email.mail.usbfund.com/c/eJxMjk2OozAQRk9jdonsKjCw8GKkKNdAZbsITDBE_hmU24_opqNeWX5P-up5Y2Wr1egqNkp3qla61U01GassoAPsmh7B296hBeU6bHWvGuplNRuQgLJWCFJBjVfwTacVjWOHEnzbiloGmpdrSXYsq7-6LVSLmXJ-JYF_BNwF3Pd9_-0PiPeSw5C2Eh0LvFl68_qgBwvQhwjs5xIE3hyFF82P9cLHldP-QIG3RAuny9FXRfOXI4eZJlFLyzFPZDfK-xaf6Ssr5S3yEHk0qu4bff5Lmb0RAL13WI-sNY0sAKpsXLDD-fyjOABKkFU2ec3D90CO5J5kFx5mb079Qfn94mP3EwvwPwAA___7c3xl
34.110.180.34302 Found 556 B URL User Request GET HTTP/1.1 email.mail.usbfund.com/c/eJxMjk2OozAQRk9jdonsKjCw8GKkKNdAZbsITDBE_hmU24_opqNeWX5P-up5Y2Wr1egqNkp3qla61U01GassoAPsmh7B296hBeU6bHWvGuplNRuQgLJWCFJBjVfwTacVjWOHEnzbiloGmpdrSXYsq7-6LVSLmXJ-JYF_BNwF3Pd9_-0PiPeSw5C2Eh0LvFl68_qgBwvQhwjs5xIE3hyFF82P9cLHldP-QIG3RAuny9FXRfOXI4eZJlFLyzFPZDfK-xaf6Ssr5S3yEHk0qu4bff5Lmb0RAL13WI-sNY0sAKpsXLDD-fyjOABKkFU2ec3D90CO5J5kFx5mb079Qfn94mP3EwvwPwAA___7c3xl
IP 34.110.180.34:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2c5b9868fd5995b1acc01a83b3a9b298
5bcaa65878d22b46c074828c991923956a50908f
5c2d39f9824f30e9e1d7910ba104b131efad3037e3fb4d6a5ca3de9bcdb1ff65
Analyzer Verdict Alert fortinet Malware
GET /c/eJxMjk2OozAQRk9jdonsKjCw8GKkKNdAZbsITDBE_hmU24_opqNeWX5P-up5Y2Wr1egqNkp3qla61U01GassoAPsmh7B296hBeU6bHWvGuplNRuQgLJWCFJBjVfwTacVjWOHEnzbiloGmpdrSXYsq7-6LVSLmXJ-JYF_BNwF3Pd9_-0PiPeSw5C2Eh0LvFl68_qgBwvQhwjs5xIE3hyFF82P9cLHldP-QIG3RAuny9FXRfOXI4eZJlFLyzFPZDfK-xaf6Ssr5S3yEHk0qu4bff5Lmb0RAL13WI-sNY0sAKpsXLDD-fyjOABKkFU2ec3D90CO5J5kFx5mb079Qfn94mP3EwvwPwAA___7c3xl HTTP/1.1
Host: email.mail.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Length: 556
Content-Type: text/html
Date: Thu, 13 Apr 2023 20:13:16 GMT
Location: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
X-Robots-Tag: noindex
X-Xss-Protection: 1; mode=block
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash f69556f96addf59393c63ef21818749b
789d0d9f1505ad2cecdf48a6c3c4c3fc393f0b6e
346892b415ce1392b9a8f898b417349886229bf9c81f62161f9fdc019f6e89aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Apr 2023 20:13:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash f69556f96addf59393c63ef21818749b
789d0d9f1505ad2cecdf48a6c3c4c3fc393f0b6e
346892b415ce1392b9a8f898b417349886229bf9c81f62161f9fdc019f6e89aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Apr 2023 20:13:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 81375129214a57d2dc6793c1f3ac675a
d123df1cd6676e813a0dc11b5226616449ba6ef1
c08b4485550568c320579d60318c5b1fea9220df17e490418a561b541f6f2441
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Apr 2023 20:13:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash f69556f96addf59393c63ef21818749b
789d0d9f1505ad2cecdf48a6c3c4c3fc393f0b6e
346892b415ce1392b9a8f898b417349886229bf9c81f62161f9fdc019f6e89aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Apr 2023 20:13:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 54eb029f563d9e8d0240ddb87dcff371
370de2531a56d77d2d9aaaf019d5835091a04d66
a491202f3b565b38ce6ba5f9500cba5fc395c760de2aa22afc270d2c29cc8f59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Apr 2023 20:13:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
142.250.74.170200 OK 30 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
IP 142.250.74.170:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint77:43:87:91:D0:0A:64:BD:84:1C:9A:F5:10:86:8E:8E:04:F1:F9:A3
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
File type ASCII text, with very long lines (32025)
Hash 83b3b5729cdff3976db52c51831e96b8
d23dc823e37f58e5366340be755730f3fa9a850d
675fa88b39008a09994460a93b310a7d4593735009a9b24b6f176c347ad12421
GET /ajax/libs/jquery/2.1.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29725
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Apr 2023 02:01:08 GMT
expires: Thu, 11 Apr 2024 02:01:08 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 151929
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
143.204.55.101200 OK 6.1 kB URL GET HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP 143.204.55.101:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintED:01:2E:50:4C:98:9B:F1:34:D7:8C:1E:93:45:E6:05:00:3C:47:86
ValidityThu, 02 Feb 2023 00:00:00 GMT - Sat, 02 Mar 2024 23:59:59 GMT
File type Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Hash 5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Thu, 13 Apr 2023 03:31:34 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8L6O2plPgI1Xf0ubSAjfhyeUj76hI64QOPTCTZ112mp44FsGyvRwRw==
age: 60104
X-Firefox-Spdy: h2
code.jquery.com/jquery-migrate-1.2.1.js
69.16.175.42200 OK 5.8 kB URL GET HTTP/2 code.jquery.com/jquery-migrate-1.2.1.js
IP 69.16.175.42:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerSectigo Limited
Subject*.jquery.com
Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83
ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT
Hash ab50f392b13415af57f9720f4d24e981
8bee0d6d15bc0bf62197f6a33493df7494bf42c2
3c7ae468bcd5eefaf92cfac278a5a998f871e0aaa190f87b0f56fd79f93d00b7
GET /jquery-migrate-1.2.1.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-encoding: gzip
content-length: 5783
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-40ed"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1681416797.dop207.sk1.t,1681416797.cds222.sk1.hn,1681416797.cds216.sk1.c
X-Firefox-Spdy: h2
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
143.204.55.101200 OK 6.1 kB URL GET HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP 143.204.55.101:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintED:01:2E:50:4C:98:9B:F1:34:D7:8C:1E:93:45:E6:05:00:3C:47:86
ValidityThu, 02 Feb 2023 00:00:00 GMT - Sat, 02 Mar 2024 23:59:59 GMT
File type Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Hash 5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Thu, 13 Apr 2023 03:31:34 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IgBMpJg5NkvovuCbdn-1-ZxGgNr6mNkcn344QxvazBEmSuvpUry8KQ==
age: 60104
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-210860007-1
142.250.74.40200 OK 45 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-210860007-1
IP 142.250.74.40:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint3C:0B:85:94:2A:86:0A:B3:D0:9E:43:A9:87:6A:FB:56:49:9F:F6:B8
ValidityMon, 20 Mar 2023 08:17:43 GMT - Mon, 12 Jun 2023 08:17:42 GMT
File type ASCII text, with very long lines (2206)
Hash 438e7d3eeab7384eb66f177fa9736ba2
2b363fe591c9e87dde10619a556373982c366d44
ce8fbcd7dc4098c9aa3880a1476737594c584f98359e63d02cf6add80da83884
GET /gtag/js?id=UA-210860007-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 13 Apr 2023 20:13:17 GMT
expires: Thu, 13 Apr 2023 20:13:17 GMT
cache-control: private, max-age=900
last-modified: Thu, 13 Apr 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44605
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-NW5DZCL
142.250.74.40200 OK 56 kB URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NW5DZCL
IP 142.250.74.40:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint3C:0B:85:94:2A:86:0A:B3:D0:9E:43:A9:87:6A:FB:56:49:9F:F6:B8
ValidityMon, 20 Mar 2023 08:17:43 GMT - Mon, 12 Jun 2023 08:17:42 GMT
File type ASCII text, with very long lines (7865)
Hash d7bdfb411d4589658b4829928c40c11b
27420ace6fc97ab73eb93c620535297eee2463e9
82804fe0a1f893ca7978fc2015075e6a424737acb870827ceee578d5d9d9759c
GET /gtm.js?id=GTM-NW5DZCL HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 13 Apr 2023 20:13:17 GMT
expires: Thu, 13 Apr 2023 20:13:17 GMT
cache-control: private, max-age=900
last-modified: Thu, 13 Apr 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 56341
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
assets.anytrack.io/1y0o6qdBqYHr.js
54.230.111.94200 OK 103 B URL GET HTTP/2 assets.anytrack.io/1y0o6qdBqYHr.js
IP 54.230.111.94:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerAmazon
Subjectanytrack.io
Fingerprint8E:28:1B:95:6D:A8:BB:0C:DE:7B:E1:D3:4B:A0:24:65:34:A7:22:10
ValidityThu, 16 Feb 2023 00:00:00 GMT - Sat, 16 Mar 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 69b5271584dd67a9e6ae79216fe30110
7753fe034a0843770954f6979f6830ff9a82f987
b55a87e172f834369dfb6a2176712509026e5b3de676343ccdc64410245081d9
GET /1y0o6qdBqYHr.js HTTP/1.1
Host: assets.anytrack.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 103
access-control-allow-origin: *
date: Thu, 13 Apr 2023 20:13:17 GMT
cache-control: public, max-age=600
etag: W/"67-d1P+A0oIQ3cJVPaXn2gw/5qC+Yc"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FFkHDiiIgRxCs56UgHW1lxUzT1-CzllPPsuyh-LR9pSyjY0wv28i4w==
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
142.250.74.106200 OK 1.2 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
IP 142.250.74.106:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint77:43:87:91:D0:0A:64:BD:84:1C:9A:F5:10:86:8E:8E:04:F1:F9:A3
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
Hash b338a449aac25727862af7a83379d59b
801a8ac5cce691dc61aeb709c41c8fb00f303776
234be38505e65cd7a5340db638bb8ff4ea2395272bc62b9fa836125c42d2c4c3
GET /css?family=Open+Sans:300,400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 13 Apr 2023 20:13:17 GMT
date: Thu, 13 Apr 2023 20:13:17 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68 472 B IP 104.18.32.68:0
Hash 5b26246fd39b6adcb8737a393a042c10
2f7f33ec760279afd2fc03ae8fb3156eda45675d
9432a417d5669c30fa60987ba47a7096da09eaa7759e6d798212730c6c7d9123
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 13 Apr 2023 20:13:17 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 12 Apr 2023 18:45:48 GMT
Expires: Wed, 19 Apr 2023 18:45:47 GMT
Etag: "2f7f33ec760279afd2fc03ae8fb3156eda45675d"
Cache-Control: max-age=512549,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b765e67eb450b02-OSL
www.usbfund.com/wp-content/uploads/phone.png
188.114.96.1200 OK 2.5 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/phone.png
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type PNG image data, 70 x 70, 4-bit colormap, non-interlaced\012- data
Hash b56838fff449db819b49eeb7e64ed614
74de76e6563e7d82a518d03f8f086554a2a3dac6
f91ead1cc6732a5af0755dfcbfcfc9b79f30e1d5d9f5a9e66859e4655438d136
GET /wp-content/uploads/phone.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: image/png
content-length: 2479
last-modified: Tue, 12 Oct 2021 16:10:11 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1%2Fh1IfgW27YcTbswhMMP7qCuXfxc%2BbvRSRIz8gRApPPGQvmiBbDVHzWjNtLTgT9atil9ahe3d8NlZIgVaz%2BKtsJXUQVU78jvLg527I0QfRmyUnR86Ip%2Bt0qrKRfRyekR%2F8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e65d910b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash f69556f96addf59393c63ef21818749b
789d0d9f1505ad2cecdf48a6c3c4c3fc393f0b6e
346892b415ce1392b9a8f898b417349886229bf9c81f62161f9fdc019f6e89aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Apr 2023 20:13:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash f69556f96addf59393c63ef21818749b
789d0d9f1505ad2cecdf48a6c3c4c3fc393f0b6e
346892b415ce1392b9a8f898b417349886229bf9c81f62161f9fdc019f6e89aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Apr 2023 20:13:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.usbfund.com/wp-content/themes/usb/images/logo_icon.png
188.114.96.1200 OK 2.2 kB URL GET HTTP/3 www.usbfund.com/wp-content/themes/usb/images/logo_icon.png
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type PNG image data, 53 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash 50946e7f85431c547526705a530f893f
573eff13df4dc4f2e6e0e1db1a9339d79e22ce3c
05bc3e4202452433d51079e0d6e348cb850ea55330da7786c1d5c7290d13400a
GET /wp-content/themes/usb/images/logo_icon.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: image/png
content-length: 2165
last-modified: Sat, 28 Sep 2019 00:36:10 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jjKmHL0%2BhDhweaZLRhG0GMA%2F50QDnyrLt0xg5TwdM8%2Fr%2F9290SZpDUsCucqqyCy0Zqn9TzbtfCn7uXjHWyZJ9cN002K1mACuprGA9%2BZRs1uu%2BcvIDNZZ%2FXjJZz8kuzoXXxk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e65d913b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/icon-paperwork.png
188.114.96.1200 OK 569 B URL GET HTTP/3 www.usbfund.com/wp-content/uploads/icon-paperwork.png
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type PNG image data, 64 x 64, 4-bit colormap, non-interlaced\012- data
Hash 0c4ac1d950bf0c487a56ab5eda6db7d3
df2764e14bc2f9e503e0303a794db2cd834187d9
5c330674c7a9b46f5466d015d4764d8f983e314b817f2a3caf4fc437b808f088
GET /wp-content/uploads/icon-paperwork.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: image/png
content-length: 569
last-modified: Sat, 28 Sep 2019 00:15:16 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qrilDsYKbzUFrbW2FKUCTbXdd3JfTco7Nyg1Dr0VXCwbVHwzUVSl7UwkEXUkz1QaK%2FV%2BfQ3cEbU6RMdhO9KD9h3i8bipfJ4fKaZLBz6tL0k263Ouh1Hyf3w57eOUpyx3lDA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e65d932b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/icon-approval.png
188.114.96.1200 OK 841 B URL GET HTTP/3 www.usbfund.com/wp-content/uploads/icon-approval.png
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type PNG image data, 64 x 64, 4-bit colormap, non-interlaced\012- data
Hash ae3c40db3ae713d3b2532f642579dc46
4c79d5f0d3aeb840763298eea898a69005955356
9f1e7382ee492be2670880685b2de565eef1ce8667cdedc03b2415c8c8e18012
GET /wp-content/uploads/icon-approval.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: image/png
content-length: 841
last-modified: Sat, 28 Sep 2019 00:15:17 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RtdLPqI2ogzcl4Opc2Xh%2FSo7oRjUMMB3ukxykpDqtB9kdgAJq2yqj8DarLJmcR%2FRVaoPOLcYiQF%2FbAkYPWu%2Fu3qsdrCKACh9ktC2TOPQsERcjo92To77hdlSOdDhPtTjT6I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e65d923b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226 1.4 kB URL ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 3d5c5c2cb0c3910a15b61256206c2d61
22b1718cdb7e8357d678bd1554f863ab4d6cf8d8
0b676e0d5e730abee8e2274235bb2f72a86e06a325d872729ba2957d4d6f70be
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 13 Apr 2023 20:13:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 17 Apr 2023 16:06:42 GMT
ETag: "22b1718cdb7e8357d678bd1554f863ab4d6cf8d8"
Last-Modified: Thu, 13 Apr 2023 16:06:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3375
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b765e688c2c0b02-OSL
www.usbfund.com/wp-content/uploads/featured-logo-02.png
188.114.96.1200 OK 5.8 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/featured-logo-02.png
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type PNG image data, 93 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash d2bfb41e522705be8e4a48895b996bca
df2507b75f1c0362bd168ea7ecf829f11469a926
968570479e59e9ff339d5c1d25e4c15011f8cb5ad243776b8cf62f51d28b0903
GET /wp-content/uploads/featured-logo-02.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: image/png
content-length: 5795
last-modified: Sat, 28 Sep 2019 00:13:58 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nmgNYNLZBL%2F8M%2B8LjhA0uCiKCPcRb%2B4MCOYA3DB%2BYU9c%2FZ5GzXBylQ37s3yfVlO8cgdWPnORQutfvFfXCMaVMlQCdLpZ6OipD%2B2t3ohODC5Bkz%2FpMHrAB460k0aGzdgW2Jo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e65d939b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/icon-trust.png
188.114.96.1200 OK 852 B URL GET HTTP/3 www.usbfund.com/wp-content/uploads/icon-trust.png
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type PNG image data, 64 x 64, 4-bit colormap, non-interlaced\012- data
Hash b717e782e85bd9f42d54ae002213b1c0
5eded8f0286e2872fb084e77126590241b50bd73
2e5819985db070ee25e744ee7d4c0e4733167289e9cf04c0f3790fb47f5e0a8c
GET /wp-content/uploads/icon-trust.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: image/png
content-length: 852
last-modified: Sat, 28 Sep 2019 00:14:21 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPov4%2F42HX5IQSCr9H6Nnw4dR0%2B%2FNGYRmJh%2BYrD3Yf6A%2BNH6wqYvAF04FYqGmlZSyrtdRXXRljar72yLnMOFoHJqINSnwbCm02lgsE7Sw2S0xNQunhfnYXNo%2FLYoU%2B9eWsA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e65d934b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/us-business-funding-logo-small.png
188.114.96.1200 OK 2.0 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/us-business-funding-logo-small.png
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash a5a71307aefd12c55fd16f36356f9a83
679b01f07d71f673b74fde71a5a0a9da8a8e486d
a2e02fabad9f481343e4e8050843b371e239956a637488eb7d2a9deff98245de
GET /wp-content/uploads/us-business-funding-logo-small.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: image/png
content-length: 2020
last-modified: Sat, 28 Sep 2019 00:14:51 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=goTrcxW%2Bs61W9HtqyMah5XEZGT08G3F1W5hmWjWu5STX2Rr9VYYM%2Bxwx1BsmTD6YWAaF%2F1wKMKLM%2B72N%2B8SpMVhBetdZ%2BwjCuUZtZulP36l4AtLXeNe1MwJXumZchIUSqOM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e65d916b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/themes/usb/images/logo_text.png
188.114.96.1200 OK 6.3 kB URL GET HTTP/3 www.usbfund.com/wp-content/themes/usb/images/logo_text.png
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type PNG image data, 250 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash 198c7fed73cadb12c23066fcad4e33e8
1f2616bb88b86ec79f3ce8cbbf74b3392c0b46bc
0053eb54a0f54484a915313939d858e1844208d2d0c4b410ce30e25d9cbc09ba
GET /wp-content/themes/usb/images/logo_text.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: image/png
content-length: 6307
last-modified: Sat, 28 Sep 2019 00:36:10 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3BuLkR6lhCGJYM8JX3ZXf5abmmXJX9DEgEXJss4qBBOWvHx94FKZSo%2FCK5uwHNpnbFDSqJSsxm3wfaQoUFNNXz71SZDpxSZ%2BBwcSK31aZPbmf%2FptUkoxG8A%2BQO0fgIeao4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e65d918b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/icon-lowest-cost.png
188.114.96.1200 OK 782 B URL GET HTTP/3 www.usbfund.com/wp-content/uploads/icon-lowest-cost.png
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type PNG image data, 64 x 64, 4-bit colormap, non-interlaced\012- data
Hash ad34d701a81be13e89ac5007f328c168
12bb1dd808cfb91272ec57d966c30c33b296ea22
e1b22c7c43c5594dfbf96d96dc1916f420a664234479c79180e82fdcb44fb6be
GET /wp-content/uploads/icon-lowest-cost.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: image/png
content-length: 782
last-modified: Sat, 28 Sep 2019 00:14:35 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gh%2FObu9UkA5lLHZAeWWzZ%2BddLpAK8SIqhhXX6FUj0wI7fd731uZVKupVtprS4Xi7jGnakaDtQjstuvw72Rp5XnqoIsehG2VfdtcsSHIUlnTq1DMgQ5jnNtviBALZS0hgZEY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e65d931b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/featured-logo-01.png
188.114.96.1200 OK 3.3 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/featured-logo-01.png
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type PNG image data, 164 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash 30427e02eea1cec61004e2fdb293e4d2
d3ba51be6c31147f379670d59cab54ec01b3b448
32161c4a44a1dcdddeeb852e2b6eea070839630ac3a719ac79a503cfd4d3892d
GET /wp-content/uploads/featured-logo-01.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: image/png
content-length: 3311
last-modified: Sat, 28 Sep 2019 00:14:38 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1D2184n%2FXNW8wpP0EaZBKX3hew9XNAuU4cx%2FXvIGw0QOXy7%2FpzrVR1VBtXIBrTOKKIS8rNQGkH4ntpGyhA37ltVDsGLYwAnR1tZYahPqFI3WBgNROpNkHyGQ6IaBPv1ceXw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e65d936b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/icon-247.png
188.114.96.1200 OK 992 B URL GET HTTP/3 www.usbfund.com/wp-content/uploads/icon-247.png
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type PNG image data, 64 x 64, 4-bit colormap, non-interlaced\012- data
Hash ef7c282ab6144fa5162ed00ca2ae0b66
263b7452a42c10de0401fea7ce10c580b1db9935
8fed20ba76c770f08d0c0a231f16b87cc7fa72e8ae89922b71f642f8ff026455
GET /wp-content/uploads/icon-247.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: image/png
content-length: 992
last-modified: Sat, 28 Sep 2019 00:14:10 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a7mDoDvXA4wJ9qYlltgKgel9mBWX2CTvkQU%2BNkZakSEM5dNCwt4kqm5fXLqSn7gJrGLXL3xgvqpcwLbPxTm8yyPyOp%2BJfKRdoKf%2F7RYHGm6rmW85b7GYXzD9CjDBVlrdhug%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e65d929b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/accredited-business-usbfunding.png
188.114.96.1200 OK 2.2 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/accredited-business-usbfunding.png
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type PNG image data, 180 x 75, 8-bit colormap, non-interlaced\012- data
Hash 3befe9c6fb5e6602893570b99d3920aa
1e7c1d352448864975a23135097e59593ae71456
d59962c29e3487892da60ef799f75523576b6f006d54fc3dd43bb6993588f1dc
GET /wp-content/uploads/accredited-business-usbfunding.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: image/png
content-length: 2244
last-modified: Sat, 28 Sep 2019 00:15:06 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wdBih%2FA2iRLdD%2FCJAkVoE2dUQs90eNZMilY%2B7d11tT8Rx8fidlAyyvR9Q4J1mlUAe9xiuOaDS0x1v%2BT3DNlzgkc31UfsefsP6yD6pCayBTFQpkqxZYq8UAMPYtlk9wCBalI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e65d944b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.google.com/recaptcha/api.js?hl=en&render=explicit&ver=6.1.1
142.250.74.164200 OK 556 B URL GET HTTP/2 www.google.com/recaptcha/api.js?hl=en&render=explicit&ver=6.1.1
IP 142.250.74.164:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint32:55:D3:30:01:87:C1:43:56:A2:49:7D:77:5F:E1:F2:3C:04:60:E7
ValidityMon, 20 Mar 2023 08:26:32 GMT - Mon, 12 Jun 2023 08:26:31 GMT
File type ASCII text, with very long lines (852), with no line terminators
Hash 8ed7feeb0c706549b1904b6011947366
08e222e4331aa0ddf4d46caa46a02580a517ee78
8e6c167b81942e984aff9709c661ef91fd35ebf4d1509e3fe2e59b8fd1758d28
GET /recaptcha/api.js?hl=en&render=explicit&ver=6.1.1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Thu, 13 Apr 2023 20:13:17 GMT
date: Thu, 13 Apr 2023 20:13:17 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 556
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/featured-logo-05.png
188.114.96.1200 OK 3.7 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/featured-logo-05.png
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type PNG image data, 135 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash 646b30b6704a2457b04bb12da4144c97
acadca7b80819db2100f2cf8341acdf47a2eb773
b6e64d31c4f5ab917ad1cddfe7fa745e7c4bfc2d5af33cfdaa8130eb14247bc8
GET /wp-content/uploads/featured-logo-05.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: image/png
content-length: 3721
last-modified: Sat, 28 Sep 2019 00:15:03 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2LJjUgDCjvIB%2F735WrbpcgCUlHeNCQIdfQ%2BO0vHf5ExJpJktCYKyhxVhbCbC1qqf7bWOovOIaYoffZk8YCE7Y5p3PpVYyNAsd0o7HaDcnxVH4P%2F6O4%2BIuoJQbK2Eaemir4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e65d941b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/featured-logo-06.png
188.114.96.1200 OK 2.7 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/featured-logo-06.png
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type PNG image data, 175 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash b7b5570d5d29fd453a5e65063849fcb1
b07b87612c74febb32961e10ed154dc2efdf19cb
886d709e142c957b0d93269a57fccc13800907c8ab90acc1f18c8bec259d3992
GET /wp-content/uploads/featured-logo-06.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: image/png
content-length: 2693
last-modified: Sat, 28 Sep 2019 00:14:38 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZZK1O1mFOzonQQQuCeOjcSsiZmL7xCQw03cwUlmQd7Z7T7H3nDIzcThr4A9EAWs6E8G4GsSW%2BEroxv2fLk3ssOEQdGPLeJElz1E68lENrY1ncC%2FM9p%2FZLYkOsl2EmpdLdA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e65d942b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/img-working-capital.jpg
188.114.96.1200 OK 13 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/img-working-capital.jpg
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 300x200, components 3\012- data
Hash 77e791f0bf53571239c7a08d4a6e71a6
596965606bcddfa0f5550bb1aee16ad83db76ead
93c2194c46571f708fc2f3af13766d0f2c93fa377f5c2ab6cbc08c68d7330cf6
GET /wp-content/uploads/img-working-capital.jpg HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: image/jpeg
content-length: 13371
last-modified: Sat, 28 Sep 2019 00:14:45 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z17n5yhFpl5ivxFkW%2BPLWMsMZUn5JWtWl%2FczkhgYy%2BYhPbuJdlHjaB6EDlhMy34t62Oj8gPd4qktMiFraKr%2FabCyxkRnSkXo%2FokK33QzYgTCNf04cZJt9Tbn7hm6SnvsMfw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e65d91cb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/norton-secured.png
188.114.96.1200 OK 3.0 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/norton-secured.png
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type PNG image data, 180 x 75, 8-bit colormap, non-interlaced\012- data
Hash 7d05b62893199c911ab6f798ec8127d2
e7dc7368c55a2fbccb17a82c1a25de39cea2907d
0b691c8e6d1b07ce3e066744ccfbf643d61f013ce51503b0a3ceb7a356562ed6
GET /wp-content/uploads/norton-secured.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: image/png
content-length: 3017
last-modified: Sat, 28 Sep 2019 00:14:45 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rrz2l4L6y%2BQUrlZDRq7aDJgb%2B8JdDEn0J4weGJ76RNoypyCZVrEfka8vNZqy9wEY9OPT2LTdOt%2FNT2blG8bKPwVAhkn0zLOK9A0OU4SPokrPDCb3%2Fhd7UzJb6vBLoyoCgCs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e65d945b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/icon-payment-option.png
188.114.96.1200 OK 874 B URL GET HTTP/3 www.usbfund.com/wp-content/uploads/icon-payment-option.png
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type PNG image data, 64 x 64, 4-bit colormap, non-interlaced\012- data
Hash d6e87ed2e1cf82afa5b7b807ff1b31d7
8bfa39f75ed53a385bdf9d0d6ee23c377028426d
fc18ba7522255ecb59d36fc99887aada814f88931f32c29f0a80a63c32589731
GET /wp-content/uploads/icon-payment-option.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: image/png
content-length: 874
last-modified: Sat, 28 Sep 2019 00:14:43 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=636LMoXEsVDMAKyzgnRkDMMnPaHxIs7geygKWv5X6Um2Co3RPOwXjHLZVhgeXI4RzR%2F6r0OL3voIIDRnwM44u7NwlvP30xD8xDDyS8xfGvx0wT9vJBCN5M38QawwjwagjMo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e65d92fb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/img-equipment-financing.jpg
188.114.96.1200 OK 20 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/img-equipment-financing.jpg
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 300x200, components 3\012- data
Hash c0d6bce27af13e3d574b79a7987df2c8
44838a75e7b8f4e85a060d6196d3aa2012edb288
7a14596bf6034bbdc2029a158ae6c4a9abfae64faca549cdbd581b5ab978b9d1
GET /wp-content/uploads/img-equipment-financing.jpg HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: image/jpeg
content-length: 20449
last-modified: Sat, 28 Sep 2019 00:14:55 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wUWL6hp1LxXferSTkzCLfpnPzgoHyIQt6yZvf%2BSh008rhvl9vbQiCPWct07jhF0%2BrnWD4e2z3KWM4DuiDZepg3gtvEoKK6PHgGoAKjMHUDYThmslhN2TEjwyHrBPrOZNqQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e65d920b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/featured-logo-04.png
188.114.96.1200 OK 5.8 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/featured-logo-04.png
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type PNG image data, 123 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash e94a0244f1a51d7565de08744375bd07
dde753e74a85c5f094dda6661ada486fdae50422
47bff975ef1626c064613532b237bd114911cdc835effdccb0d124c1432c17b2
GET /wp-content/uploads/featured-logo-04.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: image/png
content-length: 5757
last-modified: Sat, 28 Sep 2019 00:15:18 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CC1UEtgBtjlPn5fJ3tyCQ7f2NkcWzWpLsn%2BSbgtGgcVEihkTY7EpnVpK9D6bp3P36fPQ4XsMykgIgS5UC6HyNFWUNk0q0BfdKSeM8%2B2DW9bDIv4aSeTSb3snXPpz%2FwHvSZM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e65d93fb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/img-sba-loans.jpg
188.114.96.1200 OK 22 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/img-sba-loans.jpg
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 300x200, components 3\012- data
Hash 23f72b8211202321fc5bf2d79da57b7b
a2bcedea0c3396e1eb7106e1e576e900b1062221
516e99c672b4bc62df5134409b5e8918a95ce1bc59277743887f814762f313c1
GET /wp-content/uploads/img-sba-loans.jpg HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: image/jpeg
content-length: 21745
last-modified: Sat, 28 Sep 2019 00:14:43 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nopd7SxrNJ3nUSsw74%2F0wk5ehO3lo6XVRbAxhYGbNjUn5JeyH%2Bo28iypWfR7Bj%2FqENq0ABBTnNuMq8X0m%2FEPvvY2kEANUMqBC5pXcic0fuGLyP5ktiwicUnu%2Bf3v66jjL5k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e65d91db517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/img-vendor-program.jpg
188.114.96.1200 OK 13 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/img-vendor-program.jpg
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 300x200, components 3\012- data
Hash cc288539f794416629801dc7c0a313bf
254033b2c00433efd50fbe114e45ed2c638b2777
d92a25f5b72d7659b7e836cb1658e9c112ab37da85fe65813d0cc81070a8009a
GET /wp-content/uploads/img-vendor-program.jpg HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: image/jpeg
content-length: 12812
last-modified: Sat, 28 Sep 2019 00:14:24 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jeELyU%2Fnd%2BTbpwiPES8XVdfV5L4jPZtNWFj1RtedPBa%2BZN6KX4SFZRnyu7PKc%2BoMcfCgkHT%2B30dJ0pFVB4lLxLUgLiUnQQUj3gqJn%2BOLyIK9uOZi9YzHPt%2BuHEY9X%2BaHkYQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e65d91ab517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 54eb029f563d9e8d0240ddb87dcff371
370de2531a56d77d2d9aaaf019d5835091a04d66
a491202f3b565b38ce6ba5f9500cba5fc395c760de2aa22afc270d2c29cc8f59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Apr 2023 20:13:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.usbfund.com/wp-content/uploads/img-section-business.jpg
188.114.96.1200 OK 20 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/img-section-business.jpg
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 987x600, components 3\012- data
Hash 69b4568a70d5e823c2487ef75db31a3d
f716722204dfd61eefd092ba4aea0f5e03315d3e
31845c6cbd8abdf0187162d1170db2aa7643495bdffe3f92c301131c9d85af15
GET /wp-content/uploads/img-section-business.jpg HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: image/jpeg
content-length: 20080
last-modified: Sat, 28 Sep 2019 00:14:24 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F9L21k0ijxfhCdCOEvB3Tn6wK0yHMVH%2BL%2FXy%2BIUPR46K9gpmQ7O530ZFVgg1E8jdQHSFITGv6FhUmShO4yC2Ure4VyOR39EualJmThvNBjmQ6hXMV4H2y%2BPxMPEGWh65mAg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e65d92cb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/featured-logo-03.png
188.114.96.1200 OK 3.8 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/featured-logo-03.png
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type PNG image data, 83 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash ea461093328a47d28ed34df6be0ad850
5fad4dd9e9daea5b1cac739624cbd673c20fe7c2
37ea654d17c80dfb22d0ad091907b6d4009c76c4671728321fd51376a8df7cce
GET /wp-content/uploads/featured-logo-03.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: image/png
content-length: 3840
last-modified: Sat, 28 Sep 2019 00:15:13 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2BoQYsbnpqoy4bRNHnNQwaFNLIx5Lw%2BcgxfoOwC41%2B%2FPcWevW9VHAYx%2BKnD3mMp7p27CLjn3piN%2Fk6KixsZAgHrR85rfOSgqycgI3prjaa1HYll3GHlJl0Fr3sWvN2XF9tI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e65d93cb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
188.114.96.1200 OK 4.8 kB URL GET HTTP/3 www.usbfund.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type ASCII text, with very long lines (11126)
Hash cc7d54b38bf9762518d775a65291a0cd
03a539ae21166bd1a04ba29bf50a89dbd02696d5
0b77972089b6dd6bdfb4b1d8106e441a1c2cfeecbc1795e84fe471f3303dce68
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 11 Oct 2021 18:27:21 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BfZ9cbyKKoak4qgVHvmMHZPuqoTVVJBrvI9NuCrAgrbTGXnpy5JAIvue1yeTcOcn1iI4zZUyQ6Q%2F2PYqhMggsRq3e4elRRstwTLfYXaQpZ2v%2BLTeGdPichag2a0s%2FKr5Hkk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b765e65c8f5b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.googleapis.com/css?family=Roboto:400,900,700,500,300,100
142.250.74.106200 OK 80 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Roboto:400,900,700,500,300,100
IP 142.250.74.106:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint77:43:87:91:D0:0A:64:BD:84:1C:9A:F5:10:86:8E:8E:04:F1:F9:A3
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
Hash 6a24856e9e3cb9252c2f3b1bf09c44a3
80ea63aa258cb4c20558fed50eb9aff0f5de82eb
189f6945d1216dac9b74579c8ab08d4d2db5c84d061bff61b0e60ace087f7487
GET /css?family=Roboto:400,900,700,500,300,100 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 13 Apr 2023 20:13:17 GMT
date: Thu, 13 Apr 2023 20:13:17 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226 1.4 kB URL ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 3d5c5c2cb0c3910a15b61256206c2d61
22b1718cdb7e8357d678bd1554f863ab4d6cf8d8
0b676e0d5e730abee8e2274235bb2f72a86e06a325d872729ba2957d4d6f70be
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 13 Apr 2023 20:13:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 17 Apr 2023 16:06:42 GMT
ETag: "22b1718cdb7e8357d678bd1554f863ab4d6cf8d8"
Last-Modified: Thu, 13 Apr 2023 16:06:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3375
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b765e6a3e3a0b02-OSL
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash b62850cf81c01e1ec89accc52027840e
9b97657737d8ffb7ea37ef119b5dbaea5d24a0f4
7cc7f96981dae4cc8bab8bfaeb388a3e817f62a03e29b14d22b41ae339d8e177
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=135701
Date: Thu, 13 Apr 2023 20:13:17 GMT
Etag: "6437bc78-1d7"
Expires: Sat, 15 Apr 2023 09:54:58 GMT
Last-Modified: Thu, 13 Apr 2023 08:25:28 GMT
Server: ECAcc (dcb/7F67)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: y-4RvkuPFxCprV5oSq9qydWIax20SOp1t2j4c0He_ZAGRrAXjREj8w==
Age: 5370
www.googletagmanager.com/gtag/js?id=UA-210860007-1&l=dataLayer&cx=c
142.250.74.40200 OK 45 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=UA-210860007-1&l=dataLayer&cx=c
IP 142.250.74.40:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint3C:0B:85:94:2A:86:0A:B3:D0:9E:43:A9:87:6A:FB:56:49:9F:F6:B8
ValidityMon, 20 Mar 2023 08:17:43 GMT - Mon, 12 Jun 2023 08:17:42 GMT
File type ASCII text, with very long lines (2206)
Hash 0a0d975d39f0902bc920c16846c0663d
7227b94f9dac31a0996c0b8fe5b91c9bdfd99060
106eafe263d0750340d98123937ee829b0b0dffe795ce73e888608fd80bd961d
GET /gtag/js?id=UA-210860007-1&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.googletagmanager.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 13 Apr 2023 20:13:17 GMT
expires: Thu, 13 Apr 2023 20:13:17 GMT
cache-control: private, max-age=900
last-modified: Thu, 13 Apr 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44622
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
d.impactradius-event.com/A870624-b043-4b58-adb6-a8c4d22ccc5b1.js
35.186.249.72200 OK 13 kB URL GET HTTP/2 d.impactradius-event.com/A870624-b043-4b58-adb6-a8c4d22ccc5b1.js
IP 35.186.249.72:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerSectigo Limited
Subject*.impactradius-event.com
FingerprintEE:D3:74:1B:8F:1B:24:D4:38:F2:AE:C9:B9:44:66:42:09:32:9A:5A
ValidityWed, 07 Dec 2022 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT
File type C source, ASCII text, with very long lines (40914), with no line terminators
Hash 833e9c2431f16a9e4e590d8c18a01169
d932b0dc73f5dbe2f30c5991fbc95d598a7d6855
ba6dea3209c3bf545ed7db2f134ab8d241599d778988697a345124a4aa8d491a
GET /A870624-b043-4b58-adb6-a8c4d22ccc5b1.js HTTP/1.1
Host: d.impactradius-event.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvjkLupVLnnLXIw_LuKLqqVg13JdZEa1T818KH3kdFwH-Oh0_uMDG0fC54h7UGg1aPDbNmjyEUZBTtqJ1YhtDyh
date: Thu, 13 Apr 2023 20:13:17 GMT
cache-control: public,max-age=900,s-maxage=300
expires: Thu, 13 Apr 2023 20:18:17 GMT
last-modified: Tue, 18 Feb 2020 03:47:29 GMT
etag: "833e9c2431f16a9e4e590d8c18a01169"
vary: Accept-Encoding
x-goog-generation: 1581997649126919
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 12876
content-type: text/javascript; charset=utf-8
content-encoding: gzip
x-goog-hash: crc32c=PZt+Nw==, md5=gz6cJDHxap5OWQ2MGKARaQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 12876
access-control-allow-origin: *
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
scripts.iconnode.com/100980.js
54.230.111.96200 OK 7.7 kB URL GET HTTP/2 scripts.iconnode.com/100980.js
IP 54.230.111.96:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerAmazon
Subject*.iconnode.com
Fingerprint2A:FB:28:30:52:32:14:03:84:5D:DF:C4:71:E9:EB:81:7F:A6:1A:60
ValidityMon, 27 Feb 2023 00:00:00 GMT - Tue, 22 Aug 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (46582), with no line terminators
Hash 05a6d57113e7870d8851ed0faf8ca12f
315c52641f469ec7e571648d5333982579cb6da3
0f4d04e15b0a5cb9f2e59f3cc9a7b36d522db0e7712454d1f962e77723348eb3
GET /100980.js HTTP/1.1
Host: scripts.iconnode.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-length: 7683
date: Thu, 13 Apr 2023 11:51:36 GMT
last-modified: Mon, 26 Sep 2022 18:10:24 GMT
etag: "05a6d57113e7870d8851ed0faf8ca12f"
cache-control: max-age=0
content-encoding: gzip
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mM2S99W2lUUte6lKqBkLgiAhkF6pN6hw1DqkVOsD5BNbZT73_8dK8A==
age: 30102
X-Firefox-Spdy: h2
d.impactradius-event.com/A870624-b043-4b58-adb6-a8c4d22ccc5b1.js
35.186.249.72200 OK 13 kB URL GET HTTP/2 d.impactradius-event.com/A870624-b043-4b58-adb6-a8c4d22ccc5b1.js
IP 35.186.249.72:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerSectigo Limited
Subject*.impactradius-event.com
FingerprintEE:D3:74:1B:8F:1B:24:D4:38:F2:AE:C9:B9:44:66:42:09:32:9A:5A
ValidityWed, 07 Dec 2022 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT
File type C source, ASCII text, with very long lines (40914), with no line terminators
Hash 833e9c2431f16a9e4e590d8c18a01169
d932b0dc73f5dbe2f30c5991fbc95d598a7d6855
ba6dea3209c3bf545ed7db2f134ab8d241599d778988697a345124a4aa8d491a
GET /A870624-b043-4b58-adb6-a8c4d22ccc5b1.js HTTP/1.1
Host: d.impactradius-event.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvjkLupVLnnLXIw_LuKLqqVg13JdZEa1T818KH3kdFwH-Oh0_uMDG0fC54h7UGg1aPDbNmjyEUZBTtqJ1YhtDyh
x-goog-generation: 1581997649126919
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 12876
content-encoding: gzip
x-goog-hash: crc32c=PZt+Nw==, md5=gz6cJDHxap5OWQ2MGKARaQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 12876
access-control-allow-origin: *
server: UploadServer
date: Thu, 13 Apr 2023 20:13:17 GMT
expires: Thu, 13 Apr 2023 20:18:17 GMT
cache-control: public,max-age=900,s-maxage=300
last-modified: Tue, 18 Feb 2020 03:47:29 GMT
etag: "833e9c2431f16a9e4e590d8c18a01169"
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68 472 B IP 104.18.32.68:0
Hash 5b26246fd39b6adcb8737a393a042c10
2f7f33ec760279afd2fc03ae8fb3156eda45675d
9432a417d5669c30fa60987ba47a7096da09eaa7759e6d798212730c6c7d9123
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 13 Apr 2023 20:13:17 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 12 Apr 2023 18:45:48 GMT
Expires: Wed, 19 Apr 2023 18:45:47 GMT
Etag: "2f7f33ec760279afd2fc03ae8fb3156eda45675d"
Cache-Control: max-age=512549,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b765e6b1f7b0b02-OSL
shield.sitelock.com/shield/usbfund.com
45.60.14.54200 OK 35 B URL GET HTTP/1.1 shield.sitelock.com/shield/usbfund.com
IP 45.60.14.54:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerSectigo Limited
Subject*.sitelock.com
FingerprintDE:BD:8E:1E:86:D4:91:AC:F6:A4:EA:0E:96:1E:C4:D3:20:EE:C7:80
ValidityThu, 02 Feb 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type GIF image data, version 87a, 1 x 1\012- data
Hash 04d590ce36fcc6369f590ccfb7409e57
a3a71e8194f5541400b26be34f791d106f33256e
b18c315b986e7bcf03bbfff949dd65345f4cbabeec5267ade74c354d73cf5e28
GET /shield/usbfund.com HTTP/1.1
Host: shield.sitelock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif; charset=ISO-8859-1
Content-Length: 35
Date: Thu, 13 Apr 2023 20:13:17 GMT
Server: lighttpd
Set-Cookie: nlbi_275317=u257NR82VzXdN2jzmBeFbAAAAADhIrjLF32YjS/AShTetqKj; path=/; Domain=.sitelock.com
visid_incap_275317=HxKuuEkzRqugvj/XqI83BV1iOGQAAAAAQUIPAAAAAAByCY6DR3Qef1/SWwOFVo6E; expires=Thu, 11 Apr 2024 22:17:43 GMT; HttpOnly; path=/; Domain=.sitelock.com
incap_ses_277_275317=PlJFcitM5BFRec9SnRrYA11iOGQAAAAAZqit68mi/InJAw6wFqlBcA==; path=/; Domain=.sitelock.com
X-CDN: Imperva
X-Iinfo: 13-66570550-66562939 2NNN RT(1681416796715 579) q(0 0 0 0) r(2 2)
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 0b2b5b556190d0a01c8eeb19d631f315
aead55272da30418fc45d3d3efb690361cd33cee
e5365fa2375a844bd9800ba61ce41ddf8dcd76c5f58f42bde1f6f8703a5a60d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Apr 2023 20:13:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 0b2b5b556190d0a01c8eeb19d631f315
aead55272da30418fc45d3d3efb690361cd33cee
e5365fa2375a844bd9800ba61ce41ddf8dcd76c5f58f42bde1f6f8703a5a60d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Apr 2023 20:13:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 0b2b5b556190d0a01c8eeb19d631f315
aead55272da30418fc45d3d3efb690361cd33cee
e5365fa2375a844bd9800ba61ce41ddf8dcd76c5f58f42bde1f6f8703a5a60d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Apr 2023 20:13:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 0b2b5b556190d0a01c8eeb19d631f315
aead55272da30418fc45d3d3efb690361cd33cee
e5365fa2375a844bd9800ba61ce41ddf8dcd76c5f58f42bde1f6f8703a5a60d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Apr 2023 20:13:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint76:06:6A:AA:FB:72:F8:BA:90:67:2F:91:97:14:FB:68:D0:65:E9:22
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Apr 2023 17:14:52 GMT
expires: Fri, 12 Apr 2024 17:14:52 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 10706
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
IP 216.58.207.227:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint76:06:6A:AA:FB:72:F8:BA:90:67:2F:91:97:14:FB:68:D0:65:E9:22
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
File type Web Open Font Format (Version 2), TrueType, length 15528, version 1.0\012- data
Hash 595fe3fc0b85f3cc9ef5aed2d519abc5
96e76de44987e9dec2f97f1e5eb7a18c738daf5d
747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Apr 2023 15:53:01 GMT
expires: Fri, 12 Apr 2024 15:53:01 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:53:07 GMT
content-type: font/woff2
age: 15617
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.1.2
188.114.96.1200 OK 17 kB URL GET HTTP/3 www.usbfund.com/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.1.2
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type ASCII text, with very long lines (4610)
Hash 22337bd06e05fe6ab1b14fee34255b83
68c74736324a1f8bc5fbc02a0dfdea34a6a2511e
7a6e145ef3c9550b6b8373aee3976e742b9208e38701fe7245273a6c302f6ec4
GET /wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.1.2 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2019 00:22:39 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QuaJ56xpYO4KEeuveuAu1QdyeSjvkWmuAkPXhdOVV3mfzesKQZ7jynnMJ8HVNWeABctroZOfwfjQLpgLW722aYoSZvgg03mj1BF1%2B2hW5%2BSY8TdQEWGO54Id8qXOv4YwB08%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b765e65f962b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint76:06:6A:AA:FB:72:F8:BA:90:67:2F:91:97:14:FB:68:D0:65:E9:22
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 11 Apr 2023 10:31:10 GMT
expires: Wed, 10 Apr 2024 10:31:10 GMT
cache-control: public, max-age=31536000
age: 207728
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint76:06:6A:AA:FB:72:F8:BA:90:67:2F:91:97:14:FB:68:D0:65:E9:22
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 08 Apr 2023 10:24:06 GMT
expires: Sun, 07 Apr 2024 10:24:06 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 467352
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/themes/usb/js/plugins.js
188.114.96.1200 OK 44 kB URL GET HTTP/3 www.usbfund.com/wp-content/themes/usb/js/plugins.js
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type HTML document, ASCII text, with very long lines (17791), with CRLF line terminators
Hash 09078cbb9eb261959b68b6e674917bad
8a0eb0f05217769b4dd928bf7facfb1906b5403c
3914972a28b985f329f00f9958d3da887eb66a30cdf45891b555cac88d6f6af0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/usb/js/plugins.js HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2019 00:35:52 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rsg6rsaXBD3LG8UIAakjEhP9dMZrABi69wnHlru3YsBQaJwHr6qisCHUHQHsSvLrQzCc5hWHSUM%2BMKZ5ope0m0m2%2FkgfsirkElNZCLg35hWC%2BKfQ%2F1nvaO5NRyB88CS0vNk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b765e65f95cb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/themes/usb/js/accounting.min.js
188.114.96.1200 OK 17 kB URL GET HTTP/3 www.usbfund.com/wp-content/themes/usb/js/accounting.min.js
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type ASCII text, with very long lines (3019)
Hash 24c8f2475761b36f779d9f7f98538b92
5e892447fa008b345ad82315ba949a1cbbc5bea0
a8adc5894ca94191d51fc2ede69c035203ed61b35fde80441e300380938ff8ce
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/usb/js/accounting.min.js HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2019 00:35:52 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmxAxRSZOk%2FAKIQ4lf0%2Fy9phtVSYqaX2TaIOZMF5H0M143CimYkgTQB%2Bap7AmCZ5TxKPg9zGYz6xHpOrcm4HID8Ec5ZQV4UMG1ItaP%2BEDuC%2Bvsmh6CxZhag47r4n50dho74%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b765e65f965b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/bg-section-header.png
188.114.96.1200 OK 22 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/bg-section-header.png
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type PNG image data, 1920 x 149, 8-bit colormap, non-interlaced\012- data
Hash 65b13235e26653c77b0ed328dfdb8dc2
2dcc21d12b909058345b01f087062f6b59f4f05c
acba6ce2f083bf3e78176be5f1c68dfbeb67e609472b4f8c034ba8676d0995b2
GET /wp-content/uploads/bg-section-header.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: _gcl_au=1.1.1481877944.1681416851; __ss=1681416851710; __ss_referrer=https%3A//www.usbfund.com/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413; _ga_YYEX7W0G95=GS1.1.1681416851.1.0.1681416851.0.0.0; _ga=GA1.1.1307571823.1681416852; wc_visitor=100980-c60d1af1-1c22-ea47-fa58-8e9a9dc568ad; wc_client=bayengage+..+campaign-email+..+sales-0413+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413+..+100980-c60d1af1-1c22-ea47-fa58-8e9a9dc568ad+..+; wc_client_current=bayengage+..+campaign-email+..+sales-0413+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413+..+100980-c60d1af1-1c22-ea47-fa58-8e9a9dc568ad+..+; IR_gbd=usbfund.com; IR_7486=1681416851847%7C0%7C1681416851847%7C%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:18 GMT
content-type: image/png
content-length: 22531
last-modified: Sat, 28 Sep 2019 00:14:58 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dcCqJejRUHWwCI9hO1GP04mUHjBWvev%2FZjt3qx1GX07rhM7flphjH3eCQR62f47coO3z0WdpfVIBIAYwE8o840vY7rbgF94fL4jQ2KxzpA86blqjy7EvT9PDNrz3487Zki8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e6c0bddb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700
142.250.74.106200 OK 4.3 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700
IP 142.250.74.106:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint77:43:87:91:D0:0A:64:BD:84:1C:9A:F5:10:86:8E:8E:04:F1:F9:A3
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
File type ASCII text, with very long lines (13396)
Hash 05fbdb26a656ac3dc8a6cf3324e1165e
4adc2bd5968cad9495fd3b2e0f5d9e112e2e1b3d
4d4feac06755e84cd0d86ad16b8d7d28cd7237d91b393f919807d3f3382baa29
GET /css?family=Roboto+Condensed:300,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 13 Apr 2023 20:13:17 GMT
date: Thu, 13 Apr 2023 20:13:17 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/themes/usb/style.css
188.114.96.1200 OK 14 kB URL GET HTTP/3 www.usbfund.com/wp-content/themes/usb/style.css
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type ASCII text, with very long lines (6744)
Hash 3cb4d117094a5b5da26c664bd32f1c00
ca35d21ea32fb372db43b2d6bc8a1ecd967c9135
e142f64da72d589dc4b3cfdec119645afb57f2b135958e3f303a423a373c8e10
GET /wp-content/themes/usb/style.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 13 Apr 2022 22:11:44 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DyHZkrEbJMr0spPvwJFKMMWPTJrLkqgsdxkHq7Xpx%2BSz%2Fzwz7M6IutuX0TZOXuD4Huj6DD1kYVwCTbe4QQhcQmkDgKGKhm5FRaz1IsXPPNPFIBRK%2BmlpHUiwWF3ALPt%2FWt8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b765e65b8e4b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/icon-arrow-down-white.png
188.114.96.1200 OK 172 B URL GET HTTP/3 www.usbfund.com/wp-content/uploads/icon-arrow-down-white.png
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type PNG image data, 14 x 14, 8-bit gray+alpha, non-interlaced\012- data
Hash 26d3bceaf73fad28fb322b6646860f78
1b70241f618df47a01729534d376a57c57bd8c07
0077bc52b60eb51d8785f3aa812a2cdcce59acd3a0b70a801b82c563787e1a7c
GET /wp-content/uploads/icon-arrow-down-white.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: _gcl_au=1.1.1481877944.1681416851; __ss=1681416851710; __ss_referrer=https%3A//www.usbfund.com/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413; _ga_YYEX7W0G95=GS1.1.1681416851.1.0.1681416851.0.0.0; _ga=GA1.1.1307571823.1681416852; wc_visitor=100980-c60d1af1-1c22-ea47-fa58-8e9a9dc568ad; wc_client=bayengage+..+campaign-email+..+sales-0413+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413+..+100980-c60d1af1-1c22-ea47-fa58-8e9a9dc568ad+..+; wc_client_current=bayengage+..+campaign-email+..+sales-0413+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413+..+100980-c60d1af1-1c22-ea47-fa58-8e9a9dc568ad+..+; IR_gbd=usbfund.com; IR_7486=1681416851847%7C0%7C1681416851847%7C%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:18 GMT
content-type: image/png
content-length: 172
last-modified: Sat, 28 Sep 2019 00:15:12 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F76pg5UkcqhCAwxhk0hX%2FP3mdyrrzshf8T7y4c1lETjPN%2FI5tAYHMkE7%2FCp5oPcIuh6C0RP91kO6mXBdKSOxG1CMSS2VT69sapk1obOdcdXScicGwAmby4oQXRQ9OuSIfmA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e6c0be9b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 9fb4e80580930fafc0090464cc59ae66
9b5038f2cae5e401e8660e7c7848410e0b3c0616
48e45e2d0a982d13fa6cda44d0c219ecb413b291156af25ed565292f8569c075
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 13 Apr 2023 20:13:18 GMT
Last-Modified: Thu, 13 Apr 2023 18:42:57 GMT
Server: ECAcc (nya/1C1E)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: dyAagP6gofHtbmj-Ks21EprhjdsO3L0x-M2PN5TWAI_wn-YBId49Nw==
Age: 5421
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 0b2b5b556190d0a01c8eeb19d631f315
aead55272da30418fc45d3d3efb690361cd33cee
e5365fa2375a844bd9800ba61ce41ddf8dcd76c5f58f42bde1f6f8703a5a60d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Apr 2023 20:13:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/main.js
143.204.55.101200 OK 31 kB URL GET HTTP/2 widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/main.js
IP 143.204.55.101:443
Requested by https://widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=57559cd10000ff00058effd9#locale=en-US&styleHeight=240px&styleWidth=100%25&theme=light&stars=5&schemaType=Organization
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintED:01:2E:50:4C:98:9B:F1:34:D7:8C:1E:93:45:E6:05:00:3C:47:86
ValidityThu, 02 Feb 2023 00:00:00 GMT - Sat, 02 Mar 2024 23:59:59 GMT
File type Unicode text, UTF-8 (with BOM) text, with very long lines (64030), with no line terminators
Hash 2e3edb0ca56a4b6e3a0425ac711a5928
fb9a6bcba231dc84aa0a352495b74a5fb0090fd3
d000cdf690d72aba7baa5530f3a3d42bd3666e0cdac906f9e04bbbd3348d2a65
GET /trustboxes/54ad5defc6454f065c28af8b/main.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=57559cd10000ff00058effd9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 31025
last-modified: Tue, 21 Mar 2023 10:45:42 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Thu, 13 Apr 2023 03:35:25 GMT
cache-control: max-age=86400
etag: "2e3edb0ca56a4b6e3a0425ac711a5928"
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DsXRAfdZ4Si76-ATbLoGOruczHbooqFegL-7F-S-OsSMOCuY_kBoOg==
age: 59875
X-Firefox-Spdy: h2
www.usbfund.com/fonts/socicon.woff
188.114.96.1200 OK 31 kB URL GET HTTP/3 www.usbfund.com/fonts/socicon.woff
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type Web Open Font Format, TrueType, length 31444, version 1.0\012- data
Hash dcbd1f9c4275862f002f21619e96b8f4
a97cd865925e5102ae7c25aa5dd09112ccf50651
a680b776319127695950fd7c490b17cd15120d683bde57845707a2f7dc0f1a74
Analyzer Verdict Alert fortinet Malware
GET /fonts/socicon.woff HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: _gcl_au=1.1.1481877944.1681416851; __ss=1681416851710; __ss_referrer=https%3A//www.usbfund.com/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413; _ga_YYEX7W0G95=GS1.1.1681416851.1.0.1681416851.0.0.0; _ga=GA1.1.1307571823.1681416852; wc_visitor=100980-c60d1af1-1c22-ea47-fa58-8e9a9dc568ad; wc_client=bayengage+..+campaign-email+..+sales-0413+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413+..+100980-c60d1af1-1c22-ea47-fa58-8e9a9dc568ad+..+; wc_client_current=bayengage+..+campaign-email+..+sales-0413+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413+..+100980-c60d1af1-1c22-ea47-fa58-8e9a9dc568ad+..+; IR_gbd=usbfund.com; IR_7486=1681416851847%7C0%7C1681416851847%7C%7C
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:18 GMT
content-type: font/woff
content-length: 31444
last-modified: Fri, 27 Sep 2019 21:47:06 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNKhP2wDOk7wZSa5DWU0wmAA9Z1E5%2Fmz1qNOOMkMUMeDBzwPaBgxcw0iU%2BJMVs6JhekisK2tJQk%2FHtjF7KmC%2BLtkl1frJU4HTIcIO9kCSayvQ0EkeYInDFrtQTZ684nyqrw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e6c5c5eb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/themes/usb/css/grid.css
188.114.96.1200 OK 7.8 kB URL GET HTTP/3 www.usbfund.com/wp-content/themes/usb/css/grid.css
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type assembler source, ASCII text, with very long lines (3536), with CRLF line terminators
Hash 060ce7852b94acc43a9ebfb81191d9f9
b664a772da1ccad32834a173830f502d87984ba0
baed9f89e16cf4c344c2c8539bf04f0a6c44f42ef055204b4c9f378e982501bc
GET /wp-content/themes/usb/css/grid.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2019 00:35:49 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2CrAlgPuoeMSQBaLPu%2B%2FcSN7buWGOgTeYpzOlIRjazc8Sgl4wovDZnuyCKuDSBcFB55Lv5Bty2qvOClyPxcV6DEn3uRLC289KveY7mLRsUihH3nT5U4ifbbH2wlLkhu24C8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b765e65b8cfb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/bg-section-business.jpg
188.114.96.1200 OK 349 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/bg-section-business.jpg
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x600, components 3\012- data
Size 349 kB (348779 bytes)
Hash de5e6695d4d920c79dc59cf349165609
fdbc5c62b647b966b29475c703fef8e6df2265ac
39e955407048d0e1e09f62e68f65d266f2b641512ed1918c79c3778cca72b931
GET /wp-content/uploads/bg-section-business.jpg HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: _gcl_au=1.1.1481877944.1681416851; __ss=1681416851710; __ss_referrer=https%3A//www.usbfund.com/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413; _ga_YYEX7W0G95=GS1.1.1681416851.1.0.1681416851.0.0.0; _ga=GA1.1.1307571823.1681416852; wc_visitor=100980-c60d1af1-1c22-ea47-fa58-8e9a9dc568ad; wc_client=bayengage+..+campaign-email+..+sales-0413+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413+..+100980-c60d1af1-1c22-ea47-fa58-8e9a9dc568ad+..+; wc_client_current=bayengage+..+campaign-email+..+sales-0413+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413+..+100980-c60d1af1-1c22-ea47-fa58-8e9a9dc568ad+..+; IR_gbd=usbfund.com; IR_7486=1681416851847%7C0%7C1681416851847%7C%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:18 GMT
content-type: image/jpeg
content-length: 348779
last-modified: Sat, 28 Sep 2019 00:15:01 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GX1JohbUu4OJxtfe%2Fvd0EbsjYW6GHPJpGErgv1iLNqSdt53ezFmRrFez4TTMOpDZeOc4uMqm08ySwSAhtTiT3XSKwMen4ru0iIBElrBhI7zx24cyKDwFsIG81cpqTBMXVvI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e6c0befb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=240px&styleWidth=100%25&theme=light&stars=5&schemaType=Organization&url=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=57559cd10000ff00058effd9&widgetId=54ad5defc6454f065c28af8b
143.204.55.101 0 B URL widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=240px&styleWidth=100%25&theme=light&stars=5&schemaType=Organization&url=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=57559cd10000ff00058effd9&widgetId=54ad5defc6454f065c28af8b
IP 143.204.55.101:0
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintED:01:2E:50:4C:98:9B:F1:34:D7:8C:1E:93:45:E6:05:00:3C:47:86
ValidityThu, 02 Feb 2023 00:00:00 GMT - Sat, 02 Mar 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxImpression?locale=en-US&styleHeight=240px&styleWidth=100%25&theme=light&stars=5&schemaType=Organization&url=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=57559cd10000ff00058effd9&widgetId=54ad5defc6454f065c28af8b HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=57559cd10000ff00058effd9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Thu, 13 Apr 2023 20:13:17 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Wds_Kmb3gckhoVKrSAs5g56sU-7fSTyEtNNaFG2_m6D4v7KvhOkY5g==
X-Firefox-Spdy: h2
tag.getdrip.com/9726461.js
143.204.55.93200 OK 8 B URL GET HTTP/2 tag.getdrip.com/9726461.js
IP 143.204.55.93:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerAmazon
Subject*.getdrip.com
Fingerprint3E:57:50:A6:D1:A1:2E:AF:A3:74:E3:E3:F5:0E:42:F8:C9:9F:C8:C8
ValidityFri, 24 Feb 2023 00:00:00 GMT - Sat, 27 Jan 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash de2e1607e500ee465eca3ec4505c0859
cfd432c8178796a4af548a7ed62f09bdf5fbb897
295bdad3ed86f4eeb0249f30e724344ec7be85582094013a85403ecbb77a0047
GET /9726461.js HTTP/1.1
Host: tag.getdrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-length: 8
last-modified: Fri, 20 May 2022 20:08:53 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 13 Apr 2023 20:13:19 GMT
etag: "de2e1607e500ee465eca3ec4505c0859"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6z2n4k52YIDsGEAat8PMR2Dg_RMTT6Qhmm5nwMQcBgv6gsUQKi3F7w==
X-Firefox-Spdy: h2
koi-3qnetrwct6.marketingautomation.services/client/ss.js?ver=1.1.1
130.211.21.179200 OK 5.2 kB URL GET HTTP/2 koi-3qnetrwct6.marketingautomation.services/client/ss.js?ver=1.1.1
IP 130.211.21.179:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGlobalSign nv-sa
Subject*.marketingautomation.services
FingerprintB7:49:65:C5:92:42:69:3D:A0:BB:F8:6B:B1:7D:06:FF:FF:16:AC:36
ValidityFri, 03 Jun 2022 16:56:02 GMT - Wed, 05 Jul 2023 16:56:01 GMT
Hash 2e0919b1de14a16a989c0e575d2f4983
6e679630db642f606f7d9b37b335716d2a07b67c
51b66f5d89670c8d4a88922246046c08b6d6913c0aa1065b33b41e6e5af79a9a
GET /client/ss.js?ver=1.1.1 HTTP/1.1
Host: koi-3qnetrwct6.marketingautomation.services
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: application/javascript
last-modified: Thu, 06 Apr 2023 19:12:21 GMT
vary: Accept-Encoding
etag: W/"642f1995-2fe4"
expires: Thu, 20 Apr 2023 20:13:17 GMT
cache-control: max-age=604800, public
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
process.iconnode.com/keyword/
76.223.116.242200 OK 37 B URL POST HTTP/2 process.iconnode.com/keyword/
IP 76.223.116.242:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerAmazon
Subject*.iconnode.com
Fingerprint9B:D9:8F:2B:6E:54:34:2B:76:90:C5:C5:C7:49:BA:05:C5:D3:05:43
ValidityThu, 09 Feb 2023 00:00:00 GMT - Mon, 26 Jun 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash fac2c1e20a128685cdcba772a8c9b296
f127be1ffc01fdd3ea9089f3ab40865696e1b17c
3061414be1c4f3e0684da28abcf00646a28a40fda5a9a12e6948628b6d5a6991
POST /keyword/ HTTP/1.1
Host: process.iconnode.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 770
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 13 Apr 2023 20:13:18 GMT
content-type: text/html; charset=UTF-8
content-length: 37
server: Apache/2.4.56 () OpenSSL/1.0.2k-fips PHP/7.4.33
x-powered-by: PHP/7.4.33
access-control-allow-origin: https://www.usbfund.com
access-control-allow-credentials: true
access-control-max-age: 86400
X-Firefox-Spdy: h2
www.sendlane.com/js/eventing.js
54.194.170.100404 Not Found 3.7 kB URL GET HTTP/2 www.sendlane.com/js/eventing.js
IP 54.194.170.100:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerLet's Encrypt
Subjectwww.sendlane.com
Fingerprint81:C7:7B:71:A6:19:A5:09:E7:0D:AA:3F:4E:59:53:D0:9D:35:88:FD
ValiditySat, 04 Feb 2023 09:10:51 GMT - Fri, 05 May 2023 09:10:50 GMT
Hash d200afecb866dc541d79c614783d824c
217e2efe2d423fb2574f6ef34db72870a28e6fd7
1e2de28b018c1d3618058d976d0cc22bc9cb32a0296204d38a0053ca98131bcb
GET /js/eventing.js HTTP/1.1
Host: www.sendlane.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Thu, 13 Apr 2023 20:13:18 GMT
content-type: text/html
cache-control: private, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
etag: W/"198f38261396142b32b02c01a27e4e4c"
last-modified: Tue, 11 Apr 2023 20:39:16 GMT
x-frame-options: SAMEORIGIN
accept-ranges: bytes
x-served-by: cache-iad-kcgs7200144-IAD, cache-dub4327-DUB
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1681416798.381977,VS0,VE184
vary: Accept-Encoding,x-wf-forwarded-proto
x-cluster-name: eu-west-1-prod-edge-blue
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/USBusinessFunding-Home1.png
188.114.96.1200 OK 944 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/USBusinessFunding-Home1.png
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type PNG image data, 1696 x 1131, 8-bit colormap, non-interlaced\012- data
Size 944 kB (944072 bytes)
Hash b4b6bd078ef229456fc9d5b22d31ca0e
51cb87382bfb8b0029df296adb021229ad4cf6da
870b85b6771aeb0fc9c84c444ca24919dd6f71e4b34a6bb97003a0a4f34bdfd3
GET /wp-content/uploads/USBusinessFunding-Home1.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: _gcl_au=1.1.1481877944.1681416851; __ss=1681416851710; __ss_referrer=https%3A//www.usbfund.com/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413; _ga_YYEX7W0G95=GS1.1.1681416851.1.0.1681416851.0.0.0; _ga=GA1.1.1307571823.1681416852; wc_visitor=100980-c60d1af1-1c22-ea47-fa58-8e9a9dc568ad; wc_client=bayengage+..+campaign-email+..+sales-0413+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413+..+100980-c60d1af1-1c22-ea47-fa58-8e9a9dc568ad+..+; wc_client_current=bayengage+..+campaign-email+..+sales-0413+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413+..+100980-c60d1af1-1c22-ea47-fa58-8e9a9dc568ad+..+; IR_gbd=usbfund.com; IR_7486=1681416851847%7C0%7C1681416851847%7C%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:18 GMT
content-type: image/png
content-length: 944072
last-modified: Sat, 28 Sep 2019 00:14:13 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4RKEz%2BRCZWyV%2BPN6687FJEVX4v0dGEALwmEueSWdkJ9SmNDMYvIMeWTb9vPuHvb0tychEmBl5ulzY%2BpK8pM%2F%2FjSQPha6W0OUnj5PUteKF8lRtvIyaGfjpY7Av0qgIYpiZM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e6c0becb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
207.137.0.213200 OK 6.5 kB URL GET HTTP/2 www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
IP 207.137.0.213:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (540), with CRLF line terminators
Hash 90eb279067fbfef2bbac489a3d8a4a96
83fad226c0833f48807799f5269e3eb15f078c86
f4a2c2dbdbe3b751c246d6c0f102de78e09cf7f4b0c96aec49f311d2412c7aea
GET /companywidget.aspx?ID=100094667&WidgetType=1 HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=2pezkosyf3y3050uvrxaporc; path=/; secure; HttpOnly; SameSite=Lax
date: Thu, 13 Apr 2023 20:13:18 GMT
content-length: 6465
X-Firefox-Spdy: h2
serve.albacross.com/track.js
143.204.55.30200 OK 3.9 kB URL GET HTTP/1.1 serve.albacross.com/track.js
IP 143.204.55.30:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerAmazon
Subject*.albacross.com
FingerprintDE:3F:CD:D1:57:E6:35:CD:6B:A7:D8:1A:DF:F4:FE:FA:91:E0:C0:06
ValidityFri, 17 Feb 2023 00:00:00 GMT - Tue, 22 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (10031)
Hash 4066e2c808577b2d0c3ca707c3d91e57
832eab5c019590fe1e60325278c19b4cbcc9c1fe
eb47f99998bddfe05f6fdd3253fb9f8baeb37ec12023a5487b7cbf294faa8ff6
GET /track.js HTTP/1.1
Host: serve.albacross.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 15 Dec 2022 09:39:19 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Thu, 13 Apr 2023 20:12:11 GMT
Cache-Control: max-age=120
ETag: W/"677b062b7ee7382b7082b87bab179b14"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LnPh89AkGe5dqmKPTXGug8kM_hkNe2sRqsk7hkoZbK1ZdowQS8TMLw==
Age: 70
js.hs-banner.com/v2/5627136/banner.js
104.18.25.196200 OK 69 kB URL GET HTTP/2 js.hs-banner.com/v2/5627136/banner.js
IP 104.18.25.196:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0B:F5:BD:8D:21:BE:37:A5:03:72:D7:62:50:36:B8:16:5B:AA:85:4A
ValidityThu, 02 Jun 2022 00:00:00 GMT - Thu, 01 Jun 2023 23:59:59 GMT
File type ASCII text, with very long lines (65044)
Hash 58e3100f059cfb7433b5b441dbd03799
f9f3e5bac782f050c07f45b3fe8e7ca504123cf2
9f81d8c770b75a011e0cb88ce814057d8f84108abaf13be10f4e3575b9d68dfc
GET /v2/5627136/banner.js HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 13 Apr 2023 20:13:18 GMT
content-type: text/javascript; charset=UTF-8
x-amz-id-2: tfwWK7SeTo1PF/hz8abdqHTztBaYM/GkeMerbNux61b4W30HwcdO78MAbsx+toWwCEaJS5eeMNO0QhAYU+jWlvCj3n+F8yMeydreqCtFiDg=
x-amz-request-id: 08AHGV0CWA3XMCH5
last-modified: Fri, 10 Mar 2023 16:36:48 GMT
etag: W/"41d44fc8c66aa079f213341d2415a450"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: MOSbo2FS0wGutpbC56bzOHl2gI_KTgYl
access-control-allow-origin: https://www.usbfund.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin, Accept-Encoding
expires: Thu, 13 Apr 2023 20:18:18 GMT
cf-cache-status: MISS
server: cloudflare
cf-ray: 7b765e6e9d64b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
omnisrc.com/inshop/launcher-v2.js
104.18.24.198200 OK 14 kB URL GET HTTP/2 omnisrc.com/inshop/launcher-v2.js
IP 104.18.24.198:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB7:6C:47:28:4B:F8:AD:97:84:D1:3F:E2:82:45:F3:E3:9D:79:A7:B2
ValidityTue, 24 Jan 2023 00:00:00 GMT - Tue, 23 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (32008)
Hash c7e9679f34911d79bb596ccb08ea5d10
ad88c06d1ae23a729aaeb77b07e64c49b06d055f
144a00bef4933beac78181dc1d3316db70e5c1a5bcb0eb93611d360572ae5b36
GET /inshop/launcher-v2.js HTTP/1.1
Host: omnisrc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 13 Apr 2023 20:13:18 GMT
content-type: application/javascript
last-modified: Thu, 23 Mar 2023 12:46:01 GMT
etag: W/"641c4a09-c5db"
expires: Thu, 13 Apr 2023 20:13:37 GMT
cache-control: max-age=3600
x-envoy-upstream-service-time: 1
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 2456
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7b765e6e8a26b524-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
216.58.211.3200 OK 167 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
IP 216.58.211.3:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=w89gs5rw4du
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint76:06:6A:AA:FB:72:F8:BA:90:67:2F:91:97:14:FB:68:D0:65:E9:22
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
File type ASCII text, with very long lines (697)
Size 167 kB (166600 bytes)
Hash fdfdaf63d56b4a9cd6641d79f7159fdc
18b413d8b6b9f3bec32026b7e9d9f4e5e366922f
f4dba3e15f08cf0686e6d89370ed42e8a5dafc38973501f0aa6baa9b93c720f3
GET /recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Apr 2023 14:23:58 GMT
expires: Fri, 12 Apr 2024 14:23:58 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 20961
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/cropped-iconusbfund-32x32.png
188.114.96.1200 OK 1.4 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/cropped-iconusbfund-32x32.png
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 331f8022f00882988b3dd50a45511040
295b137770dedf8de5101ba30c05f515e21b6fb0
f83bb7fbb6ab6b05a6129fdc513d6edeb3b9029b0cbe6cf3eae361ad56c58cf5
GET /wp-content/uploads/cropped-iconusbfund-32x32.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Cookie: _gcl_au=1.1.1481877944.1681416851; __ss=1681416851710; __ss_referrer=https%3A//www.usbfund.com/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413; _ga_YYEX7W0G95=GS1.1.1681416851.1.0.1681416851.0.0.0; _ga=GA1.1.1307571823.1681416852; wc_visitor=100980-c60d1af1-1c22-ea47-fa58-8e9a9dc568ad; wc_client=bayengage+..+campaign-email+..+sales-0413+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413+..+100980-c60d1af1-1c22-ea47-fa58-8e9a9dc568ad+..+; wc_client_current=bayengage+..+campaign-email+..+sales-0413+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413+..+100980-c60d1af1-1c22-ea47-fa58-8e9a9dc568ad+..+; IR_gbd=usbfund.com; IR_7486=1681416851847%7C0%7C1681416851847%7C%7C; __ss_tk=202304%7C6438625ede260a7b2533bf2f; soundestID=20230413201412-AZ76uYzsXngZnfYXQvd2IMlYjVAoGBaF4K88ak8xDUpnPkCTu; omnisendSessionID=SehzHR6S2iUtzl-20230413201412; _gd1681416853064=; wc_swap=9493560881+..+9494611140+..+68836
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:19 GMT
content-type: image/png
content-length: 1438
last-modified: Sat, 28 Sep 2019 00:14:07 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3ZaS5clfg4hiQwvxOvYgPrW4vIfkW8mJ3FUjbPDDdNNjULY6VZNmJa%2FEiFd2NxTkiiwYWvFHr3tNlXwcxAwH%2FcCckmmwGyu1KBnGjYIi3PuvJdUmALMu4TslMma0hqCOlg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e738812b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
tag.simpli.fi/sifitag/7c49dfc0-b0ef-0139-b544-06a60fe5fe77
34.90.223.176200 OK 3.1 kB URL GET HTTP/2 tag.simpli.fi/sifitag/7c49dfc0-b0ef-0139-b544-06a60fe5fe77
IP 34.90.223.176:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (3100)
Hash 3f39bd6aa96de4bb5bd9275b06354981
14f61e1cbeb536266027c98d8f48cc3211f1a2b2
4f8cbfd5c952dcec41e51c8cdf551acc7acf44e7e4d51ab90be179a503fb4b00
GET /sifitag/7c49dfc0-b0ef-0139-b544-06a60fe5fe77 HTTP/1.1
Host: tag.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 13 Apr 2023 20:13:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 3101
set-cookie: suid=3E99BECD8CE148C19A4378EDDAA974C2; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:19 GMT; SameSite=none; Secure;
suid_legacy=3E99BECD8CE148C19A4378EDDAA974C2; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:19 GMT; Secure;
x-request-id: F1WXq6j7HTZTXlFCGy7B
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache, no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/font-awesome.min.css
207.137.0.213200 OK 7.0 kB URL GET HTTP/2 www.checkbca.org/stylesheets/font-awesome.min.css
IP 207.137.0.213:443
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with very long lines (30837)
Hash 775375b17c16dc85854ba29bbba28807
91c2f8c2838211a85090f061340b6c0c24e763af
e05c4f03a6c957e6b769e9ac46b9b6d7f1de8f46f49fc894be7c7493aaf4e033
GET /stylesheets/font-awesome.min.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: text/css
content-encoding: gzip
last-modified: Fri, 03 Mar 2023 16:46:05 GMT
accept-ranges: bytes
etag: "80c44da5ef4dd91:0"
vary: Accept-Encoding
date: Thu, 13 Apr 2023 20:13:18 GMT
content-length: 6965
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/jquery.selectBox.css
207.137.0.213301 Moved Permanently 180 B URL GET HTTP/2 www.checkbca.org/stylesheets/jquery.selectBox.css
IP 207.137.0.213:443
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 65d99af646ca7622a01fc0d3eb7a6b6d
a6b71820c0572f17c183b5669255346947bc3492
425fea6b4acfc8c48eee414af2be035b5c77a87742cf0bb46b136d07e0c29f6a
GET /stylesheets/jquery.selectBox.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/stylesheets/jquery.selectbox.css
date: Thu, 13 Apr 2023 20:13:18 GMT
content-length: 180
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/style.css
207.137.0.213200 OK 11 kB URL GET HTTP/2 www.checkbca.org/stylesheets/style.css
IP 207.137.0.213:443
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type assembler source, Unicode text, UTF-8 text, with very long lines (548), with CRLF line terminators
Hash a3ec3a585ca53c4eaa1082ae3427a329
7f08739e149ab8dc280a05b280c31b04bfb1bd6d
1e44bca5aecfd50bff07a4df9f9bb9c524f6addd9c24bb8c463eef67798283c9
GET /stylesheets/style.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: text/css
content-encoding: gzip
last-modified: Fri, 03 Mar 2023 16:46:05 GMT
accept-ranges: bytes
etag: "80c44da5ef4dd91:0"
vary: Accept-Encoding
date: Thu, 13 Apr 2023 20:13:18 GMT
content-length: 10899
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 7bb3a4a3ea060ee966f054b14139f0cd
53d381b7200f31b098e0de9d1a9f71a6e8f58275
24c0aa3e19230dbd1ff2dc12b1d9941241da07c90bba88dcac7420c7d7be2eaa
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=112316
Date: Thu, 13 Apr 2023 20:13:19 GMT
Etag: "6437761b-1d7"
Expires: Sat, 15 Apr 2023 03:25:15 GMT
Last-Modified: Thu, 13 Apr 2023 03:25:15 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ifPbSSvXO0XE7gQniSuZId5mJWaQBgs0qMnpHVeP6JWdTcnXnXrj_g==
munchkin.marketo.net/163/munchkin.js
88.221.99.189200 OK 4.7 kB URL GET HTTP/1.1 munchkin.marketo.net/163/munchkin.js
IP 88.221.99.189:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.marketo.net
FingerprintC6:C2:4C:D3:C1:CA:89:26:8F:42:81:08:D4:93:23:EE:6E:A7:D3:F0
ValidityMon, 06 Feb 2023 00:00:00 GMT - Mon, 05 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (606)
Hash a67a8463872b30a03a9952f3704ba2d4
f1dc13fdf9167c4b8345c8c87ac355d197680614
96b9fd7fc7364d5ea8938d96ee726ca4063d45a8df23d4662ca492b0175ce0df
GET /163/munchkin.js HTTP/1.1
Host: munchkin.marketo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=8640000
Expires: Sat, 22 Jul 2023 20:13:19 GMT
Date: Thu, 13 Apr 2023 20:13:19 GMT
Content-Length: 4741
Connection: keep-alive
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
widget.trustpilot.com/trustbox-data/54ad5defc6454f065c28af8b?businessUnitId=57559cd10000ff00058effd9&locale=en-US&reviewStars=5&reviewsPerPage=15
143.204.55.101200 OK 26 kB URL GET HTTP/2 widget.trustpilot.com/trustbox-data/54ad5defc6454f065c28af8b?businessUnitId=57559cd10000ff00058effd9&locale=en-US&reviewStars=5&reviewsPerPage=15
IP 143.204.55.101:443
Requested by https://widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=57559cd10000ff00058effd9#locale=en-US&styleHeight=240px&styleWidth=100%25&theme=light&stars=5&schemaType=Organization
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintED:01:2E:50:4C:98:9B:F1:34:D7:8C:1E:93:45:E6:05:00:3C:47:86
ValidityThu, 02 Feb 2023 00:00:00 GMT - Sat, 02 Mar 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (9798), with CRLF line terminators
Hash 63019f2071803b275818c31512a559b0
acbdf039c3bafda1c7ce101ae697f6fcc58301dc
0b8ec74bce53cc9a92f6b9217195cfae3d39904412217d094a1a12d780ee2aee
GET /trustbox-data/54ad5defc6454f065c28af8b?businessUnitId=57559cd10000ff00058effd9&locale=en-US&reviewStars=5&reviewsPerPage=15 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=57559cd10000ff00058effd9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: public,max-age=1800
content-encoding: gzip
date: Thu, 13 Apr 2023 20:13:18 GMT
etag: "623f1bedbd88d2164330d3956493b308"
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: awCK2yTF5w3_IXyqJRK2FiZfHz_Viv9b9ktRHVpUqQCgDNlUXun9mw==
X-Firefox-Spdy: h2
www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjaxWebForms.js
207.137.0.213301 Moved Permanently 196 B URL GET HTTP/2 www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjaxWebForms.js
IP 207.137.0.213:443
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 95d708e49ef3d81c5832e354dbdafb01
ddb6aa6d1990a59c42331129fef517bb9101fad1
429e36746d58356e8d7fd50c755f2ec8de5fcf67bc3980f782eef9c14e89db18
GET /Scripts/WebForms/MsAjax/MicrosoftAjaxWebForms.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/scripts/webforms/msajax/microsoftajaxwebforms.js
date: Thu, 13 Apr 2023 20:13:18 GMT
content-length: 196
X-Firefox-Spdy: h2
www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjax.js
207.137.0.213301 Moved Permanently 188 B URL GET HTTP/2 www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjax.js
IP 207.137.0.213:443
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 6f83537ac9d2567aa0049ad8d28282d8
7e4975fe0edee16d97ab1f59dd7473a95902f30e
c614ae1fc44d88ab3555782295fd0de23f7b1062ef93e0777530a9ff2fdb2fe6
GET /Scripts/WebForms/MsAjax/MicrosoftAjax.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
date: Thu, 13 Apr 2023 20:13:18 GMT
content-length: 188
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery-3.3.1.min.js
207.137.0.213200 OK 30 kB URL GET HTTP/2 www.checkbca.org/scripts/jquery-3.3.1.min.js
IP 207.137.0.213:443
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with very long lines (65451)
Hash a263be51483c81a54aa8c85104a93e55
555a54a73531c553bd2aede6abc25c128b63312e
b2f13ad730928958c09d89e6e32bb6a227c0260d032a39ca464d998a59e57a66
GET /scripts/jquery-3.3.1.min.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Thu, 13 Apr 2023 20:13:18 GMT
content-length: 30394
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery.simplemodal.1.4.4.min.js
207.137.0.213200 OK 3.1 kB URL GET HTTP/2 www.checkbca.org/scripts/jquery.simplemodal.1.4.4.min.js
IP 207.137.0.213:443
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with very long lines (626), with CRLF, LF line terminators
Hash 487fda8eb4e12565909588706300e2fb
9224d8c027d499bb7ec852c2bf3c580e593f5d5b
664736273b9cff9b035c3c682e6ea5e1220468bf24d3199d45148b0a45e101dc
GET /scripts/jquery.simplemodal.1.4.4.min.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Thu, 13 Apr 2023 20:13:18 GMT
content-length: 3081
X-Firefox-Spdy: h2
trackcmp.net/t_prism_sitemessages.php?trackid=224499963&prismid=af62ca2a-1bf5-4fdb-8712-359a6e889222&url=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413
172.64.145.151200 OK 0 B URL GET HTTP/2 trackcmp.net/t_prism_sitemessages.php?trackid=224499963&prismid=af62ca2a-1bf5-4fdb-8712-359a6e889222&url=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413
IP 172.64.145.151:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:67:4E:CC:4A:0F:16:72:90:95:A2:D6:A7:50:E7:85:F3:84:7E:DA
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t_prism_sitemessages.php?trackid=224499963&prismid=af62ca2a-1bf5-4fdb-8712-359a6e889222&url=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413 HTTP/1.1
Host: trackcmp.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 13 Apr 2023 20:13:19 GMT
content-type: text/javascript;charset=UTF-8
content-length: 0
cache-control: no-cache, private
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
x-envoy-upstream-service-time: 21
x-powered-by: PHP/8.1.17
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7b765e756c32b515-OSL
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=58092&time=1681416853347&url=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413
13.107.42.14302 Found 0 B URL GET HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=58092&time=1681416853347&url=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413
IP 13.107.42.14:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subjectwww.linkedin.com
Fingerprint1F:CD:8F:F2:82:0B:B9:19:6B:DE:AD:66:B4:F9:B0:8B:F0:91:FF:6C
ValidityTue, 07 Mar 2023 00:00:00 GMT - Thu, 07 Sep 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=58092&time=1681416853347&url=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413 HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D58092%26time%3D1681416853347%26url%3Dhttps%253A%252F%252Fwww.usbfund.com%252F%253Futm_source%253Dbayengage%2526utm_medium%253Dcampaign-email%2526utm_campaign%253Dsales-0413%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQLI9crGnNvJFgAAAYd8QEWZw313x15POSFcyLPTca3wJFWuzGIZcj6lNJxdl1ztafa86fwe1R9s2A; Max-Age=2592000; Expires=Sat, 13 May 2023 20:13:19 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQKLrEUiVqtrWAAAAYd8QEWZl7T8C5_9arN83wxtrCzMalLvloTQ2E9waOlz2yJ6vwy-UYjITGXAIDFTbIAyFA; Max-Age=2592000; Expires=Sat, 13 May 2023 20:13:19 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
bcookie="v=2&fec21194-aa71-47b0-8c4a-8c61a5129fed"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 12-Apr-2024 20:13:19 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2497:u=1:x=1:i=1681416799:t=1681503199:v=2:sig=AQHqDye1pMo8o8Epsh_13K6MC-tgM5TT"; Expires=Fri, 14 Apr 2023 20:13:19 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAX5PVsPxV25v4pB+AdodQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: FCF06E49A11548AD964264E31E3F6957 Ref B: OSL30EDGE0212 Ref C: 2023-04-13T20:13:19Z
date: Thu, 13 Apr 2023 20:13:19 GMT
content-length: 0
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/cropped-iconusbfund-192x192.png
188.114.96.1200 OK 20 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/cropped-iconusbfund-192x192.png
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 273b22a347363c8bfaa20ddcca897d53
0bf5106cb96db26030ae4bee997db3aef8914130
3c673a54e1fea64b6b57dc31365058249f665f327b0e032746b310a2f6a2c0b2
GET /wp-content/uploads/cropped-iconusbfund-192x192.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Cookie: _gcl_au=1.1.1481877944.1681416851; __ss=1681416851710; __ss_referrer=https%3A//www.usbfund.com/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413; _ga_YYEX7W0G95=GS1.1.1681416851.1.0.1681416851.0.0.0; _ga=GA1.1.1307571823.1681416852; wc_visitor=100980-c60d1af1-1c22-ea47-fa58-8e9a9dc568ad; wc_client=bayengage+..+campaign-email+..+sales-0413+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413+..+100980-c60d1af1-1c22-ea47-fa58-8e9a9dc568ad+..+; wc_client_current=bayengage+..+campaign-email+..+sales-0413+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413+..+100980-c60d1af1-1c22-ea47-fa58-8e9a9dc568ad+..+; IR_gbd=usbfund.com; IR_7486=1681416851847%7C0%7C1681416851847%7C%7C; __ss_tk=202304%7C6438625ede260a7b2533bf2f; soundestID=20230413201412-AZ76uYzsXngZnfYXQvd2IMlYjVAoGBaF4K88ak8xDUpnPkCTu; omnisendSessionID=SehzHR6S2iUtzl-20230413201412; _gd1681416853064=; wc_swap=9493560881+..+9494611140+..+68836
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:19 GMT
content-type: image/png
content-length: 19606
last-modified: Sat, 28 Sep 2019 00:15:06 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HCzUkba9dxRemn58ae9aO1QXiVKBpRyBX%2F7cZX2qNA1Sx3ans9ATVlRrhucGn1Vum%2BZ9NZgc0nLxJ8yRjCUnHdXjspr54D%2FqEQ%2FO3lAxvhoxde0KmuH9Q17qSCUxWN%2FdDpA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e73880fb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.checkbca.org/scripts/jquery.bxslider.min.js
207.137.0.213200 OK 5.1 kB URL GET HTTP/2 www.checkbca.org/scripts/jquery.bxslider.min.js
IP 207.137.0.213:443
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with very long lines (18813)
Hash 9777aab0bd6025cd5c7ecaebd409284d
ab73cc0c1c09e58a1fa0d5bda44c313f697f14da
7b01c6335fa7c91f0b359d56158676c2553323f6e09dd01db242b0da0d104d1b
GET /scripts/jquery.bxslider.min.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Thu, 13 Apr 2023 20:13:18 GMT
content-length: 5135
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=w89gs5rw4du
142.250.74.164200 OK 27 kB URL GET HTTP/3 www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=w89gs5rw4du
IP 142.250.74.164:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBC:12:A9:4C:44:2A:9A:A2:F3:90:FC:9B:BD:52:91:4C:61:A4:7C:CD
ValidityMon, 20 Mar 2023 08:22:16 GMT - Mon, 12 Jun 2023 08:22:15 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (41218)
Hash 2efb92bbda29f0f26bb731cada40d7bc
646f2ae49146d32290027547676a8cfd37eab8e9
70e5baac55ab325592f41b63d08266096d33862fe38e1163a988a81cc521623b
GET /recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=w89gs5rw4du HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 13 Apr 2023 20:13:19 GMT
content-security-policy: script-src 'nonce-sbB0plkDS9R7LVKla4zK9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 26802
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.checkbca.org/scripts/jquery.selectBox.js
207.137.0.213301 Moved Permanently 175 B URL GET HTTP/2 www.checkbca.org/scripts/jquery.selectBox.js
IP 207.137.0.213:443
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 46da262b5b1399dfbf30fac73e57a298
c176cf3cfa6da6a0748c497591ff3619467d6434
4089029c368f61bcc5e6be36c952e1c440e0e20475e247b8316c6ce57ea7cc99
GET /scripts/jquery.selectBox.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/scripts/jquery.selectbox.js
date: Thu, 13 Apr 2023 20:13:18 GMT
content-length: 175
X-Firefox-Spdy: h2
www.checkbca.org/scripts/scripts.js
207.137.0.213200 OK 4.3 kB URL GET HTTP/2 www.checkbca.org/scripts/scripts.js
IP 207.137.0.213:443
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with CRLF line terminators
Hash 3b38a1caac14cc0685da48549e84da3b
2ce4f852dced2ddee12614640dcfeb0f3a96ae48
4e45d270791d6d30c782e95c1763ef0a1ac7b934d5cb703b651f3c6434c8b22b
GET /scripts/scripts.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 03 Mar 2023 16:46:02 GMT
accept-ranges: bytes
etag: "0184a3ef4dd91:0"
vary: Accept-Encoding
date: Thu, 13 Apr 2023 20:13:18 GMT
content-length: 4272
X-Firefox-Spdy: h2
www.checkbca.org/images/widget_seal.png
207.137.0.213200 OK 2.7 kB URL GET HTTP/2 www.checkbca.org/images/widget_seal.png
IP 207.137.0.213:443
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash 270ad3deddbe8a845043e3d6a8000f91
3835898b5aba554e51bf8c9191b3804e7fad65a2
30f3c9000753eaaba38681a3a44471668df6f9c60258644baba4ca24cdf62c89
GET /images/widget_seal.png HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: image/png
last-modified: Sat, 09 May 2020 03:31:08 GMT
accept-ranges: bytes
etag: "ba4a5b47b225d61:0"
date: Thu, 13 Apr 2023 20:13:18 GMT
content-length: 2723
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/jquery.selectbox.css
207.137.0.213200 OK 844 B URL GET HTTP/2 www.checkbca.org/stylesheets/jquery.selectbox.css
IP 207.137.0.213:443
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with very long lines (2823), with no line terminators
Hash ef6ac3dc00cd170fb2e40e76489dc10d
02964dcc31527690062facef2f5ca2c0cf24ea23
06e4f8e3d1d4e68a23c9fd4927304906f912307b71f80025f6b74dfe3945d813
GET /stylesheets/jquery.selectbox.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: text/css
content-encoding: gzip
last-modified: Fri, 02 Aug 2019 17:52:06 GMT
accept-ranges: bytes
etag: "0a783ff5a49d51:0"
vary: Accept-Encoding
date: Thu, 13 Apr 2023 20:13:18 GMT
content-length: 844
X-Firefox-Spdy: h2
www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
207.137.0.213200 OK 24 kB URL GET HTTP/2 www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
IP 207.137.0.213:443
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with very long lines (65262), with CRLF line terminators
Hash 1aa546445a52ff5e781cb1e335f445c4
a8071c7d8f7c2798100ceed7ef5842a587cc41d2
6a3e80b4cc602560e187e061ff5070fdda5c608125956f878f417b01867f6b09
GET /scripts/webforms/msajax/microsoftajax.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 03 Mar 2023 16:46:05 GMT
accept-ranges: bytes
etag: "80c44da5ef4dd91:0"
vary: Accept-Encoding
date: Thu, 13 Apr 2023 20:13:19 GMT
content-length: 24320
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
216.58.211.3200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
IP 216.58.211.3:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=w89gs5rw4du
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint76:06:6A:AA:FB:72:F8:BA:90:67:2F:91:97:14:FB:68:D0:65:E9:22
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
File type ASCII text, with very long lines (56403), with no line terminators
Hash a42c6333a13e5376af95f46fd9c7b627
57a98e519a44915e39a0cb6f23812adfa6611e67
62bff9dd0379da44f9d7f739af671bb6b243c016b49c7146b431ae9e6b9cb41b
GET /recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.gstatic.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Apr 2023 18:10:59 GMT
expires: Thu, 11 Apr 2024 18:10:59 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
content-type: text/css
vary: Accept-Encoding
age: 93740
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
216.58.211.3200 OK 167 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
IP 216.58.211.3:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=w89gs5rw4du
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint76:06:6A:AA:FB:72:F8:BA:90:67:2F:91:97:14:FB:68:D0:65:E9:22
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
File type ASCII text, with very long lines (697)
Size 167 kB (166600 bytes)
Hash fdfdaf63d56b4a9cd6641d79f7159fdc
18b413d8b6b9f3bec32026b7e9d9f4e5e366922f
f4dba3e15f08cf0686e6d89370ed42e8a5dafc38973501f0aa6baa9b93c720f3
GET /recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.gstatic.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Apr 2023 14:23:58 GMT
expires: Fri, 12 Apr 2024 14:23:58 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 20961
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.r2m01.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 7bb3a4a3ea060ee966f054b14139f0cd
53d381b7200f31b098e0de9d1a9f71a6e8f58275
24c0aa3e19230dbd1ff2dc12b1d9941241da07c90bba88dcac7420c7d7be2eaa
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=115047
Date: Thu, 13 Apr 2023 20:13:19 GMT
Etag: "6437761b-1d7"
Expires: Sat, 15 Apr 2023 04:10:47 GMT
Last-Modified: Thu, 13 Apr 2023 03:25:15 GMT
Server: ECAcc (dcb/7F94)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tBS3NC_aOMrpVu2YNMXNlZL3ruPnuP8UpXMgelNLWpiEdw4om7jPsA==
Age: 2731
www.checkbca.org/scripts/webforms/msajax/microsoftajaxwebforms.js
207.137.0.213200 OK 9.6 kB URL GET HTTP/2 www.checkbca.org/scripts/webforms/msajax/microsoftajaxwebforms.js
IP 207.137.0.213:443
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with very long lines (39257), with CRLF line terminators
Hash 211aa6b9096a11187131cbc6c3ab6d16
380ff6b00fc93d78031319a6d1b0e78f2a9e6017
4f1ec7256c84b77776b8c75fd59dca0c6b5560fa3a5010a290e46b6b5d8d4f5f
GET /scripts/webforms/msajax/microsoftajaxwebforms.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 03 Mar 2023 16:46:05 GMT
accept-ranges: bytes
etag: "80c44da5ef4dd91:0"
vary: Accept-Encoding
date: Thu, 13 Apr 2023 20:13:19 GMT
content-length: 9603
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery.selectbox.js
207.137.0.213200 OK 4.2 kB URL GET HTTP/2 www.checkbca.org/scripts/jquery.selectbox.js
IP 207.137.0.213:443
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type Unicode text, UTF-8 text, with very long lines (15896), with no line terminators
Hash 786f2eb7bf72098ca18b9afd6d127237
5e75cb575c23f13e064a913cbe55570670e718ab
d8a1f1df33bbe0f528bfd53be5c1388890220e54c5aaa7281b889a1e5dde3189
GET /scripts/jquery.selectbox.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Thu, 13 Apr 2023 20:13:19 GMT
content-length: 4192
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D58092%26time%3D1681416853347%26url%3Dhttps%253A%252F%252Fwww.usbfund.com%252F%253Futm_source%253Dbayengage%2526utm_medium%253Dcampaign-email%2526utm_campaign%253Dsales-0413%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL GET HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D58092%26time%3D1681416853347%26url%3Dhttps%253A%252F%252Fwww.usbfund.com%252F%253Futm_source%253Dbayengage%2526utm_medium%253Dcampaign-email%2526utm_campaign%253Dsales-0413%26liSync%3Dtrue
IP 13.107.42.14:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subjectwww.linkedin.com
Fingerprint1F:CD:8F:F2:82:0B:B9:19:6B:DE:AD:66:B4:F9:B0:8B:F0:91:FF:6C
ValidityTue, 07 Mar 2023 00:00:00 GMT - Thu, 07 Sep 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D58092%26time%3D1681416853347%26url%3Dhttps%253A%252F%252Fwww.usbfund.com%252F%253Futm_source%253Dbayengage%2526utm_medium%253Dcampaign-email%2526utm_campaign%253Dsales-0413%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=58092&time=1681416853347&url=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413&liSync=true
set-cookie: bcookie="v=2&90c3b72f-1f95-44d6-8f2a-9b1938d2f5aa"; Domain=.linkedin.com; Expires=Fri, 12-Apr-2024 20:13:20 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&2023041320132079a3791d-5ab0-4525-8841-ddfaa8eb473bAQFMesf8AgeaM_jtTzV3-O8bGGVwc_fb"; Domain=.www.linkedin.com; Expires=Fri, 12-Apr-2024 20:13:20 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2ODE0MTY4MDA7MjswMjHnsEFl7caOpdZRT5eoxVok1F4A1IdlEm16Y+PgJvDWaw==; Domain=.linkedin.com; Expires=Tue, 10 Oct 2023 20:13:20 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2497:u=1:x=1:i=1681416800:t=1681503200:v=2:sig=AQEFWK1-G664wPVthab6-vz6xRYLWCOR"; Expires=Fri, 14 Apr 2023 20:13:20 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; script-src-attr 'report-sample' 'none'; object-src 'none'; media-src blob: *; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-source-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAX5PVsVztiSWuHosITXdQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: CB9D388C751D4DE39BD96B4E4043074F Ref B: OSL30EDGE0212 Ref C: 2023-04-13T20:13:19Z
date: Thu, 13 Apr 2023 20:13:19 GMT
content-length: 0
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=w89gs5rw4du
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint76:06:6A:AA:FB:72:F8:BA:90:67:2F:91:97:14:FB:68:D0:65:E9:22
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Apr 2023 13:07:04 GMT
expires: Thu, 11 Apr 2024 13:07:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 111976
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/webworker.js?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw
142.250.74.164200 OK 112 B URL GET HTTP/3 www.google.com/recaptcha/api2/webworker.js?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw
IP 142.250.74.164:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=w89gs5rw4du
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBC:12:A9:4C:44:2A:9A:A2:F3:90:FC:9B:BD:52:91:4C:61:A4:7C:CD
ValidityMon, 20 Mar 2023 08:22:16 GMT - Mon, 12 Jun 2023 08:22:15 GMT
File type ASCII text, with no line terminators
Hash 8771b78bf8540cb0f0abd565803ec778
47cd6a15b47404961c8d0f5a1e11fe2125b46c1c
ea56675b25b1314bc82952ca08e0590788909f502ff612b300cf54cc2eea54ad
GET /recaptcha/api2/webworker.js?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=w89gs5rw4du
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
expires: Thu, 13 Apr 2023 20:13:20 GMT
date: Thu, 13 Apr 2023 20:13:20 GMT
cache-control: private, max-age=300
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/logo_48.png
216.58.211.3200 OK 2.2 kB URL GET HTTP/3 www.gstatic.com/recaptcha/api2/logo_48.png
IP 216.58.211.3:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=w89gs5rw4du
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint76:06:6A:AA:FB:72:F8:BA:90:67:2F:91:97:14:FB:68:D0:65:E9:22
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.gstatic.com
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Apr 2023 02:07:56 GMT
expires: Thu, 20 Apr 2023 02:07:56 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 65124
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
216.58.211.3200 OK 167 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
IP 216.58.211.3:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=w89gs5rw4du
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint76:06:6A:AA:FB:72:F8:BA:90:67:2F:91:97:14:FB:68:D0:65:E9:22
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
File type ASCII text, with very long lines (697)
Size 167 kB (166600 bytes)
Hash fdfdaf63d56b4a9cd6641d79f7159fdc
18b413d8b6b9f3bec32026b7e9d9f4e5e366922f
f4dba3e15f08cf0686e6d89370ed42e8a5dafc38973501f0aa6baa9b93c720f3
GET /recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.gstatic.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Apr 2023 14:23:58 GMT
expires: Fri, 12 Apr 2024 14:23:58 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 20962
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/api2/bframe?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5
142.250.74.164200 OK 1.1 kB URL GET HTTP/3 www.google.com/recaptcha/api2/bframe?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5
IP 142.250.74.164:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBC:12:A9:4C:44:2A:9A:A2:F3:90:FC:9B:BD:52:91:4C:61:A4:7C:CD
ValidityMon, 20 Mar 2023 08:22:16 GMT - Mon, 12 Jun 2023 08:22:15 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 65e36ba6e98fe9695cec99cc0540e684
aa0c05a14b7b3a2b11d65ed4fdde569cdd96cc60
695590c47752c56a42c6304670277ea1f3d564604c72cd02a47be79163a6ca63
GET /recaptcha/api2/bframe?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 13 Apr 2023 20:13:20 GMT
content-security-policy: script-src 'nonce-gTNLFVWR3hopnKYO7HN5VA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1117
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sc.cdnma.com/apps/18595/capture.js
143.204.55.114200 OK 8.4 kB URL GET HTTP/2 sc.cdnma.com/apps/18595/capture.js
IP 143.204.55.114:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerAmazon
Subjectbeacon.cdnma.com
Fingerprint50:C6:2C:3E:55:7D:4A:E1:3D:E3:E4:D6:7E:45:89:3C:92:43:C0:C0
ValiditySun, 02 Apr 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
Hash f9b46cdff29f40f8d0cfa78244c875e1
e7cfa2b20c9475be3246f2ceb74966999ccb5b79
aab37b562df86df3d29af915fbb971542b5aa7ffb2f3ea823d4a329d281b335c
GET /apps/18595/capture.js HTTP/1.1
Host: sc.cdnma.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 15 Dec 2022 23:31:10 GMT
access-control-allow-origin: *
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
date: Thu, 13 Apr 2023 20:13:19 GMT
expires: Fri, 14 Apr 2023 00:13:19 GMT
cache-control: max-age=14400
etag: W/"639bae3e-6c08"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ubz5RPoaWrtmA8He8eo2FW6seZlcJMRSoccxV98yBYzwcjBE24L9cQ==
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
216.58.211.3200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
IP 216.58.211.3:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=w89gs5rw4du
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint76:06:6A:AA:FB:72:F8:BA:90:67:2F:91:97:14:FB:68:D0:65:E9:22
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
File type ASCII text, with very long lines (56403), with no line terminators
Hash a42c6333a13e5376af95f46fd9c7b627
57a98e519a44915e39a0cb6f23812adfa6611e67
62bff9dd0379da44f9d7f739af671bb6b243c016b49c7146b431ae9e6b9cb41b
GET /recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.gstatic.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Apr 2023 18:10:59 GMT
expires: Thu, 11 Apr 2024 18:10:59 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
content-type: text/css
vary: Accept-Encoding
age: 93741
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
216.58.211.3200 OK 167 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
IP 216.58.211.3:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=w89gs5rw4du
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint76:06:6A:AA:FB:72:F8:BA:90:67:2F:91:97:14:FB:68:D0:65:E9:22
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
File type ASCII text, with very long lines (697)
Size 167 kB (166600 bytes)
Hash fdfdaf63d56b4a9cd6641d79f7159fdc
18b413d8b6b9f3bec32026b7e9d9f4e5e366922f
f4dba3e15f08cf0686e6d89370ed42e8a5dafc38973501f0aa6baa9b93c720f3
GET /recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.gstatic.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Apr 2023 14:23:58 GMT
expires: Fri, 12 Apr 2024 14:23:58 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 20962
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
px.ads.linkedin.com/collect?v=2&fmt=js&pid=58092&time=1681416853347&url=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413&liSync=true
13.107.42.14200 OK 0 B URL GET HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=58092&time=1681416853347&url=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413&liSync=true
IP 13.107.42.14:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subjectwww.linkedin.com
Fingerprint1F:CD:8F:F2:82:0B:B9:19:6B:DE:AD:66:B4:F9:B0:8B:F0:91:FF:6C
ValidityTue, 07 Mar 2023 00:00:00 GMT - Thu, 07 Sep 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=58092&time=1681416853347&url=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: bcookie="v=2&80299050-a9a2-4a17-894a-ffb34d3f5bb9"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 12-Apr-2024 20:13:20 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2497:u=1:x=1:i=1681416800:t=1681503200:v=2:sig=AQEFWK1-G664wPVthab6-vz6xRYLWCOR"; Expires=Fri, 14 Apr 2023 20:13:20 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-source-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAX5PVsZXxT90OEA8wJYeQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: A7233757CBAA4807B84F0DF684DF33E4 Ref B: OSL30EDGE0212 Ref C: 2023-04-13T20:13:20Z
date: Thu, 13 Apr 2023 20:13:19 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash b7f29e3298e271df7f0739eac18b5f91
25a2a6a88765c0ee0a1a84c8db917aa3ab1572ad
3ff2cfa56915e9879e87ea59737def0a769b8c8816a0b82101691f370c855132
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=165241
Date: Thu, 13 Apr 2023 20:13:20 GMT
Etag: "643844d9-1d7"
Expires: Sat, 15 Apr 2023 18:07:21 GMT
Last-Modified: Thu, 13 Apr 2023 18:07:21 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WA4KnFdjg6_rJXcoLzrF1vr3vH7uEtuw2H9pdY7lgMasraEWuoTqmQ==
511-lvj-854.mktoresp.com/webevents/visitWebPage?_mchNc=1681416853492&_mchCn=&_mchId=511-LVJ-854&_mchTk=_mch-usbfund.com-1681416853491-23802&_mchHo=www.usbfund.com&_mchPo=&_mchRu=%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=utm_source%3Dbayengage__-__utm_medium%3Dcampaign-email__-__utm_campaign%3Dsales-0413
199.15.214.243200 OK 43 B URL POST HTTP/1.0 511-lvj-854.mktoresp.com/webevents/visitWebPage?_mchNc=1681416853492&_mchCn=&_mchId=511-LVJ-854&_mchTk=_mch-usbfund.com-1681416853491-23802&_mchHo=www.usbfund.com&_mchPo=&_mchRu=%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=utm_source%3Dbayengage__-__utm_medium%3Dcampaign-email__-__utm_campaign%3Dsales-0413
IP 199.15.214.243:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.mktoresp.com
FingerprintF1:86:A2:64:22:99:41:B0:05:EB:2D:2F:A2:B9:2F:73:23:38:C8:30
ValidityWed, 05 Oct 2022 00:00:00 GMT - Sun, 05 Nov 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 7e1a751d6f8efada000e3df3aac35514
4c73d56e1221bcee6aca2e954b71b9d6216de36e
cbbd42bb1d88693e6805bd9d676840424af5ecf3e13d874fd06e6b57d53d8d40
POST /webevents/visitWebPage?_mchNc=1681416853492&_mchCn=&_mchId=511-LVJ-854&_mchTk=_mch-usbfund.com-1681416853491-23802&_mchHo=www.usbfund.com&_mchPo=&_mchRu=%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=utm_source%3Dbayengage__-__utm_medium%3Dcampaign-email__-__utm_campaign%3Dsales-0413 HTTP/1.1
Host: 511-lvj-854.mktoresp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.0 200 OK
Server: BigIP
Connection: Keep-Alive
Content-Length: 43
cdn.linkedin.oribi.io/partner/58092/domain/usbfund.com/token
54.230.111.112200 OK 3.5 kB URL GET HTTP/2 cdn.linkedin.oribi.io/partner/58092/domain/usbfund.com/token
IP 54.230.111.112:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerAmazon
Subjectlinkedin.oribi.io
FingerprintBE:46:90:54:17:C8:57:FD:82:7C:7D:E5:DF:7D:7E:01:F1:B8:4B:47
ValidityFri, 24 Feb 2023 00:00:00 GMT - Sun, 06 Aug 2023 23:59:59 GMT
File type JSON data\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13396)
Hash ea3d51f3c5eb4989ec5612908b07ab5f
1303ba24c1874a8e895f31aab5eddd691c7d6b33
686fbf2edef35e6ddc9a88fcfe1f7d72cfcb63f3da8e8b466287c0e5fb729282
GET /partner/58092/domain/usbfund.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json
date: Thu, 13 Apr 2023 20:13:19 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BU4S0e148KthkZsZG5ymPcfB0RnsTm_hiQ2mcavaI-zJaFtX9bkj6w==
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=w89gs5rw4du
142.250.74.164200 OK 27 kB URL GET HTTP/3 www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=w89gs5rw4du
IP 142.250.74.164:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBC:12:A9:4C:44:2A:9A:A2:F3:90:FC:9B:BD:52:91:4C:61:A4:7C:CD
ValidityMon, 20 Mar 2023 08:22:16 GMT - Mon, 12 Jun 2023 08:22:15 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (41786)
Hash 91a0bdb162bcf367eb4b1f45cd4b5f41
33e51ffdc3f6a7401f8136f8091a03786bff6778
9add7da0c2922587f4915d2e69375d3216c9b1bfba1aa522eb1b7ac10e8fa2d5
GET /recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=w89gs5rw4du HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 13 Apr 2023 20:13:20 GMT
content-security-policy: script-src 'nonce-z4uZjZZIwBv-Ztih9HyZSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 27201
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/api2/bframe?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5
142.250.74.164200 OK 1.1 kB URL GET HTTP/3 www.google.com/recaptcha/api2/bframe?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5
IP 142.250.74.164:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBC:12:A9:4C:44:2A:9A:A2:F3:90:FC:9B:BD:52:91:4C:61:A4:7C:CD
ValidityMon, 20 Mar 2023 08:22:16 GMT - Mon, 12 Jun 2023 08:22:15 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6ab377b2b53a3ac528d2849a3690b683
75ee28d8dfcfcda99f3453e1eb620ebee67bea47
968636b52a7eaf8673f4c5644c8be807bbb4da5baaf9ba3bdf007b76d8c510af
GET /recaptcha/api2/bframe?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 13 Apr 2023 20:13:20 GMT
content-security-policy: script-src 'nonce-SZ_Nn2ewYT8kHlTXVeY9AQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1117
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/main.js
143.204.55.101200 OK 31 kB URL GET HTTP/2 widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/main.js
IP 143.204.55.101:443
Requested by https://widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=57559cd10000ff00058effd9#locale=en-US&styleHeight=240px&styleWidth=100%25&theme=light&stars=5&schemaType=Organization
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintED:01:2E:50:4C:98:9B:F1:34:D7:8C:1E:93:45:E6:05:00:3C:47:86
ValidityThu, 02 Feb 2023 00:00:00 GMT - Sat, 02 Mar 2024 23:59:59 GMT
File type Unicode text, UTF-8 (with BOM) text, with very long lines (64030), with no line terminators
Hash 2e3edb0ca56a4b6e3a0425ac711a5928
fb9a6bcba231dc84aa0a352495b74a5fb0090fd3
d000cdf690d72aba7baa5530f3a3d42bd3666e0cdac906f9e04bbbd3348d2a65
GET /trustboxes/54ad5defc6454f065c28af8b/main.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=57559cd10000ff00058effd9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 31025
last-modified: Tue, 21 Mar 2023 10:45:42 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Thu, 13 Apr 2023 03:35:25 GMT
cache-control: max-age=86400
etag: "2e3edb0ca56a4b6e3a0425ac711a5928"
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dBSwvTEgbjnuCwwuS-McChvrHdRjLU60ClgNkCN2mq0Cvyov2prvyg==
age: 59877
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
216.58.211.3200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
IP 216.58.211.3:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=w89gs5rw4du
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint76:06:6A:AA:FB:72:F8:BA:90:67:2F:91:97:14:FB:68:D0:65:E9:22
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
File type ASCII text, with very long lines (56403), with no line terminators
Hash a42c6333a13e5376af95f46fd9c7b627
57a98e519a44915e39a0cb6f23812adfa6611e67
62bff9dd0379da44f9d7f739af671bb6b243c016b49c7146b431ae9e6b9cb41b
GET /recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.gstatic.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Apr 2023 18:10:59 GMT
expires: Thu, 11 Apr 2024 18:10:59 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
content-type: text/css
vary: Accept-Encoding
age: 93741
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
216.58.211.3200 OK 167 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
IP 216.58.211.3:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=w89gs5rw4du
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint76:06:6A:AA:FB:72:F8:BA:90:67:2F:91:97:14:FB:68:D0:65:E9:22
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
File type ASCII text, with very long lines (697)
Size 167 kB (166600 bytes)
Hash fdfdaf63d56b4a9cd6641d79f7159fdc
18b413d8b6b9f3bec32026b7e9d9f4e5e366922f
f4dba3e15f08cf0686e6d89370ed42e8a5dafc38973501f0aa6baa9b93c720f3
GET /recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.gstatic.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Apr 2023 14:23:58 GMT
expires: Fri, 12 Apr 2024 14:23:58 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 20962
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.checkbca.org/CompanyWidget.aspx?ID=100094667&WidgetType=1
207.137.0.213301 Moved Permanently 196 B URL GET HTTP/2 www.checkbca.org/CompanyWidget.aspx?ID=100094667&WidgetType=1
IP 207.137.0.213:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash e4450c4791dadbc8f0fe8409a9b278ec
70f8e597f291a8a247c4f1bbbc4586e300f75723
e350fe60679b3272336147b700171d459374f3a66c6e228673a94ec0d9239b7e
GET /CompanyWidget.aspx?ID=100094667&WidgetType=1 HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
date: Thu, 13 Apr 2023 20:13:19 GMT
content-length: 196
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
216.58.211.3200 OK 167 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
IP 216.58.211.3:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=w89gs5rw4du
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint76:06:6A:AA:FB:72:F8:BA:90:67:2F:91:97:14:FB:68:D0:65:E9:22
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
File type ASCII text, with very long lines (697)
Size 167 kB (166600 bytes)
Hash fdfdaf63d56b4a9cd6641d79f7159fdc
18b413d8b6b9f3bec32026b7e9d9f4e5e366922f
f4dba3e15f08cf0686e6d89370ed42e8a5dafc38973501f0aa6baa9b93c720f3
GET /recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.gstatic.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Apr 2023 14:23:58 GMT
expires: Fri, 12 Apr 2024 14:23:58 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 20962
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
i.simpli.fi/p?cid=323546&cb=sifi_att_42656._hp
34.90.223.176200 OK 1.3 kB URL GET HTTP/2 i.simpli.fi/p?cid=323546&cb=sifi_att_42656._hp
IP 34.90.223.176:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
Hash 8f76de6095e6979d7ad70ecc61e058f8
c0ce3eb1cadfad109690991cadef39ac3ba32ff1
718211968594fb71f36b11f32be347698b14c7ecd3cce75554ee55cff5cc5473
GET /p?cid=323546&cb=sifi_att_42656._hp HTTP/1.1
Host: i.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 13 Apr 2023 20:13:20 GMT
content-type: application/javascript; charset=UTF-8
set-cookie: suid=5CD2D4BAE13B45758512A9739CC0CC93; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:20 GMT; SameSite=none; Secure;
suid_legacy=5CD2D4BAE13B45758512A9739CC0CC93; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:20 GMT; Secure;
uid_syncd=true; path=/; expires=Thu, 20 Apr 2023 20:13:20 GMT; domain=.simpli.fi; secure
uid_syncd_secure=true; path=/; expires=Thu, 20 Apr 2023 20:13:20 GMT; domain=.simpli.fi; samesite=none; secure
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache, no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2
track.hubspot.com/__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3046474533&v=1.1&a=5627136&ct=standard-page&rcu=https%3A%2F%2Fwww.usbfund.com%2F&pu=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413&t=US+Business+Funding+-+Equipment+Financing+and+Working+Capital+Loans&cts=1681416854612&vi=d49e51c263a56174d6fbf98f4d680d2e&nc=true&u=152200550.d49e51c263a56174d6fbf98f4d680d2e.1681416854610.1681416854610.1681416854610.1&b=152200550.1.1681416854610&cc=15
104.19.154.83200 OK 45 B URL GET HTTP/2 track.hubspot.com/__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3046474533&v=1.1&a=5627136&ct=standard-page&rcu=https%3A%2F%2Fwww.usbfund.com%2F&pu=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413&t=US+Business+Funding+-+Equipment+Financing+and+Working+Capital+Loans&cts=1681416854612&vi=d49e51c263a56174d6fbf98f4d680d2e&nc=true&u=152200550.d49e51c263a56174d6fbf98f4d680d2e.1681416854610.1681416854610.1681416854610.1&b=152200550.1.1681416854610&cc=15
IP 104.19.154.83:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerCloudflare, Inc.
Subjecthubspot.com
Fingerprint3C:BA:BA:9A:BA:DB:73:C8:7B:C2:5D:05:8C:BB:9C:D8:8D:D9:D4:19
ValiditySun, 05 Feb 2023 00:00:00 GMT - Mon, 05 Feb 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash c8817d472077ebfc04593c1fa019d32d
e1e86f41c86c7b9cd2e8b76c6a925a1a3e7e3247
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
GET /__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3046474533&v=1.1&a=5627136&ct=standard-page&rcu=https%3A%2F%2Fwww.usbfund.com%2F&pu=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413&t=US+Business+Funding+-+Equipment+Financing+and+Working+Capital+Loans&cts=1681416854612&vi=d49e51c263a56174d6fbf98f4d680d2e&nc=true&u=152200550.d49e51c263a56174d6fbf98f4d680d2e.1681416854610.1681416854610.1681416854610.1&b=152200550.1.1681416854610&cc=15 HTTP/1.1
Host: track.hubspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 13 Apr 2023 20:13:21 GMT
content-type: image/gif
content-length: 45
cf-ray: 7b765e7ddde9b4ff-OSL
cache-control: no-cache, no-store, no-transform
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-hubspot-correlation-id: fa209ea5-6f34-42a6-af76-bc33365224c0
x-robots-tag: none
set-cookie: __cf_bm=G65rPv4zy1UzDGHSOcUZmM9HJGkVaJq0nN8DaechkAk-1681416801-0-AQkzrhDBPkYwW9i3cQb+Lcoi2qimaMEQpRfNdblUlomJEVaXnHkutrQnYjR0wsnXpGZKm0ebJZwjeHOfc76bd88=; path=/; expires=Thu, 13-Apr-23 20:43:21 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkL0V2tQK6CIbEDzZ%2BgT00wq5mccAekrnlFdt0mEVEBF0pJgJfR7aWwuoo%2FQK9vOSrZ0ZskAsFH%2F8GDmWyAJh7wnXTUjGS7BK2ZgfiflzVN%2FwVobzprjxkWOqsWkpBNsI3kP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=w89gs5rw4du
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint76:06:6A:AA:FB:72:F8:BA:90:67:2F:91:97:14:FB:68:D0:65:E9:22
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Apr 2023 13:07:04 GMT
expires: Thu, 11 Apr 2024 13:07:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 111977
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
207.137.0.213200 OK 6.5 kB URL GET HTTP/2 www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
IP 207.137.0.213:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (540), with CRLF line terminators
Hash 4a75d28292e0a84882afacf21da245fd
070df3fa0c7439b8aa15089dbf34108dee80f2d7
b421942fc5e48754fecf3b6534d96491e8f76474fc2e30c6e1c7298dfacd1881
GET /companywidget.aspx?ID=100094667&WidgetType=1 HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=ggkzelgdbdna0ukphfteqw3y; path=/; secure; HttpOnly; SameSite=Lax
date: Thu, 13 Apr 2023 20:13:20 GMT
content-length: 6465
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/webworker.js?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw
142.250.74.164200 OK 112 B URL GET HTTP/3 www.google.com/recaptcha/api2/webworker.js?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw
IP 142.250.74.164:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=w89gs5rw4du
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBC:12:A9:4C:44:2A:9A:A2:F3:90:FC:9B:BD:52:91:4C:61:A4:7C:CD
ValidityMon, 20 Mar 2023 08:22:16 GMT - Mon, 12 Jun 2023 08:22:15 GMT
File type ASCII text, with no line terminators
Hash 8771b78bf8540cb0f0abd565803ec778
47cd6a15b47404961c8d0f5a1e11fe2125b46c1c
ea56675b25b1314bc82952ca08e0590788909f502ff612b300cf54cc2eea54ad
GET /recaptcha/api2/webworker.js?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=w89gs5rw4du
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
expires: Thu, 13 Apr 2023 20:13:21 GMT
date: Thu, 13 Apr 2023 20:13:21 GMT
cache-control: private, max-age=300
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
beacon.cdnma.com/apps/capture.php?p=18595&l=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413&u=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413&r=&uq=f2e85f5f-7a2c-47a3-98b9-18595f99a091&c=0&o=&ac=2c06f3f5-83c2-4a7f-924e-18595fd9e687&t=1681416853870
3.210.144.142200 OK 38 B URL GET HTTP/2 beacon.cdnma.com/apps/capture.php?p=18595&l=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413&u=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413&r=&uq=f2e85f5f-7a2c-47a3-98b9-18595f99a091&c=0&o=&ac=2c06f3f5-83c2-4a7f-924e-18595fd9e687&t=1681416853870
IP 3.210.144.142:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerAmazon
Subjectbeacon.cdnma.com
FingerprintA6:3C:0C:C6:81:F1:31:50:5F:4C:49:9F:51:4E:07:B6:95:A8:F2:AC
ValidityTue, 21 Feb 2023 00:00:00 GMT - Thu, 21 Mar 2024 23:59:59 GMT
Hash fa8146dd5348bbbea1f4107c68ace766
ff0268096074db09f4c7c9969a16bc2bc2c1eeae
af1d72e29631abf899ead5d61edba8067208b287a5470932d5a3b9d54c03be31
GET /apps/capture.php?p=18595&l=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413&u=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413&r=&uq=f2e85f5f-7a2c-47a3-98b9-18595f99a091&c=0&o=&ac=2c06f3f5-83c2-4a7f-924e-18595fd9e687&t=1681416853870 HTTP/1.1
Host: beacon.cdnma.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 13 Apr 2023 20:13:20 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
pragma: public
cache-control: max-age=1209600
expires: Thu, 27 Apr 2023 20:13:20 GMT
access-control-allow-origin: *
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/bframe?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5
142.250.74.164200 OK 1.1 kB URL GET HTTP/3 www.google.com/recaptcha/api2/bframe?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5
IP 142.250.74.164:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBC:12:A9:4C:44:2A:9A:A2:F3:90:FC:9B:BD:52:91:4C:61:A4:7C:CD
ValidityMon, 20 Mar 2023 08:22:16 GMT - Mon, 12 Jun 2023 08:22:15 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ce59b74b0673b7015f04a14bd370a6fb
3fbfdd7f42543076887675b97947ed40a46081b9
589efff74e7207f2fc7f21e6d694d7c686a528a1bfb1b790292fff97d6547c3f
GET /recaptcha/api2/bframe?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 13 Apr 2023 20:13:21 GMT
content-security-policy: script-src 'nonce-NjRDg6VFWU1h0AfuhlN_xA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1119
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/logo_48.png
216.58.211.3200 OK 2.2 kB URL GET HTTP/3 www.gstatic.com/recaptcha/api2/logo_48.png
IP 216.58.211.3:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=w89gs5rw4du
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint76:06:6A:AA:FB:72:F8:BA:90:67:2F:91:97:14:FB:68:D0:65:E9:22
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.gstatic.com
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Apr 2023 02:07:56 GMT
expires: Thu, 20 Apr 2023 02:07:56 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 65125
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
216.58.211.3200 OK 167 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
IP 216.58.211.3:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=w89gs5rw4du
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint76:06:6A:AA:FB:72:F8:BA:90:67:2F:91:97:14:FB:68:D0:65:E9:22
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
File type ASCII text, with very long lines (697)
Size 167 kB (166600 bytes)
Hash fdfdaf63d56b4a9cd6641d79f7159fdc
18b413d8b6b9f3bec32026b7e9d9f4e5e366922f
f4dba3e15f08cf0686e6d89370ed42e8a5dafc38973501f0aa6baa9b93c720f3
GET /recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.gstatic.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Apr 2023 14:23:58 GMT
expires: Fri, 12 Apr 2024 14:23:58 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 20963
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
216.58.211.3200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
IP 216.58.211.3:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=w89gs5rw4du
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint76:06:6A:AA:FB:72:F8:BA:90:67:2F:91:97:14:FB:68:D0:65:E9:22
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
File type ASCII text, with very long lines (56403), with no line terminators
Hash a42c6333a13e5376af95f46fd9c7b627
57a98e519a44915e39a0cb6f23812adfa6611e67
62bff9dd0379da44f9d7f739af671bb6b243c016b49c7146b431ae9e6b9cb41b
GET /recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.gstatic.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Apr 2023 18:10:59 GMT
expires: Thu, 11 Apr 2024 18:10:59 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
content-type: text/css
vary: Accept-Encoding
age: 93742
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
um.simpli.fi/telaria_p
35.204.158.49302 Found 142 B IP 35.204.158.49:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /telaria_p HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: openresty
date: Thu, 13 Apr 2023 20:13:21 GMT
content-type: text/html
content-length: 142
location: https://simplifi.partners.tremorhub.com/sync?UISF=53B5211409674C1B9F641F7197DBDA99
set-cookie: suid=53B5211409674C1B9F641F7197DBDA99; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; SameSite=none; Secure;
suid_legacy=53B5211409674C1B9F641F7197DBDA99; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; Secure;
expires: Wed, 12 Apr 2023 20:13:21 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
216.58.211.3200 OK 167 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
IP 216.58.211.3:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=w89gs5rw4du
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint76:06:6A:AA:FB:72:F8:BA:90:67:2F:91:97:14:FB:68:D0:65:E9:22
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
File type ASCII text, with very long lines (697)
Size 167 kB (166600 bytes)
Hash fdfdaf63d56b4a9cd6641d79f7159fdc
18b413d8b6b9f3bec32026b7e9d9f4e5e366922f
f4dba3e15f08cf0686e6d89370ed42e8a5dafc38973501f0aa6baa9b93c720f3
GET /recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.gstatic.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Apr 2023 14:23:58 GMT
expires: Fri, 12 Apr 2024 14:23:58 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 20963
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
um.simpli.fi/freewheel
35.204.158.49200 OK 43 B IP 35.204.158.49:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /freewheel HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 13 Apr 2023 20:13:21 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
set-cookie: suid=5329F3532BA34C5AB2C1E9A232ED7A28; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; SameSite=none; Secure;
suid_legacy=5329F3532BA34C5AB2C1E9A232ED7A28; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; Secure;
expires: Wed, 12 Apr 2023 20:13:21 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/dtnx
35.204.158.49302 Found 142 B IP 35.204.158.49:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /dtnx HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 13 Apr 2023 20:13:21 GMT
content-type: text/html
content-length: 142
location: https://fei.pro-market.net/engine?du=24;csync=6C70099D598C4331B912C8A8002134A9;mimetype=img;
set-cookie: suid=6C70099D598C4331B912C8A8002134A9; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; SameSite=none; Secure;
suid_legacy=6C70099D598C4331B912C8A8002134A9; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; Secure;
expires: Wed, 12 Apr 2023 20:13:21 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/exelatem
35.204.158.49302 Found 142 B IP 35.204.158.49:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /exelatem HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 13 Apr 2023 20:13:21 GMT
content-type: text/html
content-length: 142
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=2F73A3FED91E47ACA9AB705FC35DADA0&j=0
set-cookie: suid=2F73A3FED91E47ACA9AB705FC35DADA0; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; SameSite=none; Secure;
suid_legacy=2F73A3FED91E47ACA9AB705FC35DADA0; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; Secure;
expires: Wed, 12 Apr 2023 20:13:21 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/yahoo
35.204.158.49200 OK 43 B IP 35.204.158.49:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /yahoo HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 13 Apr 2023 20:13:21 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
set-cookie: suid=834E4C90CB2440F58B5C09A1D0B3DD84; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; SameSite=none; Secure;
suid_legacy=834E4C90CB2440F58B5C09A1D0B3DD84; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; Secure;
expires: Wed, 12 Apr 2023 20:13:21 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/beachfront
35.204.158.49302 Found 142 B IP 35.204.158.49:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /beachfront HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 13 Apr 2023 20:13:21 GMT
content-type: text/html
content-length: 142
location: https://sync.bfmio.com/sync?pid=141&uid=8B0D99FBCBC748EF920FD573D9751C1B
set-cookie: suid=8B0D99FBCBC748EF920FD573D9751C1B; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; SameSite=none; Secure;
suid_legacy=8B0D99FBCBC748EF920FD573D9751C1B; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; Secure;
expires: Wed, 12 Apr 2023 20:13:21 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/bluekai
35.204.158.49302 Found 142 B IP 35.204.158.49:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /bluekai HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 13 Apr 2023 20:13:21 GMT
content-type: text/html
content-length: 142
location: https://stags.bluekai.com/site/29931?id=1DC8F3C4E8084C66B3FE6220BC4425C9
set-cookie: suid=1DC8F3C4E8084C66B3FE6220BC4425C9; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; SameSite=none; Secure;
suid_legacy=1DC8F3C4E8084C66B3FE6220BC4425C9; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; Secure;
expires: Wed, 12 Apr 2023 20:13:21 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/crwdcntrl
35.204.158.49302 Found 142 B IP 35.204.158.49:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /crwdcntrl HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 13 Apr 2023 20:13:21 GMT
content-type: text/html
content-length: 142
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=40EFB6DFB4764A539AC25F27091AE8E5
set-cookie: suid=40EFB6DFB4764A539AC25F27091AE8E5; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; SameSite=none; Secure;
suid_legacy=40EFB6DFB4764A539AC25F27091AE8E5; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; Secure;
expires: Wed, 12 Apr 2023 20:13:21 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/lj_match
35.204.158.49302 Found 142 B IP 35.204.158.49:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /lj_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 13 Apr 2023 20:13:21 GMT
content-type: text/html
content-length: 142
location: https://ce.lijit.com/merge?pid=2&3pid=B662E688E5B4424FB1C4ACF7B92E4BB5
set-cookie: suid=B662E688E5B4424FB1C4ACF7B92E4BB5; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; SameSite=none; Secure;
suid_legacy=B662E688E5B4424FB1C4ACF7B92E4BB5; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; Secure;
expires: Wed, 12 Apr 2023 20:13:21 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/liveramp_match
35.204.158.49302 Found 142 B URL GET HTTP/2 um.simpli.fi/liveramp_match
IP 35.204.158.49:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /liveramp_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 13 Apr 2023 20:13:21 GMT
content-type: text/html
content-length: 142
location: https://idsync.rlcdn.com/419566.gif?partner_uid=FC12A3629C384C65BD3C164C45BEE8A9
set-cookie: suid=FC12A3629C384C65BD3C164C45BEE8A9; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; SameSite=none; Secure;
suid_legacy=FC12A3629C384C65BD3C164C45BEE8A9; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; Secure;
expires: Wed, 12 Apr 2023 20:13:21 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/spotx_match
35.204.158.49302 Found 142 B IP 35.204.158.49:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /spotx_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 13 Apr 2023 20:13:21 GMT
content-type: text/html
content-length: 142
location: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=C80D45278F7D48B0A956361C44BD6B19
set-cookie: suid=C80D45278F7D48B0A956361C44BD6B19; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; SameSite=none; Secure;
suid_legacy=C80D45278F7D48B0A956361C44BD6B19; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; Secure;
expires: Wed, 12 Apr 2023 20:13:21 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/an
35.204.158.49302 Found 142 B IP 35.204.158.49:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /an HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 13 Apr 2023 20:13:21 GMT
content-type: text/html
content-length: 142
location: https://ib.adnxs.com/setuid?entity=66&code=6357A587D6EE41CD9ECD54927982EF0E
set-cookie: suid=6357A587D6EE41CD9ECD54927982EF0E; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; SameSite=none; Secure;
suid_legacy=6357A587D6EE41CD9ECD54927982EF0E; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; Secure;
expires: Wed, 12 Apr 2023 20:13:21 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/rb_match
35.204.158.49302 Found 142 B IP 35.204.158.49:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rb_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 13 Apr 2023 20:13:21 GMT
content-type: text/html
content-length: 142
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7019A16161804DFEA2E2FFF1D863B077&expires=365
set-cookie: suid=7019A16161804DFEA2E2FFF1D863B077; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; SameSite=none; Secure;
suid_legacy=7019A16161804DFEA2E2FFF1D863B077; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; Secure;
expires: Wed, 12 Apr 2023 20:13:21 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/ox_match
35.204.158.49302 Found 142 B IP 35.204.158.49:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /ox_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 13 Apr 2023 20:13:21 GMT
content-type: text/html
content-length: 142
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=E76828B25337499AB22D18F96773C03C
set-cookie: suid=E76828B25337499AB22D18F96773C03C; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; SameSite=none; Secure;
suid_legacy=E76828B25337499AB22D18F96773C03C; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; Secure;
expires: Wed, 12 Apr 2023 20:13:21 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/triplelift
35.204.158.49302 Found 142 B IP 35.204.158.49:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /triplelift HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: openresty
date: Thu, 13 Apr 2023 20:13:21 GMT
content-type: text/html
content-length: 142
location: https://eb2.3lift.com/xuid?mid=7969&xuid=EAC5DF039FC04663A7A77DDDF830C7C7&dongle=yf3
set-cookie: suid=EAC5DF039FC04663A7A77DDDF830C7C7; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; SameSite=none; Secure;
suid_legacy=EAC5DF039FC04663A7A77DDDF830C7C7; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; Secure;
expires: Wed, 12 Apr 2023 20:13:21 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 71f53eb62e84f89a0808807f302cb8f5
ce13dc999b4a1dbebb4e78f232741340fea8d451
b6d17046413634c39e83b828e09bbf4701d590e79dfce663052fff3cd7e193ff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Apr 2023 20:13:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
um.simpli.fi/pubmatic
35.204.158.49200 OK 43 B IP 35.204.158.49:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /pubmatic HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 13 Apr 2023 20:13:21 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
set-cookie: suid=2C4B24A4438642EDAFBE46085705A5AA; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; SameSite=none; Secure;
suid_legacy=2C4B24A4438642EDAFBE46085705A5AA; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; Secure;
expires: Wed, 12 Apr 2023 20:13:21 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/tapad
35.204.158.49302 Found 142 B IP 35.204.158.49:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /tapad HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: openresty
date: Thu, 13 Apr 2023 20:13:21 GMT
content-type: text/html
content-length: 142
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=E94FB3FFFE66457C801F3CFC457C48CB
set-cookie: suid=E94FB3FFFE66457C801F3CFC457C48CB; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; SameSite=none; Secure;
suid_legacy=E94FB3FFFE66457C801F3CFC457C48CB; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; Secure;
expires: Wed, 12 Apr 2023 20:13:21 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/ad_advisor
35.204.158.49302 Found 142 B IP 35.204.158.49:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /ad_advisor HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: openresty
date: Thu, 13 Apr 2023 20:13:21 GMT
content-type: text/html
content-length: 142
location: https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=BD79844A33504055A5C8922A382DFDAB
set-cookie: suid=BD79844A33504055A5C8922A382DFDAB; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; SameSite=none; Secure;
suid_legacy=BD79844A33504055A5C8922A382DFDAB; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; Secure;
expires: Wed, 12 Apr 2023 20:13:21 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/intentiq
35.204.158.49302 Found 142 B IP 35.204.158.49:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /intentiq HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: openresty
date: Thu, 13 Apr 2023 20:13:21 GMT
content-type: text/html
content-length: 142
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=F50130C0F7B74D9E910459C18A38637A
set-cookie: suid=F50130C0F7B74D9E910459C18A38637A; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; SameSite=none; Secure;
suid_legacy=F50130C0F7B74D9E910459C18A38637A; Path=/; domain=simpli.fi; Expires=Sat, 13-Apr-24 20:13:21 GMT; Secure;
expires: Wed, 12 Apr 2023 20:13:21 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion/1026675585/?random=1681416800892&cv=7&fst=1681416800892&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
142.250.74.34302 Found 42 B URL GET HTTP/2 www.googleadservices.com/pagead/conversion/1026675585/?random=1681416800892&cv=7&fst=1681416800892&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
IP 142.250.74.34:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subjectwww.googleadservices.com
Fingerprint81:86:30:04:98:D9:D2:B3:5F:28:64:71:0F:8C:9D:F8:2F:EE:32:96
ValidityMon, 20 Mar 2023 08:25:50 GMT - Mon, 12 Jun 2023 08:25:49 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/conversion/1026675585/?random=1681416800892&cv=7&fst=1681416800892&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 13 Apr 2023 20:13:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
location: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=265154265&cv=7&fst=1681416800892&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=YWI4ZJXLF4SX6wSp_YywCQ&sscte=1&crd=
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/font-awesome.min.css
207.137.0.213200 OK 7.0 kB URL GET HTTP/2 www.checkbca.org/stylesheets/font-awesome.min.css
IP 207.137.0.213:443
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with very long lines (30837)
Hash 775375b17c16dc85854ba29bbba28807
91c2f8c2838211a85090f061340b6c0c24e763af
e05c4f03a6c957e6b769e9ac46b9b6d7f1de8f46f49fc894be7c7493aaf4e033
GET /stylesheets/font-awesome.min.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: text/css
content-encoding: gzip
last-modified: Fri, 03 Mar 2023 16:46:05 GMT
accept-ranges: bytes
etag: "80c44da5ef4dd91:0"
vary: Accept-Encoding
date: Thu, 13 Apr 2023 20:13:20 GMT
content-length: 6965
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/jquery.selectBox.css
207.137.0.213301 Moved Permanently 180 B URL GET HTTP/2 www.checkbca.org/stylesheets/jquery.selectBox.css
IP 207.137.0.213:443
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 65d99af646ca7622a01fc0d3eb7a6b6d
a6b71820c0572f17c183b5669255346947bc3492
425fea6b4acfc8c48eee414af2be035b5c77a87742cf0bb46b136d07e0c29f6a
GET /stylesheets/jquery.selectBox.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/stylesheets/jquery.selectbox.css
date: Thu, 13 Apr 2023 20:13:20 GMT
content-length: 180
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/style.css
207.137.0.213200 OK 11 kB URL GET HTTP/2 www.checkbca.org/stylesheets/style.css
IP 207.137.0.213:443
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type assembler source, Unicode text, UTF-8 text, with very long lines (548), with CRLF line terminators
Hash a3ec3a585ca53c4eaa1082ae3427a329
7f08739e149ab8dc280a05b280c31b04bfb1bd6d
1e44bca5aecfd50bff07a4df9f9bb9c524f6addd9c24bb8c463eef67798283c9
GET /stylesheets/style.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: text/css
content-encoding: gzip
last-modified: Fri, 03 Mar 2023 16:46:05 GMT
accept-ranges: bytes
etag: "80c44da5ef4dd91:0"
vary: Accept-Encoding
date: Thu, 13 Apr 2023 20:13:20 GMT
content-length: 10899
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash cb51f60fa6e867fd0b8f392ac09c5579
4d198dc19a220f776415bdecc222a1ab22700650
5dfdf4954be9bb7b18548f18c99b0a158240b7aaa48df38b539815f432bc96dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Apr 2023 20:13:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.checkbca.org/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZBAd-3g2iBrrqGpefWWgmRAZw8TONzGF-aV_9TjkbkyCvwDWnstKlAYe583il9NLzw2&t=637823077705833095
207.137.0.213200 OK 23 kB URL GET HTTP/2 www.checkbca.org/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZBAd-3g2iBrrqGpefWWgmRAZw8TONzGF-aV_9TjkbkyCvwDWnstKlAYe583il9NLzw2&t=637823077705833095
IP 207.137.0.213:443
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with CRLF line terminators
Hash 20180537e2ac64e5c60143ac90c84998
82d03de61c4dededbc9fd79d8c3a8e18d3b43744
0999cb5dfb2dcd76a944ef880be49f8e2d66fc60d00817e2b251ba0a67090cbf
GET /WebResource.axd?d=pynGkmcFUV13He1Qd6_TZBAd-3g2iBrrqGpefWWgmRAZw8TONzGF-aV_9TjkbkyCvwDWnstKlAYe583il9NLzw2&t=637823077705833095 HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: application/x-javascript
content-encoding: gzip
expires: Fri, 12 Apr 2024 10:38:19 GMT
last-modified: Tue, 08 Mar 2022 11:42:50 GMT
vary: Accept-Encoding
date: Thu, 13 Apr 2023 20:13:20 GMT
content-length: 23086
X-Firefox-Spdy: h2
www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjax.js
207.137.0.213301 Moved Permanently 188 B URL GET HTTP/2 www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjax.js
IP 207.137.0.213:443
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 6f83537ac9d2567aa0049ad8d28282d8
7e4975fe0edee16d97ab1f59dd7473a95902f30e
c614ae1fc44d88ab3555782295fd0de23f7b1062ef93e0777530a9ff2fdb2fe6
GET /Scripts/WebForms/MsAjax/MicrosoftAjax.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
date: Thu, 13 Apr 2023 20:13:20 GMT
content-length: 188
X-Firefox-Spdy: h2
www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjaxWebForms.js
207.137.0.213301 Moved Permanently 196 B URL GET HTTP/2 www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjaxWebForms.js
IP 207.137.0.213:443
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 95d708e49ef3d81c5832e354dbdafb01
ddb6aa6d1990a59c42331129fef517bb9101fad1
429e36746d58356e8d7fd50c755f2ec8de5fcf67bc3980f782eef9c14e89db18
GET /Scripts/WebForms/MsAjax/MicrosoftAjaxWebForms.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/scripts/webforms/msajax/microsoftajaxwebforms.js
date: Thu, 13 Apr 2023 20:13:20 GMT
content-length: 196
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery-3.3.1.min.js
207.137.0.213200 OK 30 kB URL GET HTTP/2 www.checkbca.org/scripts/jquery-3.3.1.min.js
IP 207.137.0.213:443
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with very long lines (65451)
Hash a263be51483c81a54aa8c85104a93e55
555a54a73531c553bd2aede6abc25c128b63312e
b2f13ad730928958c09d89e6e32bb6a227c0260d032a39ca464d998a59e57a66
GET /scripts/jquery-3.3.1.min.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Thu, 13 Apr 2023 20:13:20 GMT
content-length: 30394
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery.simplemodal.1.4.4.min.js
207.137.0.213200 OK 3.1 kB URL GET HTTP/2 www.checkbca.org/scripts/jquery.simplemodal.1.4.4.min.js
IP 207.137.0.213:443
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with very long lines (626), with CRLF, LF line terminators
Hash 487fda8eb4e12565909588706300e2fb
9224d8c027d499bb7ec852c2bf3c580e593f5d5b
664736273b9cff9b035c3c682e6ea5e1220468bf24d3199d45148b0a45e101dc
GET /scripts/jquery.simplemodal.1.4.4.min.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Thu, 13 Apr 2023 20:13:20 GMT
content-length: 3081
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery.bxslider.min.js
207.137.0.213200 OK 5.1 kB URL GET HTTP/2 www.checkbca.org/scripts/jquery.bxslider.min.js
IP 207.137.0.213:443
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with very long lines (18813)
Hash 9777aab0bd6025cd5c7ecaebd409284d
ab73cc0c1c09e58a1fa0d5bda44c313f697f14da
7b01c6335fa7c91f0b359d56158676c2553323f6e09dd01db242b0da0d104d1b
GET /scripts/jquery.bxslider.min.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Thu, 13 Apr 2023 20:13:20 GMT
content-length: 5135
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery.selectBox.js
207.137.0.213301 Moved Permanently 175 B URL GET HTTP/2 www.checkbca.org/scripts/jquery.selectBox.js
IP 207.137.0.213:443
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 46da262b5b1399dfbf30fac73e57a298
c176cf3cfa6da6a0748c497591ff3619467d6434
4089029c368f61bcc5e6be36c952e1c440e0e20475e247b8316c6ce57ea7cc99
GET /scripts/jquery.selectBox.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/scripts/jquery.selectbox.js
date: Thu, 13 Apr 2023 20:13:20 GMT
content-length: 175
X-Firefox-Spdy: h2
ocsp.usertrust.com/
104.18.32.68 472 B IP 104.18.32.68:0
Hash da2623a84259ccac2b1a0b869dce0575
2c7b07ead2a87ef90c27f73875a78ca83eb116cd
5ff46d905a7460ebdfbb16b9ba2eaa488c978eda09d1c1ee38069ad71f2335e5
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 13 Apr 2023 20:13:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 12 Apr 2023 10:10:20 GMT
Expires: Wed, 19 Apr 2023 10:10:19 GMT
Etag: "2c7b07ead2a87ef90c27f73875a78ca83eb116cd"
Cache-Control: max-age=602949,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 458
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b765e81c80a1bfa-OSL
www.checkbca.org/scripts/scripts.js
207.137.0.213200 OK 4.3 kB URL GET HTTP/2 www.checkbca.org/scripts/scripts.js
IP 207.137.0.213:443
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with CRLF line terminators
Hash 3b38a1caac14cc0685da48549e84da3b
2ce4f852dced2ddee12614640dcfeb0f3a96ae48
4e45d270791d6d30c782e95c1763ef0a1ac7b934d5cb703b651f3c6434c8b22b
GET /scripts/scripts.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 03 Mar 2023 16:46:02 GMT
accept-ranges: bytes
etag: "0184a3ef4dd91:0"
vary: Accept-Encoding
date: Thu, 13 Apr 2023 20:13:20 GMT
content-length: 4272
X-Firefox-Spdy: h2
status.geotrust.com/
192.229.221.95 471 B IP 192.229.221.95:0
Hash bdeba00cec4a4d5c1aeb5b5958253a4e
27f8694f1b06a9fea4e0506644a55135f3db8faf
86ea6664a2ff0fd1a85b6742733bb4b1bec1fa3be33711abe1ad1d25eb59a5c8
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 21
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 13 Apr 2023 20:13:21 GMT
Last-Modified: Thu, 13 Apr 2023 20:13:00 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
www.checkbca.org/images/widget_seal.png
207.137.0.213200 OK 2.7 kB URL GET HTTP/2 www.checkbca.org/images/widget_seal.png
IP 207.137.0.213:443
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash 270ad3deddbe8a845043e3d6a8000f91
3835898b5aba554e51bf8c9191b3804e7fad65a2
30f3c9000753eaaba38681a3a44471668df6f9c60258644baba4ca24cdf62c89
GET /images/widget_seal.png HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: image/png
last-modified: Sat, 09 May 2020 03:31:08 GMT
accept-ranges: bytes
etag: "ba4a5b47b225d61:0"
date: Thu, 13 Apr 2023 20:13:20 GMT
content-length: 2723
X-Firefox-Spdy: h2
sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=F50130C0F7B74D9E910459C18A38637A
143.204.55.22403 Forbidden 986 B URL GET HTTP/2 sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=F50130C0F7B74D9E910459C18A38637A
IP 143.204.55.22:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerAmazon
Subject*.intentiq.com
Fingerprint46:A5:4A:C5:1A:09:9D:13:28:87:B1:41:E6:00:C5:99:D7:93:50:FF
ValidityTue, 11 Apr 2023 00:00:00 GMT - Wed, 08 May 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2165a1ed86e654ee58c5cf67c57cbcf7
71ea88501aa8b4badd6e6009eb5bd5178a308b7d
1abec0762b6b7f3aeba8aa2b44cd73a50920e165f0813db605b0faea232a648f
GET /profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=F50130C0F7B74D9E910459C18A38637A HTTP/1.1
Host: sync.intentiq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
server: CloudFront
date: Thu, 13 Apr 2023 20:13:21 GMT
content-type: text/html
content-length: 986
x-cache: Error from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: w_zkspplP5HJDhlR_8cCtmA28cOU43SflZzH0G2AE-LT2S8tEV3-9w==
X-Firefox-Spdy: h2
fei.pro-market.net/engine?du=24;csync=6C70099D598C4331B912C8A8002134A9;mimetype=img;
107.178.240.89302 Found 0 B URL GET HTTP/2 fei.pro-market.net/engine?du=24;csync=6C70099D598C4331B912C8A8002134A9;mimetype=img;
IP 107.178.240.89:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGandi
Subject*.pro-market.net
FingerprintC2:2E:6F:6E:BF:D1:1A:5D:D3:DC:45:34:45:00:8A:4E:52:DF:CF:41
ValidityWed, 03 Aug 2022 00:00:00 GMT - Sun, 03 Sep 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /engine?du=24;csync=6C70099D598C4331B912C8A8002134A9;mimetype=img; HTTP/1.1
Host: fei.pro-market.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
anserver: gapp-eu-4.c.datonics-gcp-01.internal
set-cookie: anProfile="1+1+1f=1+1g=2+1j=57:1+rs=s+rt=5B5A2A9A+s2=(rt2li9)"; Domain=.pro-market.net; Max-Age=15552000; Path=/; Secure; SameSite=None;
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: Mon, 1 Jan 1990 0:0:0 GMT
access-control-allow-origin: *
location: https://fei.pro-market.net/engine?du=24;csync=6C70099D598C4331B912C8A8002134A9;mimetype=img;sr
content-type: image/gif
content-length: 0
date: Thu, 13 Apr 2023 20:13:20 GMT
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=E94FB3FFFE66457C801F3CFC457C48CB
34.111.113.62302 Found 0 B URL GET HTTP/2 pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=E94FB3FFFE66457C801F3CFC457C48CB
IP 34.111.113.62:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.tapad.com
Fingerprint43:9B:06:FF:B0:B9:FC:22:9E:58:89:C0:8E:9E:1D:5C:18:9F:86:56
ValidityWed, 14 Sep 2022 00:00:00 GMT - Sun, 15 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /idsync/ex/receive?partner_id=2305&partner_device_id=E94FB3FFFE66457C801F3CFC457C48CB HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 13 Apr 2023 20:13:21 GMT
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1681416801639;Expires=Mon, 12 Jun 2023 20:13:21 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=7d5ada74-da05-4ea2-be3c-667911cc6ce3;Expires=Mon, 12 Jun 2023 20:13:21 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=E94FB3FFFE66457C801F3CFC457C48CB
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
us-u.openx.net/w/1.0/sd?id=537072966&val=E76828B25337499AB22D18F96773C03C
35.244.159.8200 OK 43 B URL GET HTTP/2 us-u.openx.net/w/1.0/sd?id=537072966&val=E76828B25337499AB22D18F96773C03C
IP 35.244.159.8:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.openx.net
FingerprintB3:D3:26:58:36:02:80:41:5A:BB:FB:39:73:E8:7B:5B:CB:0A:47:1A
ValidityThu, 21 Jul 2022 00:00:00 GMT - Mon, 21 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /w/1.0/sd?id=537072966&val=E76828B25337499AB22D18F96773C03C HTTP/1.1
Host: us-u.openx.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
vary: Accept
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Thu, 13 Apr 2023 20:13:21 GMT
content-type: image/gif
content-length: 43
cache-control: private, max-age=0, no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
207.137.0.213200 OK 24 kB URL GET HTTP/2 www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
IP 207.137.0.213:443
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with very long lines (65262), with CRLF line terminators
Hash 1aa546445a52ff5e781cb1e335f445c4
a8071c7d8f7c2798100ceed7ef5842a587cc41d2
6a3e80b4cc602560e187e061ff5070fdda5c608125956f878f417b01867f6b09
GET /scripts/webforms/msajax/microsoftajax.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 03 Mar 2023 16:46:05 GMT
accept-ranges: bytes
etag: "80c44da5ef4dd91:0"
vary: Accept-Encoding
date: Thu, 13 Apr 2023 20:13:20 GMT
content-length: 24320
X-Firefox-Spdy: h2
www.checkbca.org/scripts/webforms/msajax/microsoftajaxwebforms.js
207.137.0.213200 OK 9.6 kB URL GET HTTP/2 www.checkbca.org/scripts/webforms/msajax/microsoftajaxwebforms.js
IP 207.137.0.213:443
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with very long lines (39257), with CRLF line terminators
Hash 211aa6b9096a11187131cbc6c3ab6d16
380ff6b00fc93d78031319a6d1b0e78f2a9e6017
4f1ec7256c84b77776b8c75fd59dca0c6b5560fa3a5010a290e46b6b5d8d4f5f
GET /scripts/webforms/msajax/microsoftajaxwebforms.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 03 Mar 2023 16:46:05 GMT
accept-ranges: bytes
etag: "80c44da5ef4dd91:0"
vary: Accept-Encoding
date: Thu, 13 Apr 2023 20:13:20 GMT
content-length: 9603
X-Firefox-Spdy: h2
ib.adnxs.com/setuid?entity=66&code=6357A587D6EE41CD9ECD54927982EF0E
185.89.210.141307 Redirection 0 B URL GET HTTP/1.1 ib.adnxs.com/setuid?entity=66&code=6357A587D6EE41CD9ECD54927982EF0E
IP 185.89.210.141:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.adnxs.com
Fingerprint30:E1:57:C8:5A:77:64:AE:54:99:08:F7:2B:B8:C7:F4:28:85:56:08
ValidityMon, 13 Feb 2023 00:00:00 GMT - Fri, 15 Mar 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /setuid?entity=66&code=6357A587D6EE41CD9ECD54927982EF0E HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 13 Apr 2023 20:13:21 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D6357A587D6EE41CD9ECD54927982EF0E
AN-X-Request-Uuid: 28a2773c-2699-4074-a17c-7cb87934f0c1
Set-Cookie: uuid2=7770761912283876498; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jul-2023 20:13:21 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
fei.pro-market.net/engine?du=24;csync=6C70099D598C4331B912C8A8002134A9;mimetype=img;sr
107.178.240.89200 OK 43 B URL GET HTTP/2 fei.pro-market.net/engine?du=24;csync=6C70099D598C4331B912C8A8002134A9;mimetype=img;sr
IP 107.178.240.89:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGandi
Subject*.pro-market.net
FingerprintC2:2E:6F:6E:BF:D1:1A:5D:D3:DC:45:34:45:00:8A:4E:52:DF:CF:41
ValidityWed, 03 Aug 2022 00:00:00 GMT - Sun, 03 Sep 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 968c3ad2c1183fee0bf0dd479f7904b7
1d770800ecb05eb9133f9b51620c9e4349656859
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
GET /engine?du=24;csync=6C70099D598C4331B912C8A8002134A9;mimetype=img;sr HTTP/1.1
Host: fei.pro-market.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
anserver: gapp-eu-5.c.datonics-gcp-01.internal
set-cookie: anProfile="0+1+1f=1+1g=2+1j=57:1+rs=s+rt=5B5A2A9A+s2=(rt2li9)"; Domain=.pro-market.net; Max-Age=15552000; Path=/; Secure; SameSite=None;
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: Mon, 1 Jan 1990 0:0:0 GMT
access-control-allow-origin: *
content-type: image/gif
content-length: 43
date: Thu, 13 Apr 2023 20:13:20 GMT
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
loadm.exelator.com/load/?p=204&g=2191&simid=2F73A3FED91E47ACA9AB705FC35DADA0&j=0
54.78.254.47204 No Content 0 B URL GET HTTP/2 loadm.exelator.com/load/?p=204&g=2191&simid=2F73A3FED91E47ACA9AB705FC35DADA0&j=0
IP 54.78.254.47:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.exelator.com
FingerprintC5:B4:F1:AE:77:A4:7D:13:A6:8D:E3:1D:C2:03:74:8E:7D:B3:0B:2F
ValidityWed, 08 Jun 2022 00:00:00 GMT - Sat, 10 Jun 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /load/?p=204&g=2191&simid=2F73A3FED91E47ACA9AB705FC35DADA0&j=0 HTTP/1.1
Host: loadm.exelator.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx
date: Thu, 13 Apr 2023 20:13:21 GMT
cache-control: no-cache
x-powered-by: Undertow/1
access-control-allow-credentials: true
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/jquery.selectbox.css
207.137.0.213200 OK 844 B URL GET HTTP/2 www.checkbca.org/stylesheets/jquery.selectbox.css
IP 207.137.0.213:443
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with very long lines (2823), with no line terminators
Hash ef6ac3dc00cd170fb2e40e76489dc10d
02964dcc31527690062facef2f5ca2c0cf24ea23
06e4f8e3d1d4e68a23c9fd4927304906f912307b71f80025f6b74dfe3945d813
GET /stylesheets/jquery.selectbox.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: text/css
content-encoding: gzip
last-modified: Fri, 02 Aug 2019 17:52:06 GMT
accept-ranges: bytes
etag: "0a783ff5a49d51:0"
vary: Accept-Encoding
date: Thu, 13 Apr 2023 20:13:20 GMT
content-length: 844
X-Firefox-Spdy: h2
stags.bluekai.com/site/29931?id=1DC8F3C4E8084C66B3FE6220BC4425C9
23.38.201.22200 OK 62 B URL GET HTTP/2 stags.bluekai.com/site/29931?id=1DC8F3C4E8084C66B3FE6220BC4425C9
IP 23.38.201.22:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subjectodc-pixel-prod-01.oracle.com
Fingerprint9F:83:6C:57:F9:31:F8:2B:DC:ED:6D:38:18:F5:F1:01:CF:2A:2D:E3
ValidityTue, 07 Feb 2023 00:00:00 GMT - Thu, 08 Feb 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3f386f5061436a0338a64e0910db495d
599fe4a552c991a2b3ce5a1660732bf7b21fb901
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
GET /site/29931?id=1DC8F3C4E8084C66B3FE6220BC4425C9 HTTP/1.1
Host: stags.bluekai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/gif
content-length: 62
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 13 Apr 2023 20:13:21 GMT
set-cookie: bku=blx99saimsunpvGH; Path=/; Domain=.bluekai.com; Expires=Fri, 13 Oct 2023 20:13:21 GMT; Secure; SameSite=None
bkpa=KJy9nyexd02pSUHknp/8mE1hwtkAwEaWxpCs1616HEQymeHeBMjY16jaBM/01WJeBex0BD189y93UQr7; Path=/; Domain=.bluekai.com; Expires=Fri, 13 Oct 2023 20:13:21 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery.selectbox.js
207.137.0.213200 OK 4.2 kB URL GET HTTP/2 www.checkbca.org/scripts/jquery.selectbox.js
IP 207.137.0.213:443
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type Unicode text, UTF-8 text, with very long lines (15896), with no line terminators
Hash 786f2eb7bf72098ca18b9afd6d127237
5e75cb575c23f13e064a913cbe55570670e718ab
d8a1f1df33bbe0f528bfd53be5c1388890220e54c5aaa7281b889a1e5dde3189
GET /scripts/jquery.selectbox.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Thu, 13 Apr 2023 20:13:20 GMT
content-length: 4192
X-Firefox-Spdy: h2
pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=E94FB3FFFE66457C801F3CFC457C48CB
34.111.113.62200 OK 95 B URL GET HTTP/2 pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=E94FB3FFFE66457C801F3CFC457C48CB
IP 34.111.113.62:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.tapad.com
Fingerprint43:9B:06:FF:B0:B9:FC:22:9E:58:89:C0:8E:9E:1D:5C:18:9F:86:56
ValidityWed, 14 Sep 2022 00:00:00 GMT - Sun, 15 Oct 2023 23:59:59 GMT
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /idsync/ex/receive/check?partner_id=2305&partner_device_id=E94FB3FFFE66457C801F3CFC457C48CB HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 13 Apr 2023 20:13:21 GMT
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1681416801714;Expires=Mon, 12 Jun 2023 20:13:21 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=b24dfca7-ad30-47dd-ae6d-17c2a79ab9a9;Expires=Mon, 12 Jun 2023 20:13:21 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_3WAY_SYNCS=;Expires=Mon, 12 Jun 2023 20:13:21 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
content-type: image/png
content-length: 95
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 50be41c9e700f85f9ae04041bd924a68
4d0689249dcea9e11207da66c7f71864943117dc
8e7694bb081649b528fd8b0846ff8e231505ca591f96dc17ba3de0acf016600c
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 13 Apr 2023 20:13:21 GMT
Last-Modified: Thu, 13 Apr 2023 19:35:05 GMT
Server: ECAcc (nya/7946)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9TnEHPORWQi-YFvKNN1cm6ljiW4-cpBRKRTg-eBpbtxoaZS1VH4Vkg==
Age: 2296
ocsp.godaddy.com/
192.124.249.36 1.8 kB IP 192.124.249.36:0
Hash e11f5ccd2498716c50b14fb7e0da206b
6faa4092189adc89604ba96abc6ed6cd3344ffdf
f32deabaed1c8a9ad4ca2450d6449be472ab7128edf36a126feaff95f9921488
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 13 Apr 2023 20:13:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 12 Apr 2023 22:57:35 GMT
Expires: Thu, 13 Apr 2023 22:57:35 GMT
ETag: "6faa4092189adc89604ba96abc6ed6cd3344ffdf"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.sectigo.com/
104.18.32.68 472 B IP 104.18.32.68:0
Hash 1f1b1749164362817188fe8ae7b97ff3
1289bd65ceafbeb1f3ccfdd74e6fff63769e2497
7f362fcec0a7b5489c111d9ee68145e0a92444ccfc66695cfcbc82af74106f85
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 13 Apr 2023 20:13:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 13 Apr 2023 08:38:02 GMT
Expires: Thu, 20 Apr 2023 08:38:01 GMT
Etag: "1289bd65ceafbeb1f3ccfdd74e6fff63769e2497"
Cache-Control: max-age=562479,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b765e817e4c0b02-OSL
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 9aee81b6ae1e9bb4b0694da7401e7571
290dc8f85ce63da9f5593a3ad2238867a4e09969
bf5b3c0121db48a1aae3cf8d904e4a963de3620740967ac6c61029c2858d67bb
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=164406
Date: Thu, 13 Apr 2023 20:13:21 GMT
Etag: "64383400-1d7"
Expires: Sat, 15 Apr 2023 17:53:27 GMT
Last-Modified: Thu, 13 Apr 2023 16:55:28 GMT
Server: ECAcc (nya/79CE)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TtVFWuTCJumitJpy_xhn7YpgMHIiPkLTUOK_jBVf9-alNmQQeiPPxg==
Age: 3479
eb2.3lift.com/xuid?mid=7969&xuid=EAC5DF039FC04663A7A77DDDF830C7C7&dongle=yf3
13.248.245.213200 OK 37 B URL GET HTTP/2 eb2.3lift.com/xuid?mid=7969&xuid=EAC5DF039FC04663A7A77DDDF830C7C7&dongle=yf3
IP 13.248.245.213:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerAmazon
Subject*.3lift.com
Fingerprint09:B6:FC:60:D6:47:55:6B:81:05:F3:54:D0:88:1D:D0:6B:89:09:17
ValidityThu, 13 Apr 2023 00:00:00 GMT - Sat, 11 May 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=7969&xuid=EAC5DF039FC04663A7A77DDDF830C7C7&dongle=yf3 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 13 Apr 2023 20:13:21 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
status.geotrust.com/
192.229.221.95 471 B IP 192.229.221.95:0
Hash bdeba00cec4a4d5c1aeb5b5958253a4e
27f8694f1b06a9fea4e0506644a55135f3db8faf
86ea6664a2ff0fd1a85b6742733bb4b1bec1fa3be33711abe1ad1d25eb59a5c8
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 740
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 13 Apr 2023 20:13:21 GMT
Last-Modified: Thu, 13 Apr 2023 20:01:01 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
192.229.221.95 471 B IP 192.229.221.95:0
Hash 7c816e16a939472214b66d71ebb523d2
7a1458c59bfb1a231f2a1ab380291202a6002bde
e7a3dddc5615d2dedf6e1dbf50fa11b92b471050341c7dfca6c33cd9f9428f4c
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2221
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 13 Apr 2023 20:13:21 GMT
Last-Modified: Thu, 13 Apr 2023 19:36:20 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471
ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D6357A587D6EE41CD9ECD54927982EF0E
185.89.210.141200 OK 43 B URL GET HTTP/1.1 ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D6357A587D6EE41CD9ECD54927982EF0E
IP 185.89.210.141:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.adnxs.com
Fingerprint30:E1:57:C8:5A:77:64:AE:54:99:08:F7:2B:B8:C7:F4:28:85:56:08
ValidityMon, 13 Feb 2023 00:00:00 GMT - Fri, 15 Mar 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fsetuid%3Fentity%3D66%26code%3D6357A587D6EE41CD9ECD54927982EF0E HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 13 Apr 2023 20:13:21 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 4fdd4eaf-3e48-4b0a-b5e7-8cfc677d30e3
Set-Cookie: anj=dTM7k!M4.FE:2jUF']wIg2E>ztG033!@wnfH8KW.dG5<#Z0rsSGD8gQDMDYjqAxjqqxk8IqxfcAFp5-vDLCbhn'#9hfQ[cN(j#iP(Md+>)fy*0HaXKZ; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 12-Jul-2023 20:13:21 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
idsync.rlcdn.com/419566.gif?partner_uid=FC12A3629C384C65BD3C164C45BEE8A9
35.244.174.68451 Unavailable For Legal Reasons 0 B URL GET HTTP/2 idsync.rlcdn.com/419566.gif?partner_uid=FC12A3629C384C65BD3C164C45BEE8A9
IP 35.244.174.68:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerSectigo Limited
Subject*.rlcdn.com
FingerprintD0:53:31:E4:C7:75:D6:F0:7C:20:13:36:4F:E3:25:1B:31:C6:46:F9
ValidityThu, 02 Feb 2023 00:00:00 GMT - Sun, 03 Mar 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /419566.gif?partner_uid=FC12A3629C384C65BD3C164C45BEE8A9 HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 451 Unavailable For Legal Reasons
date: Thu, 13 Apr 2023 20:13:21 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=40EFB6DFB4764A539AC25F27091AE8E5
52.214.145.221404 Not Found 49 B URL GET HTTP/2 bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=40EFB6DFB4764A539AC25F27091AE8E5
IP 52.214.145.221:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoDaddy.com, Inc.
Subject*.crwdcntrl.net
Fingerprint5F:53:E0:8F:2E:A1:EB:73:53:BF:DC:31:F0:05:6F:B1:74:A4:3A:84
ValiditySun, 01 May 2022 07:09:18 GMT - Fri, 02 Jun 2023 07:09:18 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 56398e76be6355ad5999b262208a17c9
a1fdee122b95748d81cee426d717c05b5174fe96
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
GET /map/c=7625/tp=SIMP/tpid=40EFB6DFB4764A539AC25F27091AE8E5 HTTP/1.1
Host: bcp.crwdcntrl.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Thu, 13 Apr 2023 20:13:21 GMT
content-type: image/gif
content-length: 49
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.4.14
access-control-allow-origin: *
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7019A16161804DFEA2E2FFF1D863B077&expires=365
213.19.162.90204 No Content 0 B URL GET HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7019A16161804DFEA2E2FFF1D863B077&expires=365
IP 213.19.162.90:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.rubiconproject.com
FingerprintC4:52:9D:E4:75:90:A8:C8:8C:00:C5:77:37:65:3B:CD:61:A4:31:25
ValiditySun, 05 Mar 2023 00:00:00 GMT - Wed, 03 Apr 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6286&nid=2132&put=7019A16161804DFEA2E2FFF1D863B077&expires=365 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: deb9f124eecce7a554c70ca983265c95
Content-Type: image/gif
sync.search.spotxchange.com/partner?adv_id=7797&uid=C80D45278F7D48B0A956361C44BD6B19
185.94.180.125302 Found 0 B URL GET HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7797&uid=C80D45278F7D48B0A956361C44BD6B19
IP 185.94.180.125:443
ASN #35220 SpotXchange, INC
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.search.spotxchange.com
Fingerprint0F:7C:3E:72:2A:7D:5A:A1:F7:57:61:45:0B:8A:AA:67:AA:C3:71:92
ValidityMon, 02 May 2022 00:00:00 GMT - Tue, 09 May 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?adv_id=7797&uid=C80D45278F7D48B0A956361C44BD6B19 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 13 Apr 2023 20:13:21 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=a378dc3a-da37-11ed-94ad-1ee5b9e10306; expires=Thu, 11-May-2023 20:13:21 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?adv_id=7797&uid=C80D45278F7D48B0A956361C44BD6B19&__user_check__=1&sync_id=a378dca9-da37-11ed-94ad-1ee5b9e10306
X-fe: 113
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?adv_id=7797&uid=C80D45278F7D48B0A956361C44BD6B19&__user_check__=1&sync_id=a378dca9-da37-11ed-94ad-1ee5b9e10306
185.94.180.125200 OK 43 B URL GET HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7797&uid=C80D45278F7D48B0A956361C44BD6B19&__user_check__=1&sync_id=a378dca9-da37-11ed-94ad-1ee5b9e10306
IP 185.94.180.125:443
ASN #35220 SpotXchange, INC
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.search.spotxchange.com
Fingerprint0F:7C:3E:72:2A:7D:5A:A1:F7:57:61:45:0B:8A:AA:67:AA:C3:71:92
ValidityMon, 02 May 2022 00:00:00 GMT - Tue, 09 May 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55fade2068e7503eae8d7ddf5eb6bd09
317496a096d6c86486a71d4521994bcd171a6bb3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
GET /partner?adv_id=7797&uid=C80D45278F7D48B0A956361C44BD6B19&__user_check__=1&sync_id=a378dca9-da37-11ed-94ad-1ee5b9e10306 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 13 Apr 2023 20:13:21 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Set-Cookie: audience=a387be5d-da37-11ed-8cfe-1ac857eb0406; expires=Thu, 11-May-2023 20:13:21 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 72
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ocsp.r2m01.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash cc580ff0f0fd8257152d673e5e8c2091
115b0e14d52831aeac60f59062975a8920d49744
b755393eefcdb9a59556fa3490f906d7b7b31e7cbc9fd41fa7ad9413498db55a
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=87466
Date: Thu, 13 Apr 2023 20:13:21 GMT
Etag: "6437059a-1d7"
Expires: Fri, 14 Apr 2023 20:31:07 GMT
Last-Modified: Wed, 12 Apr 2023 19:25:14 GMT
Server: ECAcc (nya/799C)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Q5NGrJOtizQxSf07v4-OqKrXChr2Prgl0e1ZVlwNutRLaxNYlBbDvw==
Age: 3953
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash fb2fc0df6520d6dc216e3a863bb32337
6dd51706f74bf50b72c36dbb9c23ff736f5d3dd2
fc5242c3c9b33d796b39e2db9266f194e401bfddc09c2f7932fae6cd3219839f
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=110746
Date: Thu, 13 Apr 2023 20:13:22 GMT
Etag: "64376acf-1d7"
Expires: Sat, 15 Apr 2023 02:59:08 GMT
Last-Modified: Thu, 13 Apr 2023 02:37:03 GMT
Server: ECAcc (nya/79EB)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8sI37WDNp8PyXXTKjMEuxoyxNhegtrWdJ7mmRLPCKZZMyPPIqO9WKA==
Age: 1325
ocsp.sectigo.com/
104.18.32.68 472 B IP 104.18.32.68:0
Hash 1f1b1749164362817188fe8ae7b97ff3
1289bd65ceafbeb1f3ccfdd74e6fff63769e2497
7f362fcec0a7b5489c111d9ee68145e0a92444ccfc66695cfcbc82af74106f85
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 13 Apr 2023 20:13:22 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 13 Apr 2023 08:38:02 GMT
Expires: Thu, 20 Apr 2023 08:38:01 GMT
Etag: "1289bd65ceafbeb1f3ccfdd74e6fff63769e2497"
Cache-Control: max-age=562478,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b765e845a4f0b02-OSL
sync.bfmio.com/sync?pid=141&uid=8B0D99FBCBC748EF920FD573D9751C1B
52.22.177.9204 0 B URL GET HTTP/1.1 sync.bfmio.com/sync?pid=141&uid=8B0D99FBCBC748EF920FD573D9751C1B
IP 52.22.177.9:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerAmazon
Subject*.bfmio.com
Fingerprint4F:72:43:4D:33:48:2E:A1:41:92:F0:35:4B:61:93:87:41:7D:8A:FC
ValidityFri, 17 Mar 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?pid=141&uid=8B0D99FBCBC748EF920FD573D9751C1B HTTP/1.1
Host: sync.bfmio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204
Date: Thu, 13 Apr 2023 20:13:22 GMT
Set-Cookie: __141_cid=8B0D99FBCBC748EF920FD573D9751C1B; Domain=.bfmio.com; Expires=Fri, 12-Apr-2024 20:13:22 GMT; Path=/
__io_cid=910af8c7e02be82f3002cb2a083351e7d2d3d463; Domain=.bfmio.com; Expires=Fri, 12-Apr-2024 20:13:22 GMT; Path=/
Connection: keep-alive
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 9a79741de9ee4d1ed9ae0f9dd3448991
aaa5ae4fb3be6b768f0bde3aa41ba28a43b489b1
4f755f91ff9301ba299f043be4543e71525c910c7ecc215f102d839c3090f32a
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=102529
Date: Thu, 13 Apr 2023 20:13:22 GMT
Etag: "64374d58-1d7"
Expires: Sat, 15 Apr 2023 00:42:11 GMT
Last-Modified: Thu, 13 Apr 2023 00:31:20 GMT
Server: ECAcc (nya/796A)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: K8OZnqSQwXWhQin6d6KjroiqvoOgocx485TbG6lSrmI4CPJghNbqrQ==
Age: 651
new-collect.albacross.com/e.gif?s=JSCollector%2C3.1.2&e0=pageview&ci0=c73561cd-c24e-dc9b-ced8-0af389449af8&v0=1b58da2d-a132-62c4-89e5-604f072404b7&p0=0880f408-09f3-534c-3fb6-e95f4bcf4010&u0=0880f408-09f3-534c-3fb6-e95f4bcf4010&c0=89342177&t0=1681416853308&ur0=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413&ti0=US%20Business%20Funding%20-%20Equipment%20Financing%20and%20Working%20Capital%20Loans&re0=1280&re0=1024&o0=landscape-primary&us0=bayengage&um0=campaign-email&uca0=sales-0413
54.171.3.122200 OK 37 B URL GET HTTP/2 new-collect.albacross.com/e.gif?s=JSCollector%2C3.1.2&e0=pageview&ci0=c73561cd-c24e-dc9b-ced8-0af389449af8&v0=1b58da2d-a132-62c4-89e5-604f072404b7&p0=0880f408-09f3-534c-3fb6-e95f4bcf4010&u0=0880f408-09f3-534c-3fb6-e95f4bcf4010&c0=89342177&t0=1681416853308&ur0=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413&ti0=US%20Business%20Funding%20-%20Equipment%20Financing%20and%20Working%20Capital%20Loans&re0=1280&re0=1024&o0=landscape-primary&us0=bayengage&um0=campaign-email&uca0=sales-0413
IP 54.171.3.122:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerAmazon
Subject*.albacross.com
FingerprintEB:C6:D6:DD:E2:5E:42:FA:AE:43:29:46:0C:D5:23:D2:78:35:E7:3F
ValidityMon, 13 Feb 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 637eb2cda011678b8ccd6b5b3c6e3570
300ffa6cb3b70adc05038ef2a4e9936978459ff2
49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d
GET /e.gif?s=JSCollector%2C3.1.2&e0=pageview&ci0=c73561cd-c24e-dc9b-ced8-0af389449af8&v0=1b58da2d-a132-62c4-89e5-604f072404b7&p0=0880f408-09f3-534c-3fb6-e95f4bcf4010&u0=0880f408-09f3-534c-3fb6-e95f4bcf4010&c0=89342177&t0=1681416853308&ur0=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413&ti0=US%20Business%20Funding%20-%20Equipment%20Financing%20and%20Working%20Capital%20Loans&re0=1280&re0=1024&o0=landscape-primary&us0=bayengage&um0=campaign-email&uca0=sales-0413 HTTP/1.1
Host: new-collect.albacross.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 13 Apr 2023 20:13:22 GMT
content-type: image/gif
content-length: 37
X-Firefox-Spdy: h2
ce.lijit.com/merge?pid=2&3pid=B662E688E5B4424FB1C4ACF7B92E4BB5
216.52.2.30204 No Content 0 B URL GET HTTP/1.1 ce.lijit.com/merge?pid=2&3pid=B662E688E5B4424FB1C4ACF7B92E4BB5
IP 216.52.2.30:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoDaddy.com, Inc.
Subject*.lijit.com
FingerprintAD:D4:57:DA:85:C3:73:48:E3:EC:4F:53:18:BB:E8:AB:9C:A2:37:BD
ValidityMon, 27 Jun 2022 19:12:10 GMT - Mon, 05 Jun 2023 21:13:33 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /merge?pid=2&3pid=B662E688E5B4424FB1C4ACF7B92E4BB5 HTTP/1.1
Host: ce.lijit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Date: Thu, 13 Apr 2023 20:13:22 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Sovrn-Pod: ad_ap6ams1
ocsp.godaddy.com/
192.124.249.36 1.8 kB IP 192.124.249.36:0
Hash ae6a6b6c1ba996a92a06be0788a5d15c
17a2fb72a776025f2d5a2669203447f150c75591
4977c1ceee0da848e93c36cf4226ec666a7579e575586fc75f13f0fc67ecfecd
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 13 Apr 2023 20:13:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 13 Apr 2023 19:35:26 GMT
Expires: Fri, 14 Apr 2023 19:35:26 GMT
ETag: "17a2fb72a776025f2d5a2669203447f150c75591"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.usbfund.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.1.2
188.114.96.1200 OK 27 kB URL GET HTTP/3 www.usbfund.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.1.2
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type ASCII text, with very long lines (26634), with no line terminators
Hash 09632523583508d365ac53989de44491
0e70aa3243512a4cd4ce8a5c9501bbaea4b96469
8981d9116da859cd3792e908f416acf9c0fd94545b1190a33bfe5e4daf1d5bd2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.1.2 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2019 00:22:39 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2FfxMOuSySWAhW9aFp2s%2B0I8HKumesSsiWQzIAFzDYJR9MDZwmdTTnY%2Ba2VHbZhNLLYv1uQvty1iZzmh51wDqMxvX2pwTHsHEWDajQRcX7bQzypCSoL7jTXhsquA1Jbtmww%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b765e65f95fb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
js.hs-scripts.com/5627136.js
104.18.136.59200 OK 974 B URL GET HTTP/2 js.hs-scripts.com/5627136.js
IP 104.18.136.59:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint3B:C3:26:E0:5D:54:86:D1:67:A5:88:07:3D:EB:45:86:E2:4A:4F:5F
ValidityFri, 03 Jun 2022 00:00:00 GMT - Fri, 02 Jun 2023 23:59:59 GMT
File type ASCII text, with very long lines (1019), with no line terminators
Hash fc2b8e77e04eee75e0fd085818f09bfb
b9de656756b708c9158723af6aff460ec8aa4489
b3c0fb969f68533dd22581a076f6cbe96e5f49ce15140b087ce934eb56994822
GET /5627136.js HTTP/1.1
Host: js.hs-scripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: application/javascript;charset=utf-8
x-trace: 2B4D3A930260CE6521DE5E8FE6748B3602289D636E000000000000000000
cache-control: public, max-age=60
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 5965c17c-85f0-4ec7-aab3-076018326e60
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-origin: https://www.usbfund.com
last-modified: Wed, 12 Apr 2023 02:35:07 GMT
cf-cache-status: EXPIRED
expires: Thu, 13 Apr 2023 20:14:17 GMT
server: cloudflare
cf-ray: 7b765e66d92cb512-OSL
content-encoding: br
X-Firefox-Spdy: h2
js.hs-scripts.com/5627136.js?integration=WordPress&ver=9.2.12
104.18.136.59200 OK 974 B URL GET HTTP/2 js.hs-scripts.com/5627136.js?integration=WordPress&ver=9.2.12
IP 104.18.136.59:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint3B:C3:26:E0:5D:54:86:D1:67:A5:88:07:3D:EB:45:86:E2:4A:4F:5F
ValidityFri, 03 Jun 2022 00:00:00 GMT - Fri, 02 Jun 2023 23:59:59 GMT
File type ASCII text, with very long lines (1019), with no line terminators
Hash fc2b8e77e04eee75e0fd085818f09bfb
b9de656756b708c9158723af6aff460ec8aa4489
b3c0fb969f68533dd22581a076f6cbe96e5f49ce15140b087ce934eb56994822
GET /5627136.js?integration=WordPress&ver=9.2.12 HTTP/1.1
Host: js.hs-scripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: application/javascript;charset=utf-8
x-trace: 2B7E9F80DDB045BCCC63702E309998C0434FBB1946000000000000000000
cache-control: public, max-age=60
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 8c14e0ec-b37b-4699-8885-f9f0da33c7b2
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-origin: https://www.usbfund.com
last-modified: Wed, 12 Apr 2023 02:35:07 GMT
cf-cache-status: EXPIRED
expires: Thu, 13 Apr 2023 20:14:17 GMT
server: cloudflare
cf-ray: 7b765e66e951b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
188.114.96.1200 OK 72 kB URL User Request GET HTTP/2 www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
IP 188.114.96.1:443
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 13 Apr 2023 20:13:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://www.usbfund.com/wp-json/>; rel="https://api.w.org/", <https://www.usbfund.com/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json", <https://www.usbfund.com/>; rel=shortlink
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pfz6naHW%2FbFbokmrw1t9FS%2BshFuLgy64Z1GGhuKyeKhoVDuFHyKG0E8GkC7M1092m3978zRYOudDPxEqU2D24vEjOiuCDef2VDVpj60l7PcbAtO1vw6Pye0mlBbFv1pzmzE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b765e62c9f3b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rec.smartlook.com/es6/init.10d2c142dbe8bc4f6984.js
185.76.9.19200 OK 57 kB URL GET HTTP/2 rec.smartlook.com/es6/init.10d2c142dbe8bc4f6984.js
IP 185.76.9.19:443
ASN #60068 Datacamp Limited
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerLet's Encrypt
Subject1610534878.rsc.cdn77.org
FingerprintBB:5B:2A:E4:11:8D:C4:B8:5E:3A:2D:9D:A5:F5:F3:39:06:C3:8E:63
ValidityThu, 23 Mar 2023 00:59:41 GMT - Wed, 21 Jun 2023 00:59:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /es6/init.10d2c142dbe8bc4f6984.js HTTP/1.1
Host: rec.smartlook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 13 Apr 2023 20:13:19 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cross-origin-resource-policy: cross-origin
etag: W/"642ec42e-dd2a"
last-modified: Thu, 06 Apr 2023 13:07:58 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Accept-Encoding
server: CDN77-Turbo
x-77-nzt: AblMCQ0r/OP/FZQJAA
x-77-nzt-ray: c0a4cc2826a544c65f623864f0d4f421
x-accel-expires: @1712325066
x-cache: HIT
x-age: 627733
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.usbfund.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
188.114.96.1200 OK 19 kB URL GET HTTP/3 www.usbfund.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Cookie: _gcl_au=1.1.1481877944.1681416851
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 17 Aug 2022 11:46:13 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtD5SHgb1oqd24GEkcEIkq3EvN8JKI3bbQqILJjLyMjGwCn844qawBoK%2FAUcMpA0vIqtk2hSd6%2FIzBBJRKIgjS7IilG3Xn%2BSHmhyfYGhTf%2B05Jq9uFqMhq2BUdmvyjSo21w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b765e6a1880b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
omnisnippet1.com/forms/main.js?v=2023-04-13T20
104.18.16.174200 OK 58 kB URL GET HTTP/2 omnisnippet1.com/forms/main.js?v=2023-04-13T20
IP 104.18.16.174:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint34:DC:78:A8:0D:39:3D:C9:A7:9C:B8:55:F1:27:B3:01:7A:95:E5:BB
ValidityMon, 30 Jan 2023 00:00:00 GMT - Mon, 29 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (58147)
Hash 6977d2e95b0d6bb182d737eac7ebbc72
80d24fb54f3c7b5bcc90c02c1bc7d92a88f39110
ddc8cc29fb2a8c9843fe84af57615850b0287aaa79ef686e08de710c39668e4b
GET /forms/main.js?v=2023-04-13T20 HTTP/1.1
Host: omnisnippet1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 13 Apr 2023 20:13:18 GMT
content-type: application/javascript
last-modified: Thu, 23 Mar 2023 08:11:35 GMT
etag: W/"641c09b7-e344"
expires: Thu, 13 Apr 2023 20:08:10 GMT
cache-control: max-age=3600
x-envoy-upstream-service-time: 1
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 455
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7b765e70eb98fabc-OSL
content-encoding: br
X-Firefox-Spdy: h2
sendlane.com/js/eventing.js
104.16.167.6302 Found 0 B URL GET HTTP/2 sendlane.com/js/eventing.js
IP 104.16.167.6:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerLet's Encrypt
Subject*.sendlane.com
Fingerprint38:54:B8:09:90:3F:CD:43:4F:C7:D1:10:AB:B5:21:21:2F:ED:4D:CD
ValidityWed, 12 Apr 2023 08:56:10 GMT - Tue, 11 Jul 2023 08:56:09 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/eventing.js HTTP/1.1
Host: sendlane.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: text/html; charset=UTF-8
location: https://www.sendlane.com/js/eventing.js
cache-control: no-cache, private, max-age=0
x-frame-options: *
x-ratelimit-limit: 480
x-ratelimit-remaining: 479
expires: Thu, 13 Apr 2023 20:13:17 GMT
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b765e671fbd0b51-OSL
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.1.2
188.114.96.1200 OK 1.8 kB URL GET HTTP/3 www.usbfund.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.1.2
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type ASCII text, with very long lines (2029), with no line terminators
Hash 632da64645041cf22c2238720bd50418
7f5d6bf47556097601bbf14f3a904f64596dc66b
28a7eff41dbc963b373a04def10d9d05489dc68daa09f8b95bf6342e55430940
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.1.2 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2019 00:22:39 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2GoBDoPUBnzB8kiUvLnJjuiTNn2RbDzjrOul%2FRwenSHSZK4iL3BNlngkN9mA5Pwvl69Knn5KoTOT5FApx49EKBby5bt%2F2QOTgwe2G6ibydQpDHpGx8GwKcutm45qpIAFF%2BY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b765e65f963b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
IP 216.58.207.227:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint76:06:6A:AA:FB:72:F8:BA:90:67:2F:91:97:14:FB:68:D0:65:E9:22
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
File type Web Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data
Hash d7b0b953a50fddaa88089b5b787cf719
2f85bc568b27659a3d6452f58f9fd7678450326d
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Apr 2023 21:19:39 GMT
expires: Thu, 11 Apr 2024 21:19:39 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
content-type: font/woff2
age: 82419
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.usbfund.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
188.114.96.1200 OK 90 kB URL GET HTTP/3 www.usbfund.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type ASCII text, with very long lines (65447)
Hash 17738318d61d394f1de8890d589afaec
f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 17 Dec 2022 14:44:25 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=unkxAZBZqzkn9yvAnJO0u%2BlUic3VN%2FnoCO%2F7x4TpRG7gBORFiJGbsQmJXf9glGvSRTY%2BGqBPo5%2FBJtFMSBxRE3PHh3hYntQaoBHileHsHV0PlES5%2FXfwRWC1r%2FuWcjOs03s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b765e65c8fbb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP 216.58.207.227:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint76:06:6A:AA:FB:72:F8:BA:90:67:2F:91:97:14:FB:68:D0:65:E9:22
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
File type Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Hash b20371a6daf29d4a1f2e85dbbf40fb20
0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 11 Apr 2023 10:31:58 GMT
expires: Wed, 10 Apr 2024 10:31:58 GMT
cache-control: public, max-age=31536000
age: 207680
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.usbfund.com/?display_custom_css=css&ver=6.1.1
188.114.96.1200 OK 1.5 kB URL GET HTTP/3 www.usbfund.com/?display_custom_css=css&ver=6.1.1
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type ASCII text, with very long lines (1581), with no line terminators
Hash b1f47076df76ba1c9462b4ca56ae90bf
247a3fcc494a83c987814734a29b57521bd26571
f18db6837ba149c8d32f9c0072c09859c0fa4ba5c136745cf9747f2d467c5b30
GET /?display_custom_css=css&ver=6.1.1 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: text/css;charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BbGFKGW4j4uQYfLFKwUOVgIf6CKPpx1foryI3vvztJa6PA%2BnduHZzeBJxOvBVyjx82nrTogkRAV6y8EI3n%2F8YHwPPBYMre9Pij7id7jnPJwlfG15uPjivSnx60aRT8HYr6c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b765e65b8e8b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
munchkin.marketo.net/munchkin.js
88.221.99.189200 OK 1.3 kB URL GET HTTP/1.1 munchkin.marketo.net/munchkin.js
IP 88.221.99.189:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subject*.marketo.net
FingerprintC6:C2:4C:D3:C1:CA:89:26:8F:42:81:08:D4:93:23:EE:6E:A7:D3:F0
ValidityMon, 06 Feb 2023 00:00:00 GMT - Mon, 05 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (1293), with no line terminators
Hash 2296c446a4e5393c3cae927d8d84581c
3578c2a47ae2db97e42ec88528ccfed9dd336cc4
38bd4231fceb0fc5d7a3077d9bd5eb6a7f978895b3f64d3cbfb9022908f4da04
GET /munchkin.js HTTP/1.1
Host: munchkin.marketo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 13 Apr 2023 20:13:19 GMT
Content-Length: 729
Connection: keep-alive
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
js.hs-analytics.net/analytics/1681416600000/5627136.js
104.16.136.206200 OK 66 kB URL GET HTTP/2 js.hs-analytics.net/analytics/1681416600000/5627136.js
IP 104.16.136.206:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF8:FF:A7:86:85:79:73:9A:AA:35:3B:EF:66:02:AF:E3:03:26:0D:62
ValidityMon, 13 Jun 2022 00:00:00 GMT - Tue, 13 Jun 2023 23:59:59 GMT
File type ASCII text, with very long lines (64828)
Hash f855ea2da3856fb56f309899824bb28f
1a1fc5496e1fc0b6b4402c6efa644ab13020341f
086a8e0f9978a45333e96af6ac02dd0018955ef6423ae65cf1837e73c0a542f5
GET /analytics/1681416600000/5627136.js HTTP/1.1
Host: js.hs-analytics.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 13 Apr 2023 20:13:19 GMT
content-type: text/javascript
x-amz-id-2: vkGKmZxGojX2Cx7iwt+2OfnYkkevO8ijoL8YizQWOovRnXULE3DWTQbtcnmPxuN0OSFQLGmJ8IA=
x-amz-request-id: QX0FCFZM8KCSTPHX
last-modified: Thu, 13 Apr 2023 14:52:57 GMT
etag: W/"f855ea2da3856fb56f309899824bb28f"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: null
access-control-allow-credentials: false
vary: origin, Accept-Encoding
expires: Thu, 13 Apr 2023 20:18:19 GMT
cf-cache-status: MISS
server: cloudflare
cf-ray: 7b765e73fcfdb4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
simplifi.partners.tremorhub.com/sync?UISF=53B5211409674C1B9F641F7197DBDA99
34.202.211.36200 OK 43 B URL GET HTTP/2 simplifi.partners.tremorhub.com/sync?UISF=53B5211409674C1B9F641F7197DBDA99
IP 34.202.211.36:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerAmazon
Subject*.tremorhub.com
Fingerprint7C:E5:19:4C:66:2B:05:92:BD:19:F8:B8:A5:D7:48:5B:36:BC:26:AE
ValidityWed, 22 Feb 2023 00:00:00 GMT - Sat, 23 Mar 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /sync?UISF=53B5211409674C1B9F641F7197DBDA99 HTTP/1.1
Host: simplifi.partners.tremorhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 13 Apr 2023 20:13:22 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
rec.smartlook.com/recorder.js
185.76.9.19200 OK 3.7 kB URL GET HTTP/2 rec.smartlook.com/recorder.js
IP 185.76.9.19:443
ASN #60068 Datacamp Limited
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerLet's Encrypt
Subject1610534878.rsc.cdn77.org
FingerprintBB:5B:2A:E4:11:8D:C4:B8:5E:3A:2D:9D:A5:F5:F3:39:06:C3:8E:63
ValidityThu, 23 Mar 2023 00:59:41 GMT - Wed, 21 Jun 2023 00:59:40 GMT
File type Unicode text, UTF-8 text, with very long lines (3804), with no line terminators
Hash 34bd983013df2d9c36224e254cd9380c
8b8777ef57d3311cfbaaf9d5b8241faffe3b53a8
5c4680eb710d5dac6071063d68b14a3ea649d62ed51e44f52f218175a6a42277
GET /recorder.js HTTP/1.1
Host: rec.smartlook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 13 Apr 2023 20:13:19 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600
cross-origin-resource-policy: cross-origin
etag: W/"642ec42e-e93"
last-modified: Thu, 06 Apr 2023 13:07:58 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Accept-Encoding
server: CDN77-Turbo
x-77-nzt: AblMCQ03tXX/mwEAAA
x-77-nzt-ray: c0a4cc28cbae3bc35f62386498658115
x-accel-expires: @1681416988
x-cache: HIT
x-age: 411
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/plugins/formidable/css/formidableforms.css
188.114.96.1200 OK 104 kB URL GET HTTP/3 www.usbfund.com/wp-content/plugins/formidable/css/formidableforms.css
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type ASCII text, with very long lines (65436)
Size 104 kB (103970 bytes)
Hash 399af443c8387c8a98213f936add60f4
e9e2dca0ad4644058ec16d236db729c3026610a9
b51be19b9fba0cc27bbaa03bc6ba7b6203f5960ec2aefb5bc8e49ff514079e45
GET /wp-content/plugins/formidable/css/formidableforms.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 14 Jan 2023 13:08:34 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RFIJTCAQ%2FsKqYpLmfFdUY8vNiKu8eqMJKmit%2FHMdHmSMRvPV2%2FAKZnSMewvlMvC%2F1sg06j7rNmvTU2LK2CX2bXmRwyQt7ezsrSsyUkXqyGlA0FrBNKbjaM%2B8Nrkb8G86Nk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b765e65b8d6b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/themes/usb/js/site.js
188.114.96.1200 OK 14 kB URL GET HTTP/3 www.usbfund.com/wp-content/themes/usb/js/site.js
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
Hash 6212e4057adf8e6db12e88fe58d538f7
7f426f3ecabb81d52301a6eb63298ec8c76e1b8a
9b6b321e5076cc4ff7eb721e702e4f51560659eb0af3876d8268019592c8b39c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/usb/js/site.js HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2019 00:35:52 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3L6ez0%2Fk7nOWZMH327mOimMDgY2eIWGCjYr%2Bfgvfdt0riymD5d7Eg1AZ6j%2B%2BTk454WlWnveTROp1uzKgg8TBPc04R4pZJGrddjGjSzonNpcEXNJj5PMFnXLIGyJX8AD%2FsZo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b765e65f966b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.210200 OK 13 kB URL GET HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.210:443
ASN #20940 Akamai International B.V.
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerDigiCert Inc
Subjectsnap.licdn.com
FingerprintC5:08:87:7C:56:2D:12:22:84:85:35:3B:B2:1C:B5:4D:DA:F1:3A:64
ValidityWed, 01 Feb 2023 00:00:00 GMT - Wed, 31 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (13351)
Hash b846c9d158853dd4aa95d3d7407ed8bb
2cf0eb02a22e8bd80d19a50a84593420d777d5db
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=81094
date: Thu, 13 Apr 2023 20:13:19 GMT
content-length: 4777
x-content-type-options: nosniff
x-cdn: AKAM
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=57559cd10000ff00058effd9
143.204.55.101200 OK 15 kB URL GET HTTP/2 widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=57559cd10000ff00058effd9
IP 143.204.55.101:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintED:01:2E:50:4C:98:9B:F1:34:D7:8C:1E:93:45:E6:05:00:3C:47:86
ValidityThu, 02 Feb 2023 00:00:00 GMT - Sat, 02 Mar 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13396)
Hash a14ca16dcf08b1eb1de1175abdcd3cda
da20904985aa00a1c013374b861fc4c1469ac057
71cd0f30593ec11e666de6f9e0073737e3f29f0fdcd393dc92d0238c77a703de
GET /trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=57559cd10000ff00058effd9 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 3451
last-modified: Tue, 21 Mar 2023 10:45:41 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Thu, 13 Apr 2023 20:13:18 GMT
cache-control: max-age=86400
etag: "ec8997a01685f3d46f7e65c853a558f4"
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: msEmu9vRhL6uweKc6EDNHVupQkuOf78vkhnGNbEmoeAsBkXr8bWZpA==
age: 85610
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/plugins/gravityforms/css/formsmain.min.css
188.114.96.1200 OK 69 kB URL GET HTTP/3 www.usbfund.com/wp-content/plugins/gravityforms/css/formsmain.min.css
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2d014e46f726ff499e976d539f36d59f
6464b434806b7fde0153341b68cef2c9a8711cb6
eef7d267e775bf97baec3613f3eed5bb86b3e82062c0a868c6e3cfe262f5e93b
GET /wp-content/plugins/gravityforms/css/formsmain.min.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2019 00:22:23 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ga%2BPeIcQB4moMvQL6mN45vjPXSFV0q6yHUJwzd7cAC84EIqDDVB1NZlXPdrxY5G6aZOLVdLKpTL75aIWKDNZ1WdOalb5l8p9ydul7qWTC05PFZQ626RLh9NrNeva5RJsnIo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b765e65e94fb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
diffuser-cdn.app-us1.com/diffuser/diffuser.js
104.17.145.91200 OK 32 kB URL GET HTTP/2 diffuser-cdn.app-us1.com/diffuser/diffuser.js
IP 104.17.145.91:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerLet's Encrypt
Subjectdiffuser-cdn.app-us1.com
Fingerprint1F:0D:9E:A7:64:75:91:0A:1B:CD:9A:34:B7:53:B2:CE:6E:5A:F0:EA
ValidityMon, 10 Apr 2023 17:41:39 GMT - Sun, 09 Jul 2023 17:41:38 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /diffuser/diffuser.js HTTP/1.1
Host: diffuser-cdn.app-us1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 13 Apr 2023 20:13:18 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 18:58:37 GMT
etag: W/"613257bb316d347d9417023321c6d62f"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=300
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 554927166d10692a589190ab59950854.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P2
x-amz-cf-id: f8pkjTRsM9Sty-xGa2geI8FQ7gbWjlMXiWclAYyNvBQ4amkFmoZgJg==
cf-cache-status: HIT
age: 95
server: cloudflare
cf-ray: 7b765e6e8f6eb4ee-OSL
X-Firefox-Spdy: h2
www.usbfund.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
188.114.96.1200 OK 1.2 kB URL GET HTTP/3 www.usbfund.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type HTML document, ASCII text, with very long lines (1271), with no line terminators
Hash 40d981045a7516cdadd00e8dccc9c58d
8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3
71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c
Analyzer Verdict Alert fortinet Malware
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: application/javascript
last-modified: Thu, 06 Apr 2023 15:48:48 GMT
etag: W/"642ee9e0-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DcqLHzKiDLUkdqc7YteMzsCbCYvqRe19CbWWlk1UVVPFxD3tw7BoCVLpcsThjMiLRjzFB6X1vuH73ZIREKGuLF7pJTb3tP9PEAv4ETPk6ZgBvS7ZV3NjF7c%2FKPqG%2BnMrEBw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e65d943b517-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 15 Apr 2023 20:13:17 GMT
cache-control: max-age=172800, public
content-encoding: gzip
www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/js/tracking.min.js?ver=2.1.6.1
188.114.96.1200 OK 3.0 kB URL GET HTTP/3 www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/js/tracking.min.js?ver=2.1.6.1
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type ASCII text, with very long lines (3074), with no line terminators
Hash 2a4453477fd69facf96ba973a116acac
808a3d969d60422df7715ab09aeb1f705f6203f9
cec426ba808c7d3930bedaa09643da11490c9eb390f2111d234eee9b960ae012
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/AffiliateWP-master/assets/js/tracking.min.js?ver=2.1.6.1 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2019 00:24:33 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4d088eVbzx3kr9b4slBpec2ZDmkQUp%2BF3OCYJIpqzv8HO0CfGxrGO%2F1ILKTaaqYsZtQZvZ5qM1RQ%2BrUqwFhmyagAHbU%2BM3ukl03vsajUHT4SNpNbNWNmO3EYXZGiFkMKzM8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b765e65c8f3b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.googletagmanager.com/gtag/js?id=G-YYEX7W0G95&l=dataLayer&cx=c
142.250.74.40200 OK 226 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-YYEX7W0G95&l=dataLayer&cx=c
IP 142.250.74.40:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint3C:0B:85:94:2A:86:0A:B3:D0:9E:43:A9:87:6A:FB:56:49:9F:F6:B8
ValidityMon, 20 Mar 2023 08:17:43 GMT - Mon, 12 Jun 2023 08:17:42 GMT
File type ASCII text, with very long lines (21772)
Size 226 kB (226243 bytes)
Hash c9de1fc38dca5ac6eba9e71cdea52c85
8a182ba7a36e525c710cf296d6fa03a07ff640ca
00ffddf51b07ad93e74b54fbabc4651a16f1909d8aecf4a2c05e7b0a75c2af77
GET /gtag/js?id=G-YYEX7W0G95&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 13 Apr 2023 20:13:17 GMT
expires: Thu, 13 Apr 2023 20:13:17 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79010
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.227:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint76:06:6A:AA:FB:72:F8:BA:90:67:2F:91:97:14:FB:68:D0:65:E9:22
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 11 Apr 2023 14:36:43 GMT
expires: Wed, 10 Apr 2024 14:36:43 GMT
cache-control: public, max-age=31536000
age: 192995
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css
188.114.96.1200 OK 374 B URL GET HTTP/3 www.usbfund.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type ASCII text, with very long lines (405), with no line terminators
Hash 848471b6454d977ddfb8116bd1d05a3d
936d97b72e65a134dcb9d5b8c3766fb2efd84135
1fac9bd2a321702f464c9f719bcf5952e4991d82a781318107c9fc165ed4bacb
GET /wp-content/plugins/wp-pagenavi/pagenavi-css.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 11 Oct 2021 18:28:51 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o2dYLulJh1PfErTCWsPuI2KqYAypFfKkqIVzafW%2FOlo9TEh3D6prkj%2FltBW8szJ3sx81y0xJem5l9UTl%2FJIQeBHCUW%2FEu43xBFH7IQdCt77n1SoB1KsuVY1yxSVIIvQ%2BiN8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b765e65b8e1b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/icon-arrow-down-black.png
188.114.96.1200 OK 195 B URL GET HTTP/3 www.usbfund.com/wp-content/uploads/icon-arrow-down-black.png
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type PNG image data, 14 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash f984736b4b9dfe03bb8831a718c6a238
d95304fa5fed6fdf9020c21ece2b7e35aec4808c
4944824b4a23581a4660857551680fffd806f6fa42e3d9414fb1529ba78651b9
GET /wp-content/uploads/icon-arrow-down-black.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: _gcl_au=1.1.1481877944.1681416851; __ss=1681416851710; __ss_referrer=https%3A//www.usbfund.com/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413; _ga_YYEX7W0G95=GS1.1.1681416851.1.0.1681416851.0.0.0; _ga=GA1.1.1307571823.1681416852; wc_visitor=100980-c60d1af1-1c22-ea47-fa58-8e9a9dc568ad; wc_client=bayengage+..+campaign-email+..+sales-0413+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413+..+100980-c60d1af1-1c22-ea47-fa58-8e9a9dc568ad+..+; wc_client_current=bayengage+..+campaign-email+..+sales-0413+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413+..+100980-c60d1af1-1c22-ea47-fa58-8e9a9dc568ad+..+; IR_gbd=usbfund.com; IR_7486=1681416851847%7C0%7C1681416851847%7C%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:18 GMT
content-type: image/png
content-length: 195
last-modified: Sat, 28 Sep 2019 00:15:09 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDWgGVyp1jhm7J5Jbnzl6CGw49uAH0dYFjXR2BuVu9AX8XE98O7EbEWbYv7OFHsHr8kvZZEdgBAHtKFeBTvmKm1gf47FPy6zrfiEkJ8o7ivXiHt9XEjlZl%2BqX%2FZ7nr1qz9g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b765e6c0bf0b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
forms.soundestlink.com/REST/forms/v1/renderedForms?v=2023-04-13T20&brandID=60034c978a48f7337bc1a105&displayType=popup,embedded
104.18.31.243200 OK 2 B URL GET HTTP/3 forms.soundestlink.com/REST/forms/v1/renderedForms?v=2023-04-13T20&brandID=60034c978a48f7337bc1a105&displayType=popup,embedded
IP 104.18.31.243:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint54:B8:46:7B:76:99:67:6C:EA:5F:AD:F7:5C:7B:46:F2:95:48:76:22
ValidityTue, 24 Jan 2023 00:00:00 GMT - Wed, 24 Jan 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /REST/forms/v1/renderedForms?v=2023-04-13T20&brandID=60034c978a48f7337bc1a105&displayType=popup,embedded HTTP/1.1
Host: forms.soundestlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Origin: https://www.usbfund.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:19 GMT
content-type: application/json
content-length: 2
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=600, public
expires: Thu, 13 Apr 2023 20:23:19 GMT
last-modified: Thu, 13 Apr 2023 20:13:19 GMT
x-envoy-upstream-service-time: 2
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7b765e7189751bfa-OSL
www.usbfund.com/wp-content/plugins/gravityforms/css/browsers.min.css
188.114.96.1200 OK 7.3 kB URL GET HTTP/3 www.usbfund.com/wp-content/plugins/gravityforms/css/browsers.min.css
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type ASCII text, with very long lines (7333), with no line terminators
Hash 7c93668d52449d2bbfaeef7722f005f3
e0263c83f3e654803fa95036d410139dddc53f6a
b99dad0ffd567e9aed6cdad571817c7c18194ff768e933c9ca486da1fa8dbd44
GET /wp-content/plugins/gravityforms/css/browsers.min.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2019 00:22:25 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5YJpBHB%2B4O8%2FzFZ5eT%2BlTXgQrtOOBPe2z9vV3vo8ISDffDb9NP%2ByCJgh5DJ356pIqO4G0mO%2FB6aDaXOoWtEG%2FToXC4Dv85QiwGUDAl0shr5jj8xIY5jIaFxxHTNaaUBy1k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b765e65e94db517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
forms.soundestlink.com/REST/inShop/v1/getSettings?callback=_omnisend.setSettings&responseType=jsonp&shopHostname=www.usbfund.com&shopType=api&brandID=60034c978a48f7337bc1a105
0.0.0.0 0 B URL GET forms.soundestlink.com/REST/inShop/v1/getSettings?callback=_omnisend.setSettings&responseType=jsonp&shopHostname=www.usbfund.com&shopType=api&brandID=60034c978a48f7337bc1a105
IP 0.0.0.0:0
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint54:B8:46:7B:76:99:67:6C:EA:5F:AD:F7:5C:7B:46:F2:95:48:76:22
ValidityTue, 24 Jan 2023 00:00:00 GMT - Wed, 24 Jan 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /REST/inShop/v1/getSettings?callback=_omnisend.setSettings&responseType=jsonp&shopHostname=www.usbfund.com&shopType=api&brandID=60034c978a48f7337bc1a105 HTTP/1.1
Host: forms.soundestlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 13 Apr 2023 20:13:18 GMT
content-type: application/json
cache-control: max-age=0, s-maxage=600, public
last-modified: Thu, 13 Apr 2023 20:13:18 GMT
x-envoy-upstream-service-time: 2
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: EXPIRED
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7b765e6f6fb2b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/plugins/gravityforms/css/formreset.min.css
188.114.96.1200 OK 3.8 kB URL GET HTTP/3 www.usbfund.com/wp-content/plugins/gravityforms/css/formreset.min.css
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type ASCII text, with very long lines (3840), with no line terminators
Hash b91b0939a92c34946238d50b1d752451
ced01ef28a297ab45d494018f232dbe88a6e9f9a
784a99d40268afc0eab1bd5c2cd3f4c46e80748dd5d511b5fb53c1abf027eb24
GET /wp-content/plugins/gravityforms/css/formreset.min.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2019 00:22:28 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JKW12L4K5%2FWv1NwQjG0KGm3RE9AhFLPI%2FXxr6YYAlKo9EYJBW9dlOX9e9lN438BVeuFK38TqWb7%2BBwG3LM7g9UfT4XyjUxqiJZmXV8qzCzJAJgBMENbdiyH6qkGhLd%2BaN1I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b765e65d947b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/js/jquery.cookie.min.js?ver=1.4.0
188.114.96.1200 OK 1.7 kB URL GET HTTP/3 www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/js/jquery.cookie.min.js?ver=1.4.0
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type ASCII text, with very long lines (1717), with no line terminators
Hash 49b7ef1ea54cf2b527e45b2829d7f6db
78cdaa969d00978ab3e538934b8510a0d938b3a2
d4986bb5986eeaa9a0a011fa1aac72b285a02959644d816bc457ab0c8eeec594
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/AffiliateWP-master/assets/js/jquery.cookie.min.js?ver=1.4.0 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2019 00:24:32 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1%2BTL1XxHO505JETBP4y5bgpTuPiqcMoir3C0NzX7pGpzF3i3vp3g4qhqGoulISu%2BBATCC0vnRYtl6t7Gel3XVFLydIhmiYQ%2Fixg1rDUB%2BtIwuUn07noCzcwdRB4P9EWbao%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b765e65c8f8b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
speedyfox.io/anywhere/5f1d4e2f1d5e403592a56487267b609f40807d7ef69744e7aa045795455c9581?t=&u=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413&r=
162.242.174.138403 Forbidden 0 B URL GET HTTP/1.1 speedyfox.io/anywhere/5f1d4e2f1d5e403592a56487267b609f40807d7ef69744e7aa045795455c9581?t=&u=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413&r=
IP 162.242.174.138:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerLet's Encrypt
Subjectspeedyfox.io
Fingerprint07:09:A4:A4:F2:34:58:BA:DB:2F:7F:3E:9C:AF:C7:B8:1F:34:89:65
ValidityTue, 21 Mar 2023 00:01:32 GMT - Mon, 19 Jun 2023 00:01:31 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /anywhere/5f1d4e2f1d5e403592a56487267b609f40807d7ef69744e7aa045795455c9581?t=&u=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413&r= HTTP/1.1
Host: speedyfox.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Content-Type: application/json
Content-Length: 18
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS
X-Timing: lt=0
Date: Thu, 13 Apr 2023 20:13:21 GMT
Connection: close
ws.zoominfo.com/pixel/62e2c4ac62a6b2008e05e3be
104.16.168.82200 OK 3.4 kB URL GET HTTP/2 ws.zoominfo.com/pixel/62e2c4ac62a6b2008e05e3be
IP 104.16.168.82:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerCloudflare, Inc.
Subjectzoominfo.com
Fingerprint29:36:A2:79:5F:28:CB:5F:B6:9C:1D:E0:D1:9F:A0:E9:5E:95:59:46
ValidityTue, 04 Apr 2023 00:00:00 GMT - Wed, 03 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (3578), with no line terminators
Hash 3fc3cb984c9ce044b85d721c130041b4
d37ca654922c828bce4a9b5cdb51d0ca3d152928
61c80b53edfa5e5d7be39deda7cf1398bf9947aaccbea83dab6b4b23176b02b2
GET /pixel/62e2c4ac62a6b2008e05e3be HTTP/1.1
Host: ws.zoominfo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 13 Apr 2023 20:13:19 GMT
content-type: text/javascript
vary: Accept-Encoding
x-powered-by: Express
x-content-type-options: nosniff
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
set-cookie: visitorId=cbf08d5ba001bbaa836eb8f2ff3943a0816ec24cd79c1bf9d21098a5e2bf4c22; Max-Age=31536000; Domain=ws.zoominfo.com; Path=/; Expires=Fri, 12 Apr 2024 20:13:19 GMT; Secure; SameSite=None
__cf_bm=XvgPmtLBrDFLY1Hhm5Z2UrmzFacSL18zkTsKh1Z6HJU-1681416799-0-ATBreY9lLFcgwTbxE913IUtG73tu54Evg5lLdiP2EUHkNFsLELe6/XPNPYet/Q/pkJj0UrZjRfb8rB0v3FdfjFM=; path=/; expires=Thu, 13-Apr-23 20:43:19 GMT; domain=.zoominfo.com; HttpOnly; Secure; SameSite=None
_cfuvid=h51llO6nz40c2fBC04QvzQPdqUaonMHS.2EBhy_IaEQ-1681416799531-0-604800000; path=/; domain=.zoominfo.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7b765e73e9dffab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=57559cd10000ff00058effd9
143.204.55.101200 OK 15 kB URL GET HTTP/2 widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=57559cd10000ff00058effd9
IP 143.204.55.101:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintED:01:2E:50:4C:98:9B:F1:34:D7:8C:1E:93:45:E6:05:00:3C:47:86
ValidityThu, 02 Feb 2023 00:00:00 GMT - Sat, 02 Mar 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13396)
Hash a14ca16dcf08b1eb1de1175abdcd3cda
da20904985aa00a1c013374b861fc4c1469ac057
71cd0f30593ec11e666de6f9e0073737e3f29f0fdcd393dc92d0238c77a703de
GET /trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=57559cd10000ff00058effd9 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 3451
last-modified: Tue, 21 Mar 2023 10:45:41 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Thu, 13 Apr 2023 20:13:18 GMT
cache-control: max-age=86400
etag: "ec8997a01685f3d46f7e65c853a558f4"
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KwIhg_lpLUKI5gVnPeSLJkjPKavt4Xl12fe0QOpgy9zUV-4N_Oh1DQ==
age: 85612
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/css/forms.min.css
188.114.96.1200 OK 3.3 kB URL GET HTTP/3 www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/css/forms.min.css
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type ASCII text, with very long lines (3302), with no line terminators
Hash 4aecc8ebf1881f8c69b3946867ea0624
6272610602f7ae12b5826dfdbd4cfbdd5a9b3950
86d3e623cc9956d622c3ddfe0a836e3675241801e21381c81d47fba04ed1bd41
GET /wp-content/plugins/AffiliateWP-master/assets/css/forms.min.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2019 00:24:30 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S356Of%2BCa3v5VPLl0qYW95ogQVzycPOjaUuF0XKBk9OQ3MHZqy0JHTb8HbMezhPP3ZunEQOR4N7Yh1z0P80hVg3vNqcr23MD8J7gXOmBII7qyLtHLSBwvIh0Ekh76kztv%2Fc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b765e65b8d9b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
process.iconnode.com/google-ads/
76.223.116.242200 OK 0 B URL POST HTTP/2 process.iconnode.com/google-ads/
IP 76.223.116.242:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerAmazon
Subject*.iconnode.com
Fingerprint9B:D9:8F:2B:6E:54:34:2B:76:90:C5:C5:C7:49:BA:05:C5:D3:05:43
ValidityThu, 09 Feb 2023 00:00:00 GMT - Mon, 26 Jun 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /google-ads/ HTTP/1.1
Host: process.iconnode.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/2 200 OK
date: Thu, 13 Apr 2023 20:13:18 GMT
content-type: text/html; charset=UTF-8
content-length: 0
server: Apache/2.4.56 () OpenSSL/1.0.2k-fips PHP/7.4.33
x-powered-by: PHP/7.4.33
access-control-allow-origin: https://www.usbfund.com
access-control-allow-credentials: true
access-control-max-age: 86400
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/plugins/gravityforms/css/readyclass.min.css
188.114.96.1200 OK 32 kB URL GET HTTP/3 www.usbfund.com/wp-content/plugins/gravityforms/css/readyclass.min.css
IP 188.114.96.1:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGoogle Trust Services LLC
Subject*.usbfund.com
Fingerprint83:B4:AE:28:92:CF:56:44:C2:EE:6C:17:21:BE:ED:38:6D:00:D7:D9
ValidityTue, 14 Feb 2023 16:53:55 GMT - Mon, 15 May 2023 16:53:54 GMT
File type ASCII text, with very long lines (32180), with no line terminators
Hash e8cb782d10e0c6964b9d0b1bab063838
c82794914b3943156c8299bd069d1b02de75c90f
ec8af9acc2272ea0d0f5380ae424670a70b0bc429c3e404675f33db3c9daab22
GET /wp-content/plugins/gravityforms/css/readyclass.min.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 13 Apr 2023 20:13:17 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2019 00:22:26 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUiXsen2AGKMfwhRca1uUuIRJXR4r9McGGGXk2qXCraG%2FWNrAVcLmSJE0AlQYfJ8MNfhsGrNBR%2B1GwyrbH9GMmtzcl9t2L%2BThNerOK1CVONuucZxaLSUOOVBhhzsov06Fz8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b765e65e950b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
prism.app-us1.com/?a=224499963&u=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413
104.17.146.91200 OK 248 B URL GET HTTP/2 prism.app-us1.com/?a=224499963&u=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413
IP 104.17.146.91:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerLet's Encrypt
Subjectprism.app-us1.com
Fingerprint77:E9:1B:05:38:39:0E:7D:64:F1:A1:67:46:1D:7B:97:89:65:72:17
ValidityFri, 31 Mar 2023 15:06:08 GMT - Thu, 29 Jun 2023 15:06:07 GMT
File type ASCII text, with no line terminators
Hash a48f92665148b6241a7a191dbbb0e106
92634b226d6ed38669b07bfdd79f1dffce2eb6b6
d85e7944245455548b8ac35fcf726b6c65e582b99c3d4b8d311de7885a6bf10a
GET /?a=224499963&u=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413 HTTP/1.1
Host: prism.app-us1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 13 Apr 2023 20:13:19 GMT
content-type: application/javascript
cache-control: no-cache, private
set-cookie: prism_224499963=af62ca2a-1bf5-4fdb-8712-359a6e889222; expires=Sat, 13 May 2023 20:13:19 GMT; Max-Age=2592000; path=/; secure; httponly; samesite=none
x-envoy-upstream-service-time: 762
x-powered-by: PHP/8.1.17
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7b765e6f38a30b31-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
koi-3qnetrwct6.marketingautomation.services/koi?rf=&hn=www.usbfund.com&lg=en-US&sr=1280x1024&cd=24&vr=2.4.0&se=1681416851710&ac=KOI-41FUPAF63M&ts=1681416852&pt=0&pl=0&loc=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413&tp=page&ti=US%20Business%20Funding%20-%20Equipment%20Financing%20and%20Working%20Capital%20Loans
130.211.21.179200 OK 126 B URL GET HTTP/3 koi-3qnetrwct6.marketingautomation.services/koi?rf=&hn=www.usbfund.com&lg=en-US&sr=1280x1024&cd=24&vr=2.4.0&se=1681416851710&ac=KOI-41FUPAF63M&ts=1681416852&pt=0&pl=0&loc=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413&tp=page&ti=US%20Business%20Funding%20-%20Equipment%20Financing%20and%20Working%20Capital%20Loans
IP 130.211.21.179:443
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0413
Certificate IssuerGlobalSign nv-sa
Subject*.marketingautomation.services
FingerprintB7:49:65:C5:92:42:69:3D:A0:BB:F8:6B:B1:7D:06:FF:FF:16:AC:36
ValidityFri, 03 Jun 2022 16:56:02 GMT - Wed, 05 Jul 2023 16:56:01 GMT
File type ASCII text, with no line terminators
Hash 2daef29f5aad375009e617ca53ee292f
b59fa3a01f9b3a18a2e16bbf66fa6c9a62c80da7
24a9a2927848b6622160c6dcde63e665b639e31fd35e4908698414af6d95d34b
GET /koi?rf=&hn=www.usbfund.com&lg=en-US&sr=1280x1024&cd=24&vr=2.4.0&se=1681416851710&ac=KOI-41FUPAF63M&ts=1681416852&pt=0&pl=0&loc=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0413&tp=page&ti=US%20Business%20Funding%20-%20Equipment%20Financing%20and%20Working%20Capital%20Loans HTTP/1.1
Host: koi-3qnetrwct6.marketingautomation.services
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: koi-3qnetrwct6.marketingautomation.services
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
server: openresty
date: Thu, 13 Apr 2023 20:13:18 GMT
content-type: application/javascript
vary: Accept-Encoding
pod-hostname: koi-5995975697-pwtzq
p3p: CP='This is not a P3P policy! See https://www.constantcontact.com/legal/privacy-notice/ for more info.'
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Thu, 13 Apr 2023 20:13:18 GMT
cache-control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0
pragma: no-cache
set-cookie: koitk=202304%7C6438625ede260a7b2533bf2f; expires=Sun, 10-Apr-2033 20:13:18 GMT; Max-Age=315360000; path=/; domain=.marketingautomation.services; secure; SameSite=None
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000