6af324ed8dc161f82eb637f822b15a500b4f0450eea905984af5f64f
                                        
                                            GET /wp-content/themes/usb/css/grid.css HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sat, 28 Sep 2019 00:35:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 10146
date: Wed, 05 Oct 2022 20:15:55 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  assembler source, ASCII text, with very long lines (3536), with CRLF line terminators
Size:   10146
Md5:    8ca3e3908b8e627dd53a2bde9ab330b4
Sha1:   dfc94081f2e0acfbc95cb633810897271692e5db
Sha256: 5a17844298059c3adb2103842f6893bf6a798221afa1c7a3217c610fc4aebeec
                                        
                                            GET /wp-content/uploads/us-business-funding-logo-small.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:14:51 GMT
accept-ranges: bytes
content-length: 2020
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Wed, 05 Oct 2022 20:15:55 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size:   2020
Md5:    a5a71307aefd12c55fd16f36356f9a83
Sha1:   679b01f07d71f673b74fde71a5a0a9da8a8e486d
Sha256: a2e02fabad9f481343e4e8050843b371e239956a637488eb7d2a9deff98245de
                                        
                                            GET /wp-content/themes/usb/js/site.js HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sat, 28 Sep 2019 00:35:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 4830
date: Wed, 05 Oct 2022 20:15:55 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   4830
Md5:    ba21d11b60199ed26dfb2a2d8352065a
Sha1:   3e78915e922b60ca87f5860c67b99861de96830c
Sha256: c000c3cc081106de80fb4995e40b363752494290c9090e0980a5b4a4cfc37c49

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/featured-logo-06.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:14:38 GMT
accept-ranges: bytes
content-length: 2693
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Wed, 05 Oct 2022 20:15:55 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 175 x 75, 8-bit/color RGBA, non-interlaced\012- data
Size:   2693
Md5:    b7b5570d5d29fd453a5e65063849fcb1
Sha1:   b07b87612c74febb32961e10ed154dc2efdf19cb
Sha256: 886d709e142c957b0d93269a57fccc13800907c8ab90acc1f18c8bec259d3992
                                        
                                            GET /wp-content/uploads/norton-secured.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:14:45 GMT
accept-ranges: bytes
content-length: 3017
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Wed, 05 Oct 2022 20:15:55 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 180 x 75, 8-bit colormap, non-interlaced\012- data
Size:   3017
Md5:    7d05b62893199c911ab6f798ec8127d2
Sha1:   e7dc7368c55a2fbccb17a82c1a25de39cea2907d
Sha256: 0b691c8e6d1b07ce3e066744ccfbf643d61f013ce51503b0a3ceb7a356562ed6
                                        
                                            GET /wp-content/uploads/featured-logo-01.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:14:38 GMT
accept-ranges: bytes
content-length: 3311
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Wed, 05 Oct 2022 20:15:55 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 164 x 75, 8-bit/color RGBA, non-interlaced\012- data
Size:   3311
Md5:    30427e02eea1cec61004e2fdb293e4d2
Sha1:   d3ba51be6c31147f379670d59cab54ec01b3b448
Sha256: 32161c4a44a1dcdddeeb852e2b6eea070839630ac3a719ac79a503cfd4d3892d
                                        
                                            GET /wp-content/uploads/featured-logo-03.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:15:13 GMT
accept-ranges: bytes
content-length: 3840
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Wed, 05 Oct 2022 20:15:55 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 83 x 75, 8-bit/color RGBA, non-interlaced\012- data
Size:   3840
Md5:    ea461093328a47d28ed34df6be0ad850
Sha1:   5fad4dd9e9daea5b1cac739624cbd673c20fe7c2
Sha256: 37ea654d17c80dfb22d0ad091907b6d4009c76c4671728321fd51376a8df7cce
                                        
                                            GET /wp-content/themes/usb/js/accounting.min.js HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sat, 28 Sep 2019 00:35:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1345
date: Wed, 05 Oct 2022 20:15:55 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3019)
Size:   1345
Md5:    05f645a76aff3fc02e18295a07c54e09
Sha1:   509581a5e2e4760e2163d704d21b2604329b514e
Sha256: c7834a5ef896adfc8b40eb2a1db07bd867fe84da57ad234bfa487cfbc610a16a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/usb/images/logo_icon.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:36:10 GMT
accept-ranges: bytes
content-length: 2165
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Wed, 05 Oct 2022 20:15:55 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 53 x 52, 8-bit/color RGBA, non-interlaced\012- data
Size:   2165
Md5:    50946e7f85431c547526705a530f893f
Sha1:   573eff13df4dc4f2e6e0e1db1a9339d79e22ce3c
Sha256: 05bc3e4202452433d51079e0d6e348cb850ea55330da7786c1d5c7290d13400a
                                        
                                            GET /wp-content/uploads/accredited-business-usbfunding.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:15:06 GMT
accept-ranges: bytes
content-length: 2244
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Wed, 05 Oct 2022 20:15:55 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 180 x 75, 8-bit colormap, non-interlaced\012- data
Size:   2244
Md5:    3befe9c6fb5e6602893570b99d3920aa
Sha1:   1e7c1d352448864975a23135097e59593ae71456
Sha256: d59962c29e3487892da60ef799f75523576b6f006d54fc3dd43bb6993588f1dc
                                        
                                            GET /wp-content/uploads/featured-logo-05.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:15:03 GMT
accept-ranges: bytes
content-length: 3721
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Wed, 05 Oct 2022 20:15:55 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 135 x 75, 8-bit/color RGBA, non-interlaced\012- data
Size:   3721
Md5:    646b30b6704a2457b04bb12da4144c97
Sha1:   acadca7b80819db2100f2cf8341acdf47a2eb773
Sha256: b6e64d31c4f5ab917ad1cddfe7fa745e7c4bfc2d5af33cfdaa8130eb14247bc8
                                        
                                            GET /wp-content/themes/usb/images/logo_text.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:36:10 GMT
accept-ranges: bytes
content-length: 6307
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Wed, 05 Oct 2022 20:15:55 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 250 x 52, 8-bit/color RGBA, non-interlaced\012- data
Size:   6307
Md5:    198c7fed73cadb12c23066fcad4e33e8
Sha1:   1f2616bb88b86ec79f3ce8cbbf74b3392c0b46bc
Sha256: 0053eb54a0f54484a915313939d858e1844208d2d0c4b410ce30e25d9cbc09ba
                                        
                                            GET /wp-content/uploads/featured-logo-04.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:15:18 GMT
accept-ranges: bytes
content-length: 5757
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Wed, 05 Oct 2022 20:15:55 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 123 x 75, 8-bit/color RGBA, non-interlaced\012- data
Size:   5757
Md5:    e94a0244f1a51d7565de08744375bd07
Sha1:   dde753e74a85c5f094dda6661ada486fdae50422
Sha256: 47bff975ef1626c064613532b237bd114911cdc835effdccb0d124c1432c17b2
                                        
                                            GET /wp-content/uploads/featured-logo-02.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:13:58 GMT
accept-ranges: bytes
content-length: 5795
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Wed, 05 Oct 2022 20:15:55 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 93 x 75, 8-bit/color RGBA, non-interlaced\012- data
Size:   5795
Md5:    d2bfb41e522705be8e4a48895b996bca
Sha1:   df2507b75f1c0362bd168ea7ecf829f11469a926
Sha256: 968570479e59e9ff339d5c1d25e4c15011f8cb5ad243776b8cf62f51d28b0903
                                        
                                            GET /A870624-b043-4b58-adb6-a8c4d22ccc5b1.js HTTP/1.1 
Host: d.impactradius-event.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.186.249.72
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
x-guploader-uploadid: ADPycdvNgwtnFF9FkLlOXaKiyRSw8_iw92iCHEkHWnrXai4v4ySssaZj5FL4wnDs6-hX5c1sCHGUNWeweW2YKoej_IzdpyUIcZmA
date: Wed, 05 Oct 2022 20:15:55 GMT
cache-control: public,max-age=900,s-maxage=300
expires: Wed, 05 Oct 2022 20:20:55 GMT
last-modified: Tue, 18 Feb 2020 03:47:29 GMT
etag: "833e9c2431f16a9e4e590d8c18a01169"
x-goog-generation: 1581997649126919
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 12876
content-encoding: gzip
x-goog-hash: crc32c=PZt+Nw==, md5=gz6cJDHxap5OWQ2MGKARaQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 12876
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  C source, ASCII text, with very long lines (40914), with no line terminators
Size:   12876
Md5:    833e9c2431f16a9e4e590d8c18a01169
Sha1:   d932b0dc73f5dbe2f30c5991fbc95d598a7d6855
Sha256: ba6dea3209c3bf545ed7db2f134ab8d241599d778988697a345124a4aa8d491a
                                        
                                            GET /100980.js HTTP/1.1 
Host: scripts.iconnode.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.96
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 7683
last-modified: Mon, 26 Sep 2022 18:10:24 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 20:15:56 GMT
cache-control: max-age=0
etag: "05a6d57113e7870d8851ed0faf8ca12f"
x-cache: RefreshHit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CMnq-bz0tEeDyaZq8tCeUUK5VF3tIGjNSlxW34cPftnHm9b6AM991g==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (46582), with no line terminators
Size:   7683
Md5:    05a6d57113e7870d8851ed0faf8ca12f
Sha1:   315c52641f469ec7e571648d5333982579cb6da3
Sha256: 0f4d04e15b0a5cb9f2e59f3cc9a7b36d522db0e7712454d1f962e77723348eb3
                                        
                                            GET /?display_custom_css=css&ver=6.0.2 HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: text/css;charset=UTF-8
                                        
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 541
date: Wed, 05 Oct 2022 20:15:55 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   541
Md5:    0e67503cdf8a23b7d3aaff6f35c76b72
Sha1:   63edc0c8bf04ceec8dc3c8c44bd129b89adeb61a
Sha256: d765ab66c61ec9c967f9f2e4b649326eb28a6f8dfb0fe064b4ed1cf9af1f18b6
                                        
                                            GET /js/eventing.js HTTP/1.1 
Host: sendlane.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.166.6
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Wed, 05 Oct 2022 20:15:55 GMT
cache-control: public, max-age=60
cf-bgj: minify
etag: W/"711-5900675a88b6e-gzip"
expires: Wed, 05 Oct 2022 20:16:55 GMT
last-modified: Tue, 13 Aug 2019 21:38:21 GMT
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7558d5039a3ffac8-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1809), with no line terminators
Size:   43221
Md5:    33c139434530b120fa7dce047ad7b1da
Sha1:   0296d5ffb17cbba8e9aadb53fd766f42e6230fc9
Sha256: 73262cdd587cc81b38421242dd8ba0adada5f5522f38f35d208e36db471a212b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 20:15:55 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 14:09:21 GMT
Expires: Wed, 12 Oct 2022 14:09:20 GMT
Etag: "16593fb816a725eab4ace2f613739c12cb1c815c"
Cache-Control: max-age=582204,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7558d5062c66b505-OSL

                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.188931887.1665000956; __ss=1665000955645; __ss_referrer=https%3A//www.usbfund.com/secured-vs-unsecured-line-of-credit/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; _ga_YYEX7W0G95=GS1.1.1665000955.1.0.1665000955.0.0.0; _ga=GA1.1.1939356309.1665000956
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 17 Aug 2022 11:46:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 5321
date: Wed, 05 Oct 2022 20:15:55 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15660)
Size:   5321
Md5:    710f8b142ea44c0682dc2c30f318f065
Sha1:   49144e9b3a76d3d383b1d4359cf7a25e947f4233
Sha256: 708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 20:15:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 20:15:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 20:15:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 20:15:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 20:15:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            OPTIONS /embed/v3/form/540751/8e06fd82-42e9-4211-9f65-32b7dbc43b43/json?hutk= HTTP/1.1 
Host: forms.hsforms.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Referer: https://www.usbfund.com/
Origin: https://www.usbfund.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.89.5
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
date: Wed, 05 Oct 2022 20:15:56 GMT
content-length: 18
x-trace: 2B6610FB169A8533F638349081823B2A9D06550915000000000000000000
allow: HEAD,GET,OPTIONS
vary: origin
x-hubspot-correlation-id: beffdb30-c2a4-46f4-8070-cf710e43d917
access-control-allow-origin: https://www.usbfund.com
access-control-allow-methods: OPTIONS, GET
access-control-allow-headers: x-requested-with
access-control-allow-credentials: false
access-control-max-age: 180
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7558d506a8f3b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   18
Md5:    cc7fd95a87ea3721ce1853bf3c4dd75e
Sha1:   7f687f7881adf0fc407378d375a61b8f198c0912
Sha256: 0f06a4c8d34690d4e42c81f232a5bdfe9fcbde8a54b5ccd0609a313e90da0879
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:08 GMT
expires: Thu, 05 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 2508
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 22:59:07 GMT
expires: Wed, 04 Oct 2023 22:59:07 GMT
cache-control: public, max-age=31536000
age: 76609
last-modified: Tue, 19 Apr 2022 18:53:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15528, version 1.0\012- data
Size:   15528
Md5:    595fe3fc0b85f3cc9ef5aed2d519abc5
Sha1:   96e76de44987e9dec2f97f1e5eb7a18c738daf5d
Sha256: 747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:21 GMT
expires: Thu, 05 Oct 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 2495
last-modified: Wed, 11 May 2022 19:24:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size:   15740
Md5:    b9c29351c46f3e8c8631c4002457f48a
Sha1:   e57e59c5780995ff2937ab2b511a769212974a87
Sha256: f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:40:23 GMT
expires: Thu, 05 Oct 2023 19:40:23 GMT
cache-control: public, max-age=31536000
age: 2133
last-modified: Wed, 11 May 2022 19:24:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Size:   15752
Md5:    b20371a6daf29d4a1f2e85dbbf40fb20
Sha1:   0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
Sha256: 7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 14:07:32 GMT
expires: Thu, 05 Oct 2023 14:07:32 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
age: 22104
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size:   15920
Md5:    3a44e06eb954b96aa043227f3534189d
Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d
Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
                                        
                                            GET /wp-content/uploads/bg-section-header.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: _gcl_au=1.1.188931887.1665000956; __ss=1665000955645; __ss_referrer=https%3A//www.usbfund.com/secured-vs-unsecured-line-of-credit/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; _ga_YYEX7W0G95=GS1.1.1665000955.1.0.1665000955.0.0.0; _ga=GA1.1.1939356309.1665000956; wc_visitor=100980-bc2d77a7-a3e6-647d-04a7-fd16d2a9eded; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-bc2d77a7-a3e6-647d-04a7-fd16d2a9eded+..+; wc_client_current=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-bc2d77a7-a3e6-647d-04a7-fd16d2a9eded+..+; IR_gbd=usbfund.com; IR_7486=1665000955844%7C0%7C1665000955844%7C%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:14:58 GMT
accept-ranges: bytes
content-length: 22531
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Wed, 05 Oct 2022 20:15:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1920 x 149, 8-bit colormap, non-interlaced\012- data
Size:   22531
Md5:    65b13235e26653c77b0ed328dfdb8dc2
Sha1:   2dcc21d12b909058345b01f087062f6b59f4f05c
Sha256: acba6ce2f083bf3e78176be5f1c68dfbeb67e609472b4f8c034ba8676d0995b2
                                        
                                            GET /client/ss.js?ver=1.1.1 HTTP/1.1 
Host: koi-3qnetrwct6.marketingautomation.services
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         130.211.21.179
HTTP/2 200 OK
content-type: application/javascript
                                        
server: openresty
date: Wed, 05 Oct 2022 20:15:55 GMT
last-modified: Wed, 05 Oct 2022 15:18:15 GMT
vary: Accept-Encoding
etag: W/"633da037-2fc8"
expires: Wed, 12 Oct 2022 20:15:55 GMT
cache-control: max-age=604800, public
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   20636
Md5:    0515d79886b78320e2676e15279665ee
Sha1:   02cb3dce94b2bb335a6c648ed0243b3d40ad0f55
Sha256: a287ad572cf87350b478a809a1f7d7f26fa95c1421bb4b608d241374287a9760
                                        
                                            GET /wp-content/uploads/icon-arrow-down-white.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: _gcl_au=1.1.188931887.1665000956; __ss=1665000955645; __ss_referrer=https%3A//www.usbfund.com/secured-vs-unsecured-line-of-credit/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; _ga_YYEX7W0G95=GS1.1.1665000955.1.0.1665000955.0.0.0; _ga=GA1.1.1939356309.1665000956; wc_visitor=100980-bc2d77a7-a3e6-647d-04a7-fd16d2a9eded; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-bc2d77a7-a3e6-647d-04a7-fd16d2a9eded+..+; wc_client_current=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-bc2d77a7-a3e6-647d-04a7-fd16d2a9eded+..+; IR_gbd=usbfund.com; IR_7486=1665000955844%7C0%7C1665000955844%7C%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:15:12 GMT
accept-ranges: bytes
content-length: 172
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Wed, 05 Oct 2022 20:15:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 14 x 14, 8-bit gray+alpha, non-interlaced\012- data
Size:   172
Md5:    26d3bceaf73fad28fb322b6646860f78
Sha1:   1b70241f618df47a01729534d376a57c57bd8c07
Sha256: 0077bc52b60eb51d8785f3aa812a2cdcce59acd3a0b70a801b82c563787e1a7c
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:08 GMT
expires: Thu, 05 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 2508
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 20:15:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14224
Expires: Thu, 06 Oct 2022 00:13:00 GMT
Date: Wed, 05 Oct 2022 20:15:56 GMT
Connection: keep-alive

                                        
                                            GET /diffuser/diffuser.js HTTP/1.1 
Host: diffuser-cdn.app-us1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.145.91
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 05 Oct 2022 20:15:56 GMT
last-modified: Thu, 21 Oct 2021 17:42:06 GMT
etag: W/"4d482a43613d3966f353ec9d97452e0c"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=300
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 059f85e5e664bc876c915622803d9e28.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: LYgb7O-05A19YisedsHdW7Gqa3Bw46pjlPKvIkZSVBpaULKohYEzzQ==
cf-cache-status: HIT
age: 250
server: cloudflare
cf-ray: 7558d5081d86b51b-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5879
Md5:    4652508e7d93a5d03edabcab3e4efcb7
Sha1:   82869b04d0e46e2aaf28eaaed91692bd70622f67
Sha256: 86ac2db6ac8fa359453a61c3fe5fef04bc2eb956a0cc8d3a52f95e9758b65977
                                        
                                            GET /shield/usbfund.com HTTP/1.1 
Host: shield.sitelock.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.60.14.54
HTTP/1.1 200 OK
Content-Type: image/png; charset=ISO-8859-1
                                        
Content-Length: 10522
Date: Wed, 05 Oct 2022 20:15:17 GMT
Server: lighttpd
Set-Cookie: nlbi_275317=KcY8XvQJyg4Ye1tDmBeFbAAAAAC5tXFtLy9gO6RDKndvOxQn; path=/; Domain=.sitelock.com visid_incap_275317=TZfd23U6ScOBamrnJE5GkvvlPWMAAAAAQUIPAAAAAABQ+g0pwrg6FSC68d2kJ4JX; expires=Thu, 05 Oct 2023 00:04:18 GMT; HttpOnly; path=/; Domain=.sitelock.com incap_ses_7235_275317=fv7aR/xqTkVB7+JEpuJnZPvlPWMAAAAAWhv6zZiRoH0a0RB7ZVYOMQ==; path=/; Domain=.sitelock.com ___utmvmFZVuykvY=vMHTBqAKNMj; path=/; Max-Age=900 ___utmvaFZVuykvY=ujjbqAa; path=/; Max-Age=900 ___utmvbFZVuykvY=fZk XbTOlalB: oto; path=/; Max-Age=900
X-CDN: Imperva
X-Iinfo: 7-45791478-45779687 2NNN RT(1665000955161 378) q(0 0 0 0) r(4 4)


--- Additional Info ---
Magic:  PNG image data, 117 x 67, 8-bit/color RGBA, non-interlaced\012- data
Size:   10522
Md5:    d51d46b2823d805206cbd09e3eb405a1
Sha1:   db085e3fd582a348be6e764a5214fc86e03a121f
Sha256: 518ad02d904d8ef46488e4721b2af9414eff5f05611039f0d830b703c3e5b5a1
                                        
                                            GET /inshop/launcher-v2.js HTTP/1.1 
Host: omnisrc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.5.28
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 05 Oct 2022 20:15:56 GMT
last-modified: Thu, 29 Sep 2022 14:16:25 GMT
etag: W/"6335a8b9-de42"
expires: Wed, 05 Oct 2022 20:23:31 GMT
cache-control: max-age=3600
x-envoy-upstream-service-time: 1
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 3125
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7558d50819280b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32138)
Size:   15266
Md5:    e9f3d7cce13b402de80faef0b52ddac5
Sha1:   cb3789687d71be0c9536c3e9536c622500e89d62
Sha256: 7649136fc26eb51f51ba8f768315c1df01e30f057e079bc9109274c1ddb07bd0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.110
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 20:15:56 GMT
Last-Modified: Wed, 05 Oct 2022 18:43:54 GMT
Server: ECS (nyb/1D13)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: iczVwx1wiLMHngV0bUaaoRWGU8oKdxdgGvvGPdB2aM9Mf6XTMKYD3w==
Age: 5522

                                        
                                            GET /pixel/62e2c4ac62a6b2008e05e3be HTTP/1.1 
Host: ws.zoominfo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.168.82
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Wed, 05 Oct 2022 20:15:56 GMT
vary: Accept-Encoding
x-powered-by: Express
x-content-type-options: nosniff
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
set-cookie: visitorId=6cd3181a9ad63b1265be8a2a871e5ecb4f9333cef9844128e4bd62c9e642fc8e; Max-Age=31536000; Domain=ws.zoominfo.com; Path=/; Expires=Thu, 05 Oct 2023 20:15:56 GMT; Secure; SameSite=None __cf_bm=mlUaL4mg98DJ5BqNUepzgZEmafiF83ukhnrhW93VcDI-1665000956-0-AW1jjO4bQJpBf9u39F+6Q/FWNFZ4YVbHlmanW0LhNeTF97oA86a2PVqikyET/7/FRmBjcUN8Nnk9CYLNzycgdRc=; path=/; expires=Wed, 05-Oct-22 20:45:56 GMT; domain=.zoominfo.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7558d5065c62fac8-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   10550
Md5:    6f9d9fc76594f89a859eb3091e50ef0b
Sha1:   5c153dbd3088bb3c6467a3967090d00add71e526
Sha256: 1df0d0af3183f0753c02023a4838a0e7c2352d20ecea5342373a7a6189877e04
                                        
                                            GET /wp-content/uploads/icon-arrow-down-black.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: _gcl_au=1.1.188931887.1665000956; __ss=1665000955645; __ss_referrer=https%3A//www.usbfund.com/secured-vs-unsecured-line-of-credit/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; _ga_YYEX7W0G95=GS1.1.1665000955.1.0.1665000955.0.0.0; _ga=GA1.1.1939356309.1665000956; wc_visitor=100980-bc2d77a7-a3e6-647d-04a7-fd16d2a9eded; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-bc2d77a7-a3e6-647d-04a7-fd16d2a9eded+..+; wc_client_current=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-bc2d77a7-a3e6-647d-04a7-fd16d2a9eded+..+; IR_gbd=usbfund.com; IR_7486=1665000955844%7C0%7C1665000955844%7C%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:15:09 GMT
accept-ranges: bytes
content-length: 195
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Wed, 05 Oct 2022 20:15:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 14 x 14, 8-bit/color RGBA, non-interlaced\012- data
Size:   195
Md5:    f984736b4b9dfe03bb8831a718c6a238
Sha1:   d95304fa5fed6fdf9020c21ece2b7e35aec4808c
Sha256: 4944824b4a23581a4660857551680fffd806f6fa42e3d9414fb1529ba78651b9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78bf691d-76e8-4176-884d-dbc06604dded.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8816
x-amzn-requestid: b9f3ec8a-f478-4405-b275-e21f2d7d89d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZKK7gFPJIAMF-7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333f1e3-250348e6140f3c74762263ea;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 07:04:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: F1ZWwxLKhRC6oSh6gnUxEm5AnYcY-mezJw9mNJ8GmNWnATAKx1JxSg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 22:42:26 GMT
age: 77610
etag: "5261a6c2ee6d6cc87e91ee82e32d8be234db393e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8816
Md5:    100559d746bedd7c3802661c875c35ee
Sha1:   5261a6c2ee6d6cc87e91ee82e32d8be234db393e
Sha256: ff06f31267ddcc9a0d84ddc68932872bfed29d072783c3a1dd3790d41c280aec
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5832
x-amzn-requestid: c4427edd-3d71-47d0-a2d3-b3bfed089535
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1FuUoAMFhBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-46ddff150da4141d23fc0d8a;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: WWClzLGprno--c75q63i1TFi8oBEdAYW-J4lCk9V8IELQXe6q0A05A==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:42:34 GMT
age: 81202
etag: "4daf0c001e86af8477fb097e8ca932edb8e5f981"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5832
Md5:    3257b782efae9b64e6e18a547866ec50
Sha1:   4daf0c001e86af8477fb097e8ca932edb8e5f981
Sha256: 899f9692e86405aa288d88dd285a6fe26bedab1a2ca4693212476063890b01a5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: szhtD9f4RuQaDKXe7LElSR0yOKo9cYa1i2YMeG3eSpBXP8ePcdzQig==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 07:29:32 GMT
age: 45984
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10158
Md5:    4fc2ddd86450d64d3fb659ab4e78be58
Sha1:   bbe71936b78a8c34d03ab87948dc840b35c6948f
Sha256: 84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8857940-5ca2-44ba-8a66-f396a605d5b4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7021
x-amzn-requestid: 2e30bdac-360e-4d0a-8bb7-c3144e074abe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8ucHb1oAMFjYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7f5-18ba6bc50cb32b1e14c882bd;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Sd2_YDHr3j7ym7wfFyQh9kg8FP-Et2nJUOo1v_TNbI3PvpzEY5KJ2Q==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 22:07:19 GMT
age: 79717
etag: "6b5db8fbfb56f083d54b13e7660d0e4bc866aa00"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7021
Md5:    229c99cfb655a8c9f1a22de69fdff73c
Sha1:   6b5db8fbfb56f083d54b13e7660d0e4bc866aa00
Sha256: f4099e9153c3dc481add95b0f24dbb8f6d65cc74ad5631d9cb6c6f2a0351843d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3585
x-amzn-requestid: ccb6f0c8-4d9b-48b8-aaf6-16781dc4c86b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaHFlEcFoAMFS3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a5223-5c9276c873efee993ba54667;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 03:08:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: T8m1q2L45TWDVRBa-R2W70yq9BauBK3G4IX54AGIxdRhG736T974kg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:05:29 GMT
age: 58227
etag: "612b6dbd4ba895c167964ff7e6d9263013b52b0a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3585
Md5:    5d7d7df8d4c440f9db445c3d99e818d6
Sha1:   612b6dbd4ba895c167964ff7e6d9263013b52b0a
Sha256: bf527a814c78f9e010cce4ba593c9146d54a2137d1f147f7a6250fbad81956ac
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "665C2150199BD04BBD84E2D08C29714735C2D669905FB6D34993C0D2A490BCB7"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11923
Expires: Wed, 05 Oct 2022 23:34:39 GMT
Date: Wed, 05 Oct 2022 20:15:56 GMT
Connection: keep-alive

                                        
                                            POST /g/collect?v=2&tid=G-YYEX7W0G95&gtm=2oea30&_p=1822328467&cid=1939356309.1665000956&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1665000955&sct=1&seg=0&dl=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debud_mode=false HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         216.239.34.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://www.usbfund.com
date: Wed, 05 Oct 2022 20:15:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST /google-ads/ HTTP/1.1 
Host: process.iconnode.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         76.223.116.242
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Wed, 05 Oct 2022 20:15:56 GMT
content-length: 0
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://www.usbfund.com
access-control-allow-credentials: true
access-control-max-age: 86400
X-Firefox-Spdy: h2

                                        
                                            GET /forms/v2.js HTTP/1.1 
Host: js.hsforms.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.182.73
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 05 Oct 2022 20:15:55 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 04 Oct 2022 08:44:35 UTC
etag: W/"dbfa791df9cd31037aab20a93b3d7562"
x-amz-server-side-encryption: AES256
x-amz-version-id: uMshbzZrXXg0lQJUXLSuqS6CmMiCACqg
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 27dc27c157f4b42ae253527f76742be4.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4
x-amz-cf-id: 2JNYfpQDEKaxh87uvcPqGEaLllttbbLz8cCK117Auqp6j3mpdGXifQ==
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: FormsNext/static-5.539/bundles/project_with_deps.js
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-tag: staticjsapp-FormsNext-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 366
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bA3j9PbfI5phdvCnqbRG7GZ0SZ3JfSMabljhjnqk2mTbFQs6W09%2BCnq9VqxqIOswzaKz8K78JQayldPxxkb4R%2FNM1RQfm6H6ADne0VD5aSS%2B%2Bm9UbbZe1P0RNhu7EafH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7558d5035b1cb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   1093908
Md5:    77eec2ae591b3f96a8b281f80bc34c6c
Sha1:   2ceacd95f91a9660db75f69ab3b991fd79eedee6
Sha256: 7218df92409609fb5a6614b66584ce484bdb9e118780611f4187589a79820a80
                                        
                                            GET /fonts/socicon.woff HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: _gcl_au=1.1.188931887.1665000956; __ss=1665000955645; __ss_referrer=https%3A//www.usbfund.com/secured-vs-unsecured-line-of-credit/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; _ga_YYEX7W0G95=GS1.1.1665000955.1.0.1665000955.0.0.0; _ga=GA1.1.1939356309.1665000956; wc_visitor=100980-bc2d77a7-a3e6-647d-04a7-fd16d2a9eded; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-bc2d77a7-a3e6-647d-04a7-fd16d2a9eded+..+; wc_client_current=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-bc2d77a7-a3e6-647d-04a7-fd16d2a9eded+..+; IR_gbd=usbfund.com; IR_7486=1665000955844%7C0%7C1665000955844%7C%7C
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: font/woff
                                        
last-modified: Fri, 27 Sep 2019 21:47:06 GMT
accept-ranges: bytes
content-length: 31444
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Wed, 05 Oct 2022 20:15:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 31444, version 1.0\012- data
Size:   31444
Md5:    dcbd1f9c4275862f002f21619e96b8f4
Sha1:   a97cd865925e5102ae7c25aa5dd09112ccf50651
Sha256: a680b776319127695950fd7c490b17cd15120d683bde57845707a2f7dc0f1a74

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/Secured-vs.-Unsecured-Line-of-Credit-1.jpg HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.188931887.1665000956; __ss=1665000955645; __ss_referrer=https%3A//www.usbfund.com/secured-vs-unsecured-line-of-credit/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; _ga_YYEX7W0G95=GS1.1.1665000955.1.0.1665000955.0.0.0; _ga=GA1.1.1939356309.1665000956; wc_visitor=100980-bc2d77a7-a3e6-647d-04a7-fd16d2a9eded; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-bc2d77a7-a3e6-647d-04a7-fd16d2a9eded+..+; wc_client_current=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-bc2d77a7-a3e6-647d-04a7-fd16d2a9eded+..+; IR_gbd=usbfund.com; IR_7486=1665000955844%7C0%7C1665000955844%7C%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Tue, 10 May 2022 05:40:53 GMT
accept-ranges: bytes
content-length: 12869
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Wed, 05 Oct 2022 20:15:56 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 720x405, components 3\012- data
Size:   12869
Md5:    4adc359bff7fdd1a69434369f1c0521d
Sha1:   2734ab7daa6ede9f1c5e2b35a254cf0ff5fcb311
Sha256: cdb37540ad321262b2812f3fb87b16a35f0e660769c3c99c4dd12c3614a42b5a
                                        
                                            GET /REST/webTracking/v1/event?timestamp=1665000956224&brandID=60034c978a48f7337bc1a105&shopType=api&shopHostname=www.usbfund.com&url=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&utmCampaign=secured-vs-unsecured-line-of-credit&utmMedium=campaign-email&utmSource=bayengage&title=Secured%20Vs%20Unsecured%20Line%20of%20Credit%20-%20US%20Business%20Funding&anonymousID=0BT4vwsAbucbwW-20221005201556&sessionID=hm4BVmYla33IPE-20221005201556&type=pageview HTTP/1.1 
Host: wt.soundestlink.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.26.48
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 05 Oct 2022 20:15:56 GMT
content-length: 42
x-envoy-upstream-service-time: 1
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7558d5091b9ab500-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4865
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 20:15:56 GMT
Last-Modified: Wed, 05 Oct 2022 18:54:51 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /track/event?event_id=xWMCUM2gF97YD&uri=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&cb=amgozeg6qrg6g9qp2lez HTTP/1.1 
Host: track.sendlane.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.250.2.183
HTTP/1.1 204 No Content
                                        
Date: Wed, 05 Oct 2022 20:15:56 GMT
Server: Apache
Cache-Control: no-cache, private, max-age=2592000
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 59
Set-Cookie: track_session=eyJpdiI6Iit0UGVTTDcrZDY3aDdHbEp1SjNTRlE9PSIsInZhbHVlIjoiNCt5K2g5SzBkN3VONFNiZkVKK0JGcmNTY1NuK09sM1didXRSelRteHByMEdwcFlUQU5ZQlk1MUVWQVZjR0hBMXdVK0hEMzJuNitvd3JBcjlHRUpBZSsvTUs1V1RsT0kxbVpncXFHZnF0bGNDVVdobjFINlk3TkZHT0U4ZW16ZTYiLCJtYWMiOiJmZDkwY2E5ZDZlZDI3MWM0MjdmZTc2OWZmMWY0NGY3MGZjNmE1MzI5YjhjY2RkZDEyMzliNjVhZGNhYmM4NDQxIiwidGFnIjoiIn0%3D; expires=Wed, 05-Oct-2022 22:15:56 GMT; Max-Age=7200; path=/; domain=sendlane.com; secure; httponly; samesite=lax
Expires: Fri, 04 Nov 2022 20:15:56 GMT
Connection: close

                                        
                                            GET /9726461.js HTTP/1.1 
Host: tag.getdrip.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.55
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 8
last-modified: Fri, 20 May 2022 20:08:53 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 20:15:57 GMT
etag: "de2e1607e500ee465eca3ec4505c0859"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5c12Uep7aSmZYxx2p1L7sB1A8NaGf6mggcUXqh33vMb-wuo4OI-I7Q==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   8
Md5:    de2e1607e500ee465eca3ec4505c0859
Sha1:   cfd432c8178796a4af548a7ed62f09bdf5fbb897
Sha256: 295bdad3ed86f4eeb0249f30e724344ec7be85582094013a85403ecbb77a0047
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.110
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 20:15:56 GMT
Last-Modified: Wed, 05 Oct 2022 19:04:50 GMT
Server: ECS (nyb/1D18)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: NoxOAORM-LUsUPSdMP7aFIUwzyEeeYytNB-Bo6-cwidwXRd3Z7NYgw==
Age: 4266

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4865
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 20:15:56 GMT
Last-Modified: Wed, 05 Oct 2022 18:54:51 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /CompanyWidget.aspx?ID=100094667&WidgetType=1 HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         207.137.0.213
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
location: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
date: Wed, 05 Oct 2022 20:15:55 GMT
content-length: 196
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   196
Md5:    e4450c4791dadbc8f0fe8409a9b278ec
Sha1:   70f8e597f291a8a247c4f1bbbc4586e300f75723
Sha256: e350fe60679b3272336147b700171d459374f3a66c6e228673a94ec0d9239b7e
                                        
                                            GET /?a=224499963&u=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit HTTP/1.1 
Host: prism.app-us1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.17.145.91
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 05 Oct 2022 20:15:56 GMT
cache-control: no-cache, private
set-cookie: prism_224499963=7ae0de15-6709-41d8-a683-e45a86918aba; expires=Fri, 04-Nov-2022 20:15:56 GMT; Max-Age=2592000; path=/; secure; httponly; samesite=none
x-envoy-upstream-service-time: 66
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7558d508be4fb51b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   164
Md5:    08be5c724b824a0e54e60e3d1fb29b10
Sha1:   786b96e0426456f846b81bdac0e6577ee2a39e31
Sha256: c54ff3c9fda72f67b6a8225499563cc64f8b82c24ab19d4a08d5127a46ac7fb7
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.110
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 20:15:56 GMT
Last-Modified: Wed, 05 Oct 2022 20:00:43 GMT
Server: ECS (nyb/1D27)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: oC3FII8lV74nZVElVTXQe6AnmZWopgR0jJddDQKpHtNwNtU1ObN-NA==
Age: 913

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.110
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 20:15:56 GMT
Last-Modified: Wed, 05 Oct 2022 18:25:58 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lAyPF4-z6Zv0Eo1MnmfE2rKW1EP0egvktA5Sm0gDAfG6qIPCCsMOcQ==
Age: 6599

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.110
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 20:15:56 GMT
Last-Modified: Wed, 05 Oct 2022 19:11:20 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 0Ugds7gdctIeGHSQiiX-lwRC1eImvHv78bSEFtQfhJy6Ex8m1RZtJA==
Age: 3876

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.110
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 20:15:56 GMT
Last-Modified: Wed, 05 Oct 2022 19:38:46 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: oiyhgZsfieESAAMtRVHAsu4FzWbLahPVphyn5mreR0nZT2dvGfEpvw==
Age: 2230

                                        
                                            POST /keyword/ HTTP/1.1 
Host: process.iconnode.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 1013
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         76.223.116.242
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Wed, 05 Oct 2022 20:15:56 GMT
content-length: 37
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://www.usbfund.com
access-control-allow-credentials: true
access-control-max-age: 86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   37
Md5:    47d237a9ed20cca7882969e1f7cabaad
Sha1:   b036919d16d1ffdce3bf3673d49edb255d5983e6
Sha256: ac783c5fa4807f599b392fc3774e82e8fe8f33998e17f3f523a1c1358fd659c5
                                        
                                            GET /liveramp_redir HTTP/1.1 
Host: aorta.clickagy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.169.130.67
HTTP/2 302 Found
content-type: application/json
                                        
date: Wed, 05 Oct 2022 20:15:56 GMT
content-length: 0
location: https://id.rlcdn.com/711861.gif
server: Aorta/20220929.37e3bd418
x-aorta-host: f14ade6d5b54
x-aorta-region: us-east-1
access-control-allow-credentials: true
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
access-control-expose-headers: Set-Cookie
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin:
access-control-max-age: 31536000
cache-control: no-cache, no-store, must-revalidate
expect: 0
X-Firefox-Spdy: h2

                                        
                                            GET /pixel.gif?clkgypv=jstag HTTP/1.1 
Host: aorta.clickagy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.169.130.67
HTTP/2 302 Found
content-type: application/json
                                        
date: Wed, 05 Oct 2022 20:15:56 GMT
content-length: 0
location: https://stags.bluekai.com/site/51557?id=c:e89ffb6bcf0539ea582ee4fc6cd90fbb&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D122%26cm%3D$_BK_UUID&BKUUID=$_BK_UUID&limit=1
server: Aorta/20220929.37e3bd418
x-aorta-host: 65863f437f35
x-aorta-region: us-east-1
access-control-allow-credentials: true
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
access-control-expose-headers: Set-Cookie
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin:
access-control-max-age: 31536000
cache-control: no-cache, no-store, must-revalidate
expect: 0
X-Firefox-Spdy: h2

                                        
                                            POST /data HTTP/1.1 
Host: aorta.clickagy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 385
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         35.169.130.67
HTTP/2 200 OK
content-type: application/json
                                        
date: Wed, 05 Oct 2022 20:15:56 GMT
content-length: 82
server: Aorta/20220929.37e3bd418
x-aorta-host: bc73409a835b
x-aorta-region: us-east-1
access-control-allow-credentials: true
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
access-control-expose-headers: Set-Cookie
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.usbfund.com
access-control-max-age: 31536000
cache-control: no-cache, no-store, must-revalidate
expect: 0
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   82
Md5:    c8f366b71d894c814c6039552cec1d20
Sha1:   c7254c44f9c6f7e65830b45c868fdb9db315c1b8
Sha256: 455c7c6891d8e91ad5ea11049bf9b043c9c9f522b21393e410f1bae9440a5761
                                        
                                            GET /companywidget.aspx?ID=100094667&WidgetType=1 HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=03fqusgwrvgwkxhdg0pnsv3s; path=/; secure; HttpOnly; SameSite=Lax
date: Wed, 05 Oct 2022 20:15:55 GMT
content-length: 6794
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (604), with CRLF line terminators
Size:   6794
Md5:    7035c41f44acc62a71d3c37f7cc3053d
Sha1:   38cbb291564a0d9b7205c3baec62e723be0fa26d
Sha256: c0de13960b9c35a30ec266a7f097a9d15938bc7581efa1533df387ef36c757b6
                                        
                                            GET /prod/540751/8e06fd82-42e9-4211-9f65-32b7dbc43b43.json.gz HTTP/1.1 
Host: hubspot-forms-static-embed.s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         52.216.146.163
HTTP/1.1 403 Forbidden
Content-Type: application/xml
                                        
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: B71XAM9GX3Q416XW
x-amz-id-2: hHl5NGIA8jnl8mk8hr3qGqLeHdaXW9J7xxlVWHMmzkncY7TIaQm2458hcDLbIufhy1jGqIDo2C8=
Transfer-Encoding: chunked
Date: Wed, 05 Oct 2022 20:15:56 GMT
Server: AmazonS3


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text
Size:   243
Md5:    86e7cca794b2d08e7a3860ad6ae38c60
Sha1:   b9877f2edcc7e016eb7757f4a49bbb025dba5c7a
Sha256: 9c1a9a5f5256042fa552cbe457fe6554526eca7fcceeada7233c78ecb159c1ee
                                        
                                            GET /track.js HTTP/1.1 
Host: serve.albacross.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.89
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 08 Apr 2021 13:13:21 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Wed, 05 Oct 2022 20:15:07 GMT
Cache-Control: max-age=120
ETag: W/"b769e9b4f23be6c9bab7c715fdf2526a"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Fo8peqEKkIWVpQFZD3omcmI7ZrO8Nw2RALFCbVjWJnKmIl2ADJ1n3Q==
Age: 50


--- Additional Info ---
Magic:  ASCII text, with very long lines (10418)
Size:   4085
Md5:    e062066a14a30b3ed3b72c5b31f21ffe
Sha1:   064e97457f03f59e40134ea46a21ba6e98a90c68
Sha256: 7bc78e48c07227b97701737a2799c978d37ff3f2350b02043ce69464de7399de
                                        
                                            GET /li.lms-analytics/insight.min.js HTTP/1.1 
Host: snap.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.210
HTTP/2 200 OK
content-type: application/x-javascript;charset=utf-8
                                        
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=23462
date: Wed, 05 Oct 2022 20:15:57 GMT
content-length: 3063
x-cdn: AKAM
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7751)
Size:   3063
Md5:    57efbbeb3e1d23c82b677511c67c8b0e
Sha1:   f927ba115ef4be362694c22850ddbdd1c1b054d1
Sha256: 873b38d80c8ff1ffcac23ecdb7fb2d17413ae3c217236d8e1e24574b1c4707c6
                                        
                                            GET /stylesheets/jquery.selectBox.css HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
cache-control: no-cache
location: https://www.checkbca.org/stylesheets/jquery.selectbox.css
date: Wed, 05 Oct 2022 20:15:56 GMT
content-length: 180
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   180
Md5:    65d99af646ca7622a01fc0d3eb7a6b6d
Sha1:   a6b71820c0572f17c183b5669255346947bc3492
Sha256: 425fea6b4acfc8c48eee414af2be035b5c77a87742cf0bb46b136d07e0c29f6a
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 05 Oct 2022 18:41:09 GMT
expires: Wed, 05 Oct 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 5688
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            GET /munchkin.js HTTP/1.1 
Host: munchkin.marketo.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         88.221.99.189
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Accept-Ranges: bytes
ETag: "92b41a298690c047b0c4602dd843cba4:1662686319.691662"
Last-Modified: Fri, 09 Sep 2022 01:18:39 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 05 Oct 2022 20:15:57 GMT
Content-Length: 728
Connection: keep-alive
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"


--- Additional Info ---
Magic:  ASCII text, with very long lines (521)
Size:   728
Md5:    51a92d8c69733d719447dea0416ed039
Sha1:   69f4c1e0b7ebba812bc096708d57627927dff265
Sha256: cb483c0ea4012ac512bcba6204b37622b388c1aefd4ae9028f60abb965f23d29
                                        
                                            GET /stylesheets/font-awesome.min.css HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: no-cache
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 18:58:59 GMT
accept-ranges: bytes
etag: "809bbc5d6cd3d81:0"
vary: Accept-Encoding
date: Wed, 05 Oct 2022 20:15:56 GMT
content-length: 6965
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (30837)
Size:   6965
Md5:    775375b17c16dc85854ba29bbba28807
Sha1:   91c2f8c2838211a85090f061340b6c0c24e763af
Sha256: e05c4f03a6c957e6b769e9ac46b9b6d7f1de8f46f49fc894be7c7493aaf4e033
                                        
                                            GET /stylesheets/style.css HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: no-cache
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 18:58:59 GMT
accept-ranges: bytes
etag: "809bbc5d6cd3d81:0"
vary: Accept-Encoding
date: Wed, 05 Oct 2022 20:15:56 GMT
content-length: 10891
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  assembler source, Unicode text, UTF-8 text, with very long lines (548), with CRLF line terminators
Size:   10891
Md5:    cef167427944e3fb4d6831c227b30bd0
Sha1:   5900baa9671ec663d3f990e38e7bb763f7edee64
Sha256: ad26247de1e0e4f3e40fd860a147df0ed041f06e75dc48f7e1ac3684ac7920f1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 20:15:57 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 13:42:54 GMT
Expires: Wed, 12 Oct 2022 13:42:53 GMT
Etag: "d2913d670acf488ba2460758095e8238c1d47966"
Cache-Control: max-age=580615,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7558d50d7ea1b505-OSL

                                        
                                            GET /sifitag/7c49dfc0-b0ef-0139-b544-06a60fe5fe77 HTTP/1.1 
Host: tag.simpli.fi
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         169.50.137.179
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 05 Oct 2022 20:15:57 GMT
content-length: 3101
set-cookie: suid=30510A6AFAB44ABFAFB7A8179CABD499; Path=/; domain=simpli.fi; Expires=Fri, 06-Oct-23 20:15:57 GMT; SameSite=none; Secure; suid_legacy=30510A6AFAB44ABFAFB7A8179CABD499; Path=/; domain=simpli.fi; Expires=Fri, 06-Oct-23 20:15:57 GMT; Secure;
x-request-id: FxtFjIXoDjuFbuSfdw4B
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache, no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3100)
Size:   3101
Md5:    3f39bd6aa96de4bb5bd9275b06354981
Sha1:   14f61e1cbeb536266027c98d8f48cc3211f1a2b2
Sha256: 4f8cbfd5c952dcec41e51c8cdf551acc7acf44e7e4d51ab90be179a503fb4b00
                                        
                                            GET /711861.gif HTTP/1.1 
Host: id.rlcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.244.174.68
HTTP/2 451 Unavailable For Legal Reasons
                                        
date: Wed, 05 Oct 2022 20:15:57 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.110
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 20:15:57 GMT
Last-Modified: Wed, 05 Oct 2022 19:58:08 GMT
Server: ECS (dcb/7ECA)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JfN9cuZphg9GpynBLZQv9cBVvwSkbV7FriIy49kSxPWw_rBoCkcPoQ==
Age: 1069

                                        
                                            GET /wp-content/uploads/cropped-iconusbfund-32x32.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.188931887.1665000956; __ss=1665000955645; __ss_referrer=https%3A//www.usbfund.com/secured-vs-unsecured-line-of-credit/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; _ga_YYEX7W0G95=GS1.1.1665000955.1.0.1665000955.0.0.0; _ga=GA1.1.1939356309.1665000956; wc_visitor=100980-bc2d77a7-a3e6-647d-04a7-fd16d2a9eded; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-bc2d77a7-a3e6-647d-04a7-fd16d2a9eded+..+; wc_client_current=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-bc2d77a7-a3e6-647d-04a7-fd16d2a9eded+..+; IR_gbd=usbfund.com; IR_7486=1665000955844%7C0%7C1665000955844%7C%7C; __ss_tk=202210%7C633de5fb178b2f690770a7ba; soundestID=20221005201556-fdXl5EeZiSSgLzZNgi4ssfMqTpc1QEQj8P98CEpcmItbq4K35; omnisendAnonymousID=0BT4vwsAbucbwW-20221005201556; omnisendSessionID=hm4BVmYla33IPE-20221005201556; prism_224499963=7ae0de15-6709-41d8-a683-e45a86918aba; soundest-views=1; wc_swap=9494033494+..+9494611140+..+68836
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:14:07 GMT
accept-ranges: bytes
content-length: 1438
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Wed, 05 Oct 2022 20:15:57 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   1438
Md5:    331f8022f00882988b3dd50a45511040
Sha1:   295b137770dedf8de5101ba30c05f515e21b6fb0
Sha256: f83bb7fbb6ab6b05a6129fdc513d6edeb3b9029b0cbe6cf3eae361ad56c58cf5
                                        
                                            GET /wp-content/uploads/cropped-iconusbfund-192x192.png HTTP/1.1 
Host: www.usbfund.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/secured-vs-unsecured-line-of-credit/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=secured-vs-unsecured-line-of-credit
Cookie: _gcl_au=1.1.188931887.1665000956; __ss=1665000955645; __ss_referrer=https%3A//www.usbfund.com/secured-vs-unsecured-line-of-credit/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit; _ga_YYEX7W0G95=GS1.1.1665000955.1.0.1665000955.0.0.0; _ga=GA1.1.1939356309.1665000956; wc_visitor=100980-bc2d77a7-a3e6-647d-04a7-fd16d2a9eded; wc_client=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-bc2d77a7-a3e6-647d-04a7-fd16d2a9eded+..+; wc_client_current=bayengage+..+campaign-email+..+secured-vs-unsecured-line-of-credit+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit+..+100980-bc2d77a7-a3e6-647d-04a7-fd16d2a9eded+..+; IR_gbd=usbfund.com; IR_7486=1665000955844%7C0%7C1665000955844%7C%7C; __ss_tk=202210%7C633de5fb178b2f690770a7ba; soundestID=20221005201556-fdXl5EeZiSSgLzZNgi4ssfMqTpc1QEQj8P98CEpcmItbq4K35; omnisendAnonymousID=0BT4vwsAbucbwW-20221005201556; omnisendSessionID=hm4BVmYla33IPE-20221005201556; prism_224499963=7ae0de15-6709-41d8-a683-e45a86918aba; soundest-views=1; wc_swap=9494033494+..+9494611140+..+68836
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         50.87.170.174
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 28 Sep 2019 00:15:06 GMT
accept-ranges: bytes
content-length: 19606
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
date: Wed, 05 Oct 2022 20:15:57 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   19606
Md5:    273b22a347363c8bfaa20ddcca897d53
Sha1:   0bf5106cb96db26030ae4bee997db3aef8914130
Sha256: 3c673a54e1fea64b6b57dc31365058249f665f327b0e032746b310a2f6a2c0b2
                                        
                                            GET /162/munchkin.js HTTP/1.1 
Host: munchkin.marketo.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         88.221.99.189
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Accept-Ranges: bytes
ETag: "75daf56f6191efe42577301908659c29:1656637152.894482"
Last-Modified: Fri, 01 Jul 2022 00:59:12 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=8640000
Expires: Fri, 13 Jan 2023 20:15:57 GMT
Date: Wed, 05 Oct 2022 20:15:57 GMT
Content-Length: 4677
Connection: keep-alive
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"


--- Additional Info ---
Magic:  ASCII text, with very long lines (606)
Size:   4677
Md5:    3e9baed982956735f6e0a0e756d97ed9
Sha1:   9223be6a494a10959101a7942419df7b05b84d73
Sha256: 930a508ed0ea6b4861d19c0738360182514010913c4ebfe9352064ae5006f8a1
                                        
                                            GET /WebResource.axd?d=pynGkmcFUV13He1Qd6_TZBAd-3g2iBrrqGpefWWgmRAZw8TONzGF-aV_9TjkbkyCvwDWnstKlAYe583il9NLzw2&t=637823077705833095 HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public
content-encoding: gzip
expires: Thu, 05 Oct 2023 05:26:19 GMT
last-modified: Tue, 08 Mar 2022 11:42:50 GMT
vary: Accept-Encoding
date: Wed, 05 Oct 2022 20:15:56 GMT
content-length: 23086
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   23086
Md5:    20180537e2ac64e5c60143ac90c84998
Sha1:   82d03de61c4dededbc9fd79d8c3a8e18d3b43744
Sha256: 0999cb5dfb2dcd76a944ef880be49f8e2d66fc60d00817e2b251ba0a67090cbf
                                        
                                            GET /5627136.js HTTP/1.1 
Host: js.hs-banner.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.154.85
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
date: Wed, 05 Oct 2022 20:15:56 GMT
x-amz-id-2: PcrNy5JVPsu598PC1/lPElCBYp1cqb3V50xjRUlMVyG5H6zeu5pIrqoFSA3iI3YfKyyK18RQkuQ=
x-amz-request-id: 1KMFHE45754KHE95
last-modified: Tue, 30 Aug 2022 21:14:45 GMT
etag: W/"5c3b164165600a0b6a0c29c630962192"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: .1v3HU9LDUEmg0.4oQ38beGDggSFt1E7
access-control-allow-origin: http://www.usbfund.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
expires: Wed, 05 Oct 2022 20:20:56 GMT
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 7558d50799c9b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (60657)
Size:   14884
Md5:    b34afaec2a82962f486f99020070add2
Sha1:   c4c26e8664af37a949878dadd1a685e01ba3f537
Sha256: 52c2396ccf9e4c30d80a41b688c8b0cd3f76e181a869fa6dae4cc1f366cf3c5f
                                        
                                            GET /Scripts/WebForms/MsAjax/MicrosoftAjax.js HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
cache-control: no-cache
location: https://www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
date: Wed, 05 Oct 2022 20:15:56 GMT
content-length: 188
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   188
Md5:    6f83537ac9d2567aa0049ad8d28282d8
Sha1:   7e4975fe0edee16d97ab1f59dd7473a95902f30e
Sha256: c614ae1fc44d88ab3555782295fd0de23f7b1062ef93e0777530a9ff2fdb2fe6
                                        
                                            GET /Scripts/WebForms/MsAjax/MicrosoftAjaxWebForms.js HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
cache-control: no-cache
location: https://www.checkbca.org/scripts/webforms/msajax/microsoftajaxwebforms.js
date: Wed, 05 Oct 2022 20:15:56 GMT
content-length: 196
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   196
Md5:    95d708e49ef3d81c5832e354dbdafb01
Sha1:   ddb6aa6d1990a59c42331129fef517bb9101fad1
Sha256: 429e36746d58356e8d7fd50c755f2ec8de5fcf67bc3980f782eef9c14e89db18
                                        
                                            GET /scripts/jquery-3.3.1.min.js HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: no-cache
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Wed, 05 Oct 2022 20:15:56 GMT
content-length: 30394
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   30394
Md5:    a263be51483c81a54aa8c85104a93e55
Sha1:   555a54a73531c553bd2aede6abc25c128b63312e
Sha256: b2f13ad730928958c09d89e6e32bb6a227c0260d032a39ca464d998a59e57a66
                                        
                                            GET /scripts/jquery.simplemodal.1.4.4.min.js HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: no-cache
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Wed, 05 Oct 2022 20:15:56 GMT
content-length: 3081
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (626), with CRLF, LF line terminators
Size:   3081
Md5:    487fda8eb4e12565909588706300e2fb
Sha1:   9224d8c027d499bb7ec852c2bf3c580e593f5d5b
Sha256: 664736273b9cff9b035c3c682e6ea5e1220468bf24d3199d45148b0a45e101dc
                                        
                                            GET /site/51557?id=c:e89ffb6bcf0539ea582ee4fc6cd90fbb&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D122%26cm%3D$_BK_UUID&BKUUID=$_BK_UUID&limit=1 HTTP/1.1 
Host: stags.bluekai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.201.22
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 62
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 05 Oct 2022 20:15:57 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   62
Md5:    3f386f5061436a0338a64e0910db495d
Sha1:   599fe4a552c991a2b3ce5a1660732bf7b21fb901
Sha256: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 20:15:57 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 13:42:54 GMT
Expires: Wed, 12 Oct 2022 13:42:53 GMT
Etag: "d2913d670acf488ba2460758095e8238c1d47966"
Cache-Control: max-age=580615,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7558d50e2fd0b505-OSL

                                        
                                            GET /scripts/jquery.bxslider.min.js HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: no-cache
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Wed, 05 Oct 2022 20:15:56 GMT
content-length: 5135
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18813)
Size:   5135
Md5:    9777aab0bd6025cd5c7ecaebd409284d
Sha1:   ab73cc0c1c09e58a1fa0d5bda44c313f697f14da
Sha256: 7b01c6335fa7c91f0b359d56158676c2553323f6e09dd01db242b0da0d104d1b
                                        
                                            GET /scripts/jquery.selectBox.js HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
cache-control: no-cache
location: https://www.checkbca.org/scripts/jquery.selectbox.js
date: Wed, 05 Oct 2022 20:15:56 GMT
content-length: 175
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   175
Md5:    46da262b5b1399dfbf30fac73e57a298
Sha1:   c176cf3cfa6da6a0748c497591ff3619467d6434
Sha256: 4089029c368f61bcc5e6be36c952e1c440e0e20475e247b8316c6ce57ea7cc99
                                        
                                            GET /scripts/scripts.js HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: no-cache
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 18:58:56 GMT
accept-ranges: bytes
etag: "0d8f25b6cd3d81:0"
vary: Accept-Encoding
date: Wed, 05 Oct 2022 20:15:56 GMT
content-length: 4272
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   4272
Md5:    3b38a1caac14cc0685da48549e84da3b
Sha1:   2ce4f852dced2ddee12614640dcfeb0f3a96ae48
Sha256: 4e45d270791d6d30c782e95c1763ef0a1ac7b934d5cb703b651f3c6434c8b22b
                                        
                                            GET /images/widget_member_seal.png HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: no-cache
last-modified: Sat, 09 May 2020 03:31:08 GMT
accept-ranges: bytes
etag: "8a855647b225d61:0"
date: Wed, 05 Oct 2022 20:15:56 GMT
content-length: 4897
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Size:   4897
Md5:    b16b18a3bc55b39e53d58026662582b1
Sha1:   f1ef3e2605c0eb6afd312dcc7b354b4d0dee54a2
Sha256: fb715daa7fae403543290995b70576747818581d044e57b5ac072fd27c84e1bf
                                        
                                            GET /stylesheets/jquery.selectbox.css HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: no-cache
content-encoding: gzip
last-modified: Fri, 02 Aug 2019 17:52:06 GMT
accept-ranges: bytes
etag: "0a783ff5a49d51:0"
vary: Accept-Encoding
date: Wed, 05 Oct 2022 20:15:56 GMT
content-length: 844
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2823), with no line terminators
Size:   844
Md5:    ef6ac3dc00cd170fb2e40e76489dc10d
Sha1:   02964dcc31527690062facef2f5ca2c0cf24ea23
Sha256: 06e4f8e3d1d4e68a23c9fd4927304906f912307b71f80025f6b74dfe3945d813
                                        
                                            GET /scripts/webforms/msajax/microsoftajax.js HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: no-cache
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 18:58:58 GMT
accept-ranges: bytes
etag: "05245d6cd3d81:0"
vary: Accept-Encoding
date: Wed, 05 Oct 2022 20:15:56 GMT
content-length: 24320
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65262), with CRLF line terminators
Size:   24320
Md5:    1aa546445a52ff5e781cb1e335f445c4
Sha1:   a8071c7d8f7c2798100ceed7ef5842a587cc41d2
Sha256: 6a3e80b4cc602560e187e061ff5070fdda5c608125956f878f417b01867f6b09
                                        
                                            GET /scripts/webforms/msajax/microsoftajaxwebforms.js HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: no-cache
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 18:58:59 GMT
accept-ranges: bytes
etag: "809bbc5d6cd3d81:0"
vary: Accept-Encoding
date: Wed, 05 Oct 2022 20:15:56 GMT
content-length: 9603
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (39257), with CRLF line terminators
Size:   9603
Md5:    211aa6b9096a11187131cbc6c3ab6d16
Sha1:   380ff6b00fc93d78031319a6d1b0e78f2a9e6017
Sha256: 4f1ec7256c84b77776b8c75fd59dca0c6b5560fa3a5010a290e46b6b5d8d4f5f
                                        
                                            GET /apps/18595/capture.js HTTP/1.1 
Host: sc.cdnma.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.99
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 13 Jun 2022 17:04:53 GMT
access-control-allow-origin: *
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
date: Wed, 05 Oct 2022 20:15:57 GMT
expires: Thu, 06 Oct 2022 00:05:25 GMT
cache-control: max-age=14400
etag: W/"62a76e35-6b96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Jua_pAZMzWNN8d1xSdZC1GQuW2J9_cDfAJcaI-5SmMk44iXYmL9UiQ==
age: 632
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   7913
Md5:    914c1f8a7ad854399766214647308036
Sha1:   499c3d55dd9cdc07d203d4932c4eb0783c559a61
Sha256: 2e0ab03a9e5aa965e4f4fc9bcd77a4028f438ef575e6b05b21ed94dd1a843613
                                        
                                            GET /scripts/jquery.selectbox.js HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: no-cache
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Wed, 05 Oct 2022 20:15:56 GMT
content-length: 4192
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (15896), with no line terminators
Size:   4192
Md5:    786f2eb7bf72098ca18b9afd6d127237
Sha1:   5e75cb575c23f13e064a913cbe55570670e718ab
Sha256: d8a1f1df33bbe0f528bfd53be5c1388890220e54c5aaa7281b889a1e5dde3189
                                        
                                            GET /recorder.js HTTP/1.1 
Host: rec.smartlook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.76.9.16
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 05 Oct 2022 20:15:57 GMT
access-control-allow-origin: *
cache-control: public, max-age=600
etag: W/"633bff6c-7492"
last-modified: Tue, 04 Oct 2022 09:39:56 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-accel-expires: @1665001303
server: CDN77-Turbo
x-77-nzt: AblMCQ25Y5f//gAAAA
x-77-nzt-ray: PZJd1dcF+qw
x-cache: HIT
x-age: 254
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (29842), with no line terminators
Size:   9411
Md5:    3e949e206a48a3876c6304605259e7d8
Sha1:   65a54d38f13029c37164ee8a6d7927b39ba54d63
Sha256: 6bd17b891ffa92391abc42344374838bb3194f8fea3999a0c26351ac442165de
                                        
                                            GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D58092%26time%3D1665000957034%26url%3Dhttps%253A%252F%252Fwww.usbfund.com%252Fsecured-vs-unsecured-line-of-credit%252F%253Futm_source%253Dbayengage%2526utm_medium%253Dcampaign-email%2526utm_campaign%253Dsecured-vs-unsecured-line-of-credit%26liSync%3Dtrue HTTP/1.1 
Host: www.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.107.42.14
HTTP/2 302 Found
                                        
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=58092&time=1665000957034&url=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None bcookie="v=2&d342c661-499a-4458-8953-7c4e251a4d8f"; Domain=.linkedin.com; Expires=Thu, 05-Oct-2023 20:15:57 GMT; Path=/; Secure; SameSite=None bscookie="v=1&20221005201557091c2617-b19b-43e3-814f-96bf07f8076cAQGHktVlXvSyqRkzaYFYX32xuhgJC__A"; Domain=.www.linkedin.com; Expires=Thu, 05-Oct-2023 20:15:57 GMT; Path=/; HttpOnly; Secure; SameSite=None li_gc=MTswOzE2NjUwMDA5NTc7MjswMjFQ0xuRjFI4ox6qJEeS4/AQYA6GrpY1KhieeJsL6ht5ZQ==; Domain=.linkedin.com; Expires=Mon, 03 Apr 2023 20:15:57 GMT; Path=/; Secure; SameSite=None lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2354:u=1:x=1:i=1665000957:t=1665087357:v=2:sig=AQHRh9d65X8iEUm-C_L3ggBfMTYxRs9M"; Expires=Thu, 06 Oct 2022 20:15:57 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXqTz6fvfiq+CAr+5EY2A==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: D2BE65F5C1454D8C9ED2ADF909FAE755 Ref B: OSL30EDGE0514 Ref C: 2022-10-05T20:15:57Z
date: Wed, 05 Oct 2022 20:15:56 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /collect?v=2&fmt=js&pid=58092&time=1665000957034&url=https%3A%2F%2Fwww.usbfund.com%2Fsecured-vs-unsecured-line-of-credit%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsecured-vs-unsecured-line-of-credit&liSync=true HTTP/1.1 
Host: px.ads.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.107.42.14
HTTP/2 200 OK
content-type: application/javascript
                                        
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure bcookie="v=2&e3300237-abaa-4efb-8421-51ba867edcba"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 05-Oct-2023 20:15:57 GMT; SameSite=None lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2401:u=1:x=1:i=1665000957:t=1665087357:v=2:sig=AQGAJj7H8IVB6S7jL6Y3mBr4q4ln_Het"; Expires=Thu, 06 Oct 2022 20:15:57 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXqTz6iZC4jHoLNOpNdzg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 473491BE27174678B6B016A30E6952B5 Ref B: OSL30EDGE0514 Ref C: 2022-10-05T20:15:57Z
date: Wed, 05 Oct 2022 20:15:56 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3262
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 20:15:57 GMT
Last-Modified: Wed, 05 Oct 2022 19:21:35 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /companywidget.aspx?ID=100094667&WidgetType=1 HTTP/1.1 
Host: www.checkbca.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         207.137.0.213
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=bax2gdf1zhfbal5dxlucxaqj; path=/; secure; HttpOnly; SameSite=Lax
date: Wed, 05 Oct 2022 20:15:56 GMT
content-length: 6794
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (604), with CRLF line terminators
Size:   6794
Md5:    86cc45a933590e96e397895c263dd4dd
Sha1:   5060e56efededc851dbeddf9b71454eec70ba058
Sha256: