email.mail.usbfund.com/c/eJw8j8uKGzEQRb-mehcjlV7thRaBQZAJSZYD2TR6lGwxbbWR1CYzXx-cGK-Kqroczk02MKN5jhNZrmfFkRuF09mGeU5RoURCk43n4ciRMHutlElKq6lYZCiYQs0NouCHIDEyNbNg_HH2kYFkF1_Ww95D3ms6xO0yrfY8xrWD-AroAN1a-jgE_0H15E90jwC6voceWwkE6KKvkVZAh1IhB3QzKn4XBeGWG4gXBNRLB_Hy-tale51L3X6Pd1Nvv-jtp_xUf759trD98N-f7fjUbGrbiVoHyXIJ1L4MiudS4z_HPrZGS6NsuTwq_dj3vSQLiMcUhcyktc8EiNOw8RKWx7j5tqCSSkzDjjqW_4DRfHz3YaWlJPt4P0_j40p3bvSXqy-nCoh_AwAA__-MO3uh
34.102.239.211302 Found 576 B URL User Request GET HTTP/1.1 email.mail.usbfund.com/c/eJw8j8uKGzEQRb-mehcjlV7thRaBQZAJSZYD2TR6lGwxbbWR1CYzXx-cGK-Kqroczk02MKN5jhNZrmfFkRuF09mGeU5RoURCk43n4ciRMHutlElKq6lYZCiYQs0NouCHIDEyNbNg_HH2kYFkF1_Ww95D3ms6xO0yrfY8xrWD-AroAN1a-jgE_0H15E90jwC6voceWwkE6KKvkVZAh1IhB3QzKn4XBeGWG4gXBNRLB_Hy-tale51L3X6Pd1Nvv-jtp_xUf759trD98N-f7fjUbGrbiVoHyXIJ1L4MiudS4z_HPrZGS6NsuTwq_dj3vSQLiMcUhcyktc8EiNOw8RKWx7j5tqCSSkzDjjqW_4DRfHz3YaWlJPt4P0_j40p3bvSXqy-nCoh_AwAA__-MO3uh
IP 34.102.239.211:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9f6c2302cd7045e29e57a157b9951ab2
a5bea9ab67dcb805608a36053deb9cc4e6129aca
f6a424710e6bb7df1c5644d93d449ddbf0f06a0fce4d35f62e221da21eda5183
Analyzer Verdict Alert fortinet Malware
GET /c/eJw8j8uKGzEQRb-mehcjlV7thRaBQZAJSZYD2TR6lGwxbbWR1CYzXx-cGK-Kqroczk02MKN5jhNZrmfFkRuF09mGeU5RoURCk43n4ciRMHutlElKq6lYZCiYQs0NouCHIDEyNbNg_HH2kYFkF1_Ww95D3ms6xO0yrfY8xrWD-AroAN1a-jgE_0H15E90jwC6voceWwkE6KKvkVZAh1IhB3QzKn4XBeGWG4gXBNRLB_Hy-tale51L3X6Pd1Nvv-jtp_xUf759trD98N-f7fjUbGrbiVoHyXIJ1L4MiudS4z_HPrZGS6NsuTwq_dj3vSQLiMcUhcyktc8EiNOw8RKWx7j5tqCSSkzDjjqW_4DRfHz3YaWlJPt4P0_j40p3bvSXqy-nCoh_AwAA__-MO3uh HTTP/1.1
Host: email.mail.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Length: 576
Content-Type: text/html
Date: Fri, 26 May 2023 17:23:03 GMT
Location: https://list.bayengage.com/subscribe/cancel/24521/82511685?_v=2&_s=JWs4FJ8inoZtk7nvOeWN4z5xIzrboMaK1685121751
X-Robots-Tag: noindex
X-Xss-Protection: 1; mode=block
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash c6092304e909aa9e763a4b2354136b54
63f1eb0dcd73106db5fd351387e5abc61b5fcabb
cb3ba6e6ee4e3741174d619837bdeef1768ac73c3298de3af89f17556598b26b
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Fri, 26 May 2023 17:23:03 GMT
Last-Modified: Fri, 26 May 2023 16:48:45 GMT
Server: ECAcc (dcb/7EC2)
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Mruwpa-NfPQIrDIP9o462UX7oZ6UtEF5qLHtdLYxYhZVlliQfTaPpA==
Age: 2058
list.bayengage.com/subscribe/cancel/24521/82511685?_v=2&_s=JWs4FJ8inoZtk7nvOeWN4z5xIzrboMaK1685121751
18.235.66.127200 OK 2.9 kB URL User Request GET HTTP/2 list.bayengage.com/subscribe/cancel/24521/82511685?_v=2&_s=JWs4FJ8inoZtk7nvOeWN4z5xIzrboMaK1685121751
IP 18.235.66.127:443
Certificate IssuerAmazon
Subject*.bayengage.com
FingerprintD9:72:D2:FF:F7:C8:E2:7C:CA:92:AA:4E:A8:FB:C2:82:88:5A:A6:70
ValidityTue, 28 Feb 2023 00:00:00 GMT - Thu, 14 Sep 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2482), with CRLF, LF line terminators
Hash dd13eb1fddeb523eb3f60cf6338f011d
8d9bcd4d996554b71b54e1aa74940f21b98dbc0a
afcf279b7fbe753c5508f5ad46016cc8e16de5528f5318ddd55e40248ec88f66
GET /subscribe/cancel/24521/82511685?_v=2&_s=JWs4FJ8inoZtk7nvOeWN4z5xIzrboMaK1685121751 HTTP/1.1
Host: list.bayengage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 May 2023 17:23:03 GMT
content-type: text/html; charset=UTF-8
content-length: 2944
server: Apache/2.4.54 (Debian)
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IjdJaURIcWMwR29RTWg4OTJXbGszckE9PSIsInZhbHVlIjoidEZZRlFoWk5kYVFuVHIvRVhidlM4amFOSjdhOHJpQytOMmRORlpGemhPV1lhaEpiMlZ5NWxGdHRYc0JCc0hvenVPZGM0OFh2UWVwekxnYUg4Sjl6QWJrekF1a08vL25HWGJQWTBuclpNQVZiMnFzbmdQakJNNm15TjBmbmQzMW8iLCJtYWMiOiI1ZDdhMGVhZTg2M2JhMGY1Mjc4Mjg5ODFkYzMzZTkwY2UyYTI2MDc2ODg2YjA2YmM3ODgyZTQ1YWQ4NDhmNmY4IiwidGFnIjoiIn0%3D; expires=Fri, 26 May 2023 19:23:03 GMT; Max-Age=7200; path=/; samesite=lax
prod_landing_pages_bayengage_session=eyJpdiI6IlNPZk9wLzVZZWFPS0YrbldIL2lKM2c9PSIsInZhbHVlIjoiWTZMU3FLTytpR1Z4ZE1IajRROGhacEdMTHBDV0FXMzBGbVR1STJDSGphYit3cW8rVDBrVjNONVFsL2hJaWNyTjF5c0JjNFlIU1VhMVEwcThCb0RGQmJkSldPclNNL2I3K09uL3U4VXRzUzd6bHlpZ1R5Z21LdzlmQjR1UzZUQm4iLCJtYWMiOiI4NDQ4OTIwYjEwMzVhZDFkMzhjM2IxNzU0ZWI0M2FhNGIxNWJhMDdlM2MwNjE3N2YxM2NlZmU5ZDIxZGM2NzE4IiwidGFnIjoiIn0%3D; expires=Fri, 26 May 2023 19:23:03 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3 472 B IP 142.250.74.3:0
Hash 8fdba15b1e036bbb416fbd6c272e5543
20193b9d3ced059164358e60bad68a0ea1bc87b9
1d3d0b81779aae77441b81abe782f4a37a1b88fd2863360de0865784279a7438
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 26 May 2023 17:23:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
142.250.74.138200 OK 31 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP 142.250.74.138:443
Requested by https://list.bayengage.com/subscribe/cancel/24521/82511685?_v=2&_s=JWs4FJ8inoZtk7nvOeWN4z5xIzrboMaK1685121751
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
File type ASCII text, with very long lines (65451)
Hash 220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://list.bayengage.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 13:53:33 GMT
expires: Sun, 19 May 2024 13:53:33 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 530971
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3 472 B IP 142.250.74.3:0
Hash eabef916764564262ad985fd27284a97
42a72e12642fe4249aa5bd8e1cc9e9db07fd7943
ffa5c8a67b8ebba1ce4e464bc7e831e998c830a78d78880f09702afae02a9d70
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 26 May 2023 17:23:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
list.bayengage.com/favicon.ico
18.235.66.127200 OK 0 B URL GET HTTP/2 list.bayengage.com/favicon.ico
IP 18.235.66.127:443
Requested by https://list.bayengage.com/subscribe/cancel/24521/82511685?_v=2&_s=JWs4FJ8inoZtk7nvOeWN4z5xIzrboMaK1685121751
Certificate IssuerAmazon
Subject*.bayengage.com
FingerprintD9:72:D2:FF:F7:C8:E2:7C:CA:92:AA:4E:A8:FB:C2:82:88:5A:A6:70
ValidityTue, 28 Feb 2023 00:00:00 GMT - Thu, 14 Sep 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: list.bayengage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://list.bayengage.com/subscribe/cancel/24521/82511685?_v=2&_s=JWs4FJ8inoZtk7nvOeWN4z5xIzrboMaK1685121751
Cookie: XSRF-TOKEN=eyJpdiI6IjdJaURIcWMwR29RTWg4OTJXbGszckE9PSIsInZhbHVlIjoidEZZRlFoWk5kYVFuVHIvRVhidlM4amFOSjdhOHJpQytOMmRORlpGemhPV1lhaEpiMlZ5NWxGdHRYc0JCc0hvenVPZGM0OFh2UWVwekxnYUg4Sjl6QWJrekF1a08vL25HWGJQWTBuclpNQVZiMnFzbmdQakJNNm15TjBmbmQzMW8iLCJtYWMiOiI1ZDdhMGVhZTg2M2JhMGY1Mjc4Mjg5ODFkYzMzZTkwY2UyYTI2MDc2ODg2YjA2YmM3ODgyZTQ1YWQ4NDhmNmY4IiwidGFnIjoiIn0%3D; prod_landing_pages_bayengage_session=eyJpdiI6IlNPZk9wLzVZZWFPS0YrbldIL2lKM2c9PSIsInZhbHVlIjoiWTZMU3FLTytpR1Z4ZE1IajRROGhacEdMTHBDV0FXMzBGbVR1STJDSGphYit3cW8rVDBrVjNONVFsL2hJaWNyTjF5c0JjNFlIU1VhMVEwcThCb0RGQmJkSldPclNNL2I3K09uL3U4VXRzUzd6bHlpZ1R5Z21LdzlmQjR1UzZUQm4iLCJtYWMiOiI4NDQ4OTIwYjEwMzVhZDFkMzhjM2IxNzU0ZWI0M2FhNGIxNWJhMDdlM2MwNjE3N2YxM2NlZmU5ZDIxZGM2NzE4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 May 2023 17:23:04 GMT
content-type: image/vnd.microsoft.icon
content-length: 0
server: Apache/2.4.54 (Debian)
last-modified: Wed, 24 May 2023 08:29:50 GMT
etag: "0-5fc6c4eaa3b80"
accept-ranges: bytes
X-Firefox-Spdy: h2