email.mail.usbfund.com/c/eJxcjstu6yAQQL8GdolgMBgWLK4U5TcsHoPjW2NHPBrl7yu3aVV1hThnNHOi9WxUPAWKlivN9aClGOnNyoCa-SA9ulFKk9CZEUbBjYthDFHRxQIDwQaugTEt4ZwYSECPDA1XRkcysOyW9dyrT32L57Bnutpba_dKxD8CVwLXx-Px2x9QXHvLU917CUjExbsnbrObkYA6RMa49EzEJbh8d8u8nfC48rLfkIhLdSvW09FHi_3v9yeWSgY2Yw6fKbXtBaeCyfLBSPX6975ESwBMDGJIqJRLSABos21r09dksyH76fW8uzKBAMFpKy68Ob_itET7F7XnHY-9P4EAHwEAAP__kjx46A
302 Found 556 B URL User Request GET HTTP/1.1 email.mail.usbfund.com/c/eJxcjstu6yAQQL8GdolgMBgWLK4U5TcsHoPjW2NHPBrl7yu3aVV1hThnNHOi9WxUPAWKlivN9aClGOnNyoCa-SA9ulFKk9CZEUbBjYthDFHRxQIDwQaugTEt4ZwYSECPDA1XRkcysOyW9dyrT32L57Bnutpba_dKxD8CVwLXx-Px2x9QXHvLU917CUjExbsnbrObkYA6RMa49EzEJbh8d8u8nfC48rLfkIhLdSvW09FHi_3v9yeWSgY2Yw6fKbXtBaeCyfLBSPX6975ESwBMDGJIqJRLSABos21r09dksyH76fW8uzKBAMFpKy68Ob_itET7F7XnHY-9P4EAHwEAAP__kjx46A
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 09b2f786575f1780885428b776487d40
f5caabf864a972df00886fe31ee02bde4e103b84
6264c311933ecf555fd06d0a5d2daf83ad263abca5f99c1c756c75a2b8ad07ff
Analyzer Verdict Alert fortinet Malware
GET /c/eJxcjstu6yAQQL8GdolgMBgWLK4U5TcsHoPjW2NHPBrl7yu3aVV1hThnNHOi9WxUPAWKlivN9aClGOnNyoCa-SA9ulFKk9CZEUbBjYthDFHRxQIDwQaugTEt4ZwYSECPDA1XRkcysOyW9dyrT32L57Bnutpba_dKxD8CVwLXx-Px2x9QXHvLU917CUjExbsnbrObkYA6RMa49EzEJbh8d8u8nfC48rLfkIhLdSvW09FHi_3v9yeWSgY2Yw6fKbXtBaeCyfLBSPX6975ESwBMDGJIqJRLSABos21r09dksyH76fW8uzKBAMFpKy68Ob_itET7F7XnHY-9P4EAHwEAAP__kjx46A HTTP/1.1
Host: email.mail.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Length: 556
Content-Type: text/html
Date: Tue, 18 Apr 2023 20:09:25 GMT
Location: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
X-Robots-Tag: noindex
X-Xss-Protection: 1; mode=block
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
200 OK 6.1 kB URL GET HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintED:01:2E:50:4C:98:9B:F1:34:D7:8C:1E:93:45:E6:05:00:3C:47:86
ValidityThu, 02 Feb 2023 00:00:00 GMT - Sat, 02 Mar 2024 23:59:59 GMT
File type Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Hash 5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
date: Tue, 18 Apr 2023 02:01:11 GMT
last-modified: Mon, 30 May 2022 14:38:02 GMT
etag: "5add60196e5f96a414fb4b9586764e5d"
x-amz-server-side-encryption: AES256
cache-control: max-age=86400
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TiDRk-HSrS_IiKPivpU3X3teUIo4eocUUdjB-8Z3d6pme-C2gBAVtA==
age: 65296
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/themes/usb/images/logo_icon.png
200 OK 2.2 kB URL GET HTTP/3 www.usbfund.com/wp-content/themes/usb/images/logo_icon.png
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type PNG image data, 53 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash 50946e7f85431c547526705a530f893f
573eff13df4dc4f2e6e0e1db1a9339d79e22ce3c
05bc3e4202452433d51079e0d6e348cb850ea55330da7786c1d5c7290d13400a
GET /wp-content/themes/usb/images/logo_icon.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:26 GMT
content-type: image/png
content-length: 2165
last-modified: Sat, 28 Sep 2019 00:36:10 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2614
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mIKaRIFA0Qy99Zm0QKUiSq%2BqiwXt7UbZqZtL9CXu7Bd8%2FV8Vj7ubROX5ZKd1tAG7ulSaG0n04zlLNB7637PYiextBfoiOMYziMpOy7JdO7aIH%2FenUoXwTLtZ71rWPI2JHYI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8ba7482fb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/themes/usb/images/logo_text.png
200 OK 6.3 kB URL GET HTTP/3 www.usbfund.com/wp-content/themes/usb/images/logo_text.png
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type PNG image data, 250 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash 198c7fed73cadb12c23066fcad4e33e8
1f2616bb88b86ec79f3ce8cbbf74b3392c0b46bc
0053eb54a0f54484a915313939d858e1844208d2d0c4b410ce30e25d9cbc09ba
GET /wp-content/themes/usb/images/logo_text.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:26 GMT
content-type: image/png
content-length: 6307
last-modified: Sat, 28 Sep 2019 00:36:10 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2614
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X0c8%2BANCJYccaXYBTHDwUx0gaLisFZV81COq5pdaWS1KgEyLWf2%2BTOQ2C4q9rMCKUks5BkyQ0lOZz9%2FmYxu5Gjc6xqP7L3kKm4k0X1XE1dTzhjmjHlFU2iTTPHJOJrTAN1c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8ba74833b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/us-business-funding-logo-small.png
200 OK 2.0 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/us-business-funding-logo-small.png
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash a5a71307aefd12c55fd16f36356f9a83
679b01f07d71f673b74fde71a5a0a9da8a8e486d
a2e02fabad9f481343e4e8050843b371e239956a637488eb7d2a9deff98245de
GET /wp-content/uploads/us-business-funding-logo-small.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:26 GMT
content-type: image/png
content-length: 2020
last-modified: Sat, 28 Sep 2019 00:14:51 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2614
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HnETTHJion3Qw359VW11kfItY%2BRBZ8Zz%2Bd25eS1q4zLPf9O9N0bZtA3HYSH%2BQ9wgbxbYLbMh1tUFv%2BTIkRql%2FuXE8D5re2BKtnRuAwfSPPwinW11RMA4%2FjaDISsALRjjnFo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8ba74835b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/icon-payment-option.png
200 OK 874 B URL GET HTTP/3 www.usbfund.com/wp-content/uploads/icon-payment-option.png
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type PNG image data, 64 x 64, 4-bit colormap, non-interlaced\012- data
Hash d6e87ed2e1cf82afa5b7b807ff1b31d7
8bfa39f75ed53a385bdf9d0d6ee23c377028426d
fc18ba7522255ecb59d36fc99887aada814f88931f32c29f0a80a63c32589731
GET /wp-content/uploads/icon-payment-option.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:26 GMT
content-type: image/png
content-length: 874
last-modified: Sat, 28 Sep 2019 00:14:43 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2614
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TkkTqKnE7LjGscZh%2BvBb0oelWC%2Bsk%2Bfuneop9rpOxSCQ9f%2FweBPaigQASJQKhf1PySZLBs1bJKGodIdDOx2itXJHFlnczKoIcHLLgUTQVtK74ixe1kJorp4womhDgHWveIg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8ba7584fb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/featured-logo-01.png
200 OK 3.3 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/featured-logo-01.png
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type PNG image data, 164 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash 30427e02eea1cec61004e2fdb293e4d2
d3ba51be6c31147f379670d59cab54ec01b3b448
32161c4a44a1dcdddeeb852e2b6eea070839630ac3a719ac79a503cfd4d3892d
GET /wp-content/uploads/featured-logo-01.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:26 GMT
content-type: image/png
content-length: 3311
last-modified: Sat, 28 Sep 2019 00:14:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2614
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3gm1KvJDxLiRGwXjCU2w6Pf3We1iT1mt5pmbtc3xl%2FO1jaAaQeIEqvVQiIijki%2F1rvYv00FbpDgISERxtgV6aHII1cBA%2Bp%2BEhpMHFKEKFuM%2BXv9QKABHAmMsiSU%2FJT7Lrk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8ba75856b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/featured-logo-04.png
200 OK 5.8 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/featured-logo-04.png
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type PNG image data, 123 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash e94a0244f1a51d7565de08744375bd07
dde753e74a85c5f094dda6661ada486fdae50422
47bff975ef1626c064613532b237bd114911cdc835effdccb0d124c1432c17b2
GET /wp-content/uploads/featured-logo-04.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:26 GMT
content-type: image/png
content-length: 5757
last-modified: Sat, 28 Sep 2019 00:15:18 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2614
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPHhClKr3YUy8V6FBcAkkEMvdHNK8dSv4jgo%2FoXTuWmWhmNHpXD9ADGuFD5gCIC%2Frt2KMd7%2BMJUZIdUMS5GNuG29xslPls2yoMCLPSQYJlyBKMqjhxtiRA7BCDxn1mYfkF0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8ba75861b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/featured-logo-02.png
200 OK 5.8 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/featured-logo-02.png
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type PNG image data, 93 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash d2bfb41e522705be8e4a48895b996bca
df2507b75f1c0362bd168ea7ecf829f11469a926
968570479e59e9ff339d5c1d25e4c15011f8cb5ad243776b8cf62f51d28b0903
GET /wp-content/uploads/featured-logo-02.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:26 GMT
content-type: image/png
content-length: 5795
last-modified: Sat, 28 Sep 2019 00:13:58 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2614
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HValsVEyxfjHv3gYT37RS4iYvP3lKzmQaA4zRP8M10WViiWKXGsa1A8KIe5C5mA02Zh4eG173u3dIXl1yP9dZxxomwyyBu5zTDz7%2BLoUqDjNo10v4xiUFeyw5nW4I9%2Fu8bQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8ba75862b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/featured-logo-03.png
200 OK 3.8 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/featured-logo-03.png
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type PNG image data, 83 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash ea461093328a47d28ed34df6be0ad850
5fad4dd9e9daea5b1cac739624cbd673c20fe7c2
37ea654d17c80dfb22d0ad091907b6d4009c76c4671728321fd51376a8df7cce
GET /wp-content/uploads/featured-logo-03.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:26 GMT
content-type: image/png
content-length: 3840
last-modified: Sat, 28 Sep 2019 00:15:13 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2614
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4VCmOR2U2salFcxVSytmBIn3dfW0cN7CV8L3H64kXX9vS4hj3IkIUNZuqBneESxahvOmACQKWV6U6EllZocT21dGO%2FbVJYhywKezHUiSeI7I%2BDDcYwj3ZupDKo8otqOQ6Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8ba75860b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/icon-trust.png
200 OK 852 B URL GET HTTP/3 www.usbfund.com/wp-content/uploads/icon-trust.png
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type PNG image data, 64 x 64, 4-bit colormap, non-interlaced\012- data
Hash b717e782e85bd9f42d54ae002213b1c0
5eded8f0286e2872fb084e77126590241b50bd73
2e5819985db070ee25e744ee7d4c0e4733167289e9cf04c0f3790fb47f5e0a8c
GET /wp-content/uploads/icon-trust.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:26 GMT
content-type: image/png
content-length: 852
last-modified: Sat, 28 Sep 2019 00:14:21 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2614
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xPtHvFchf6fSmKt2nS3qGH5qhaRVD8aT76dub0PY%2Fwnjuq6MJgU%2Fl7Q%2BqxPyDyGxgKYTX4Yjq3Y%2BF2bx0o2lXBHhinBEYamJ4C9Foe06JvmwlXGtnjqmBpiAPKx4VTAVX7U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8ba7585cb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/featured-logo-05.png
200 OK 3.7 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/featured-logo-05.png
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type PNG image data, 135 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash 646b30b6704a2457b04bb12da4144c97
acadca7b80819db2100f2cf8341acdf47a2eb773
b6e64d31c4f5ab917ad1cddfe7fa745e7c4bfc2d5af33cfdaa8130eb14247bc8
GET /wp-content/uploads/featured-logo-05.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:26 GMT
content-type: image/png
content-length: 3721
last-modified: Sat, 28 Sep 2019 00:15:03 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2614
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XAiZ0VCJoLhALcG5dV8QpVMRuDjJdVOFArepNXvaALaiIBMTURmV906XCVyt6%2Ffk4aYhoN1QIijYHlH9fdD8gt%2BEr1Ff3HQ%2Fvuzw1IET0z10yxuOmcaiC47fDivZAkUZKM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8ba7585eb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/featured-logo-06.png
200 OK 2.7 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/featured-logo-06.png
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type PNG image data, 175 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash b7b5570d5d29fd453a5e65063849fcb1
b07b87612c74febb32961e10ed154dc2efdf19cb
886d709e142c957b0d93269a57fccc13800907c8ab90acc1f18c8bec259d3992
GET /wp-content/uploads/featured-logo-06.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:26 GMT
content-type: image/png
content-length: 2693
last-modified: Sat, 28 Sep 2019 00:14:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2614
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABwsvWIkldkcwcH11TkJNpvIKSG8sCIxuOZ8svhwYYfci%2FedjuXxKtub0EGW33vozs1%2Fc6XS%2B9g3PSxQKKapwGU7BRnZe5RT5Y9r6C9ebxKkMxk%2BrllmjDWuQh4YVJm0j6g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8ba75864b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/norton-secured.png
200 OK 3.0 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/norton-secured.png
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type PNG image data, 180 x 75, 8-bit colormap, non-interlaced\012- data
Hash 7d05b62893199c911ab6f798ec8127d2
e7dc7368c55a2fbccb17a82c1a25de39cea2907d
0b691c8e6d1b07ce3e066744ccfbf643d61f013ce51503b0a3ceb7a356562ed6
GET /wp-content/uploads/norton-secured.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:26 GMT
content-type: image/png
content-length: 3017
last-modified: Sat, 28 Sep 2019 00:14:45 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2614
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gMgODTBeTxtvYWIPJd9kHj%2BiCG0L8Yisd%2Fq%2FylvcXgoVvKpHfQKUfc0luKhshgSL78F%2FZsYwmOLX%2FucRQn228rmj7mbrAVGGr3owVo4TlsXF%2BpsTbUVAzMrH1W4q9MB1c2o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8ba75866b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
200 OK 6.1 kB URL GET HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintED:01:2E:50:4C:98:9B:F1:34:D7:8C:1E:93:45:E6:05:00:3C:47:86
ValidityThu, 02 Feb 2023 00:00:00 GMT - Sat, 02 Mar 2024 23:59:59 GMT
File type Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Hash 5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
date: Tue, 18 Apr 2023 02:01:11 GMT
last-modified: Mon, 30 May 2022 14:38:02 GMT
etag: "5add60196e5f96a414fb4b9586764e5d"
x-amz-server-side-encryption: AES256
cache-control: max-age=86400
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BLy0YmU6mCYOfOqOUEVTQaKkA52JwV1h46Ootlv-WgHjBAGTva9yGQ==
age: 65296
X-Firefox-Spdy: h2
code.jquery.com/jquery-migrate-1.2.1.js
200 OK 5.8 kB URL GET HTTP/2 code.jquery.com/jquery-migrate-1.2.1.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerSectigo Limited
Subject*.jquery.com
Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83
ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT
Hash ab50f392b13415af57f9720f4d24e981
8bee0d6d15bc0bf62197f6a33493df7494bf42c2
3c7ae468bcd5eefaf92cfac278a5a998f871e0aaa190f87b0f56fd79f93d00b7
GET /jquery-migrate-1.2.1.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-encoding: gzip
content-length: 5783
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
accept-ranges: bytes
server: nginx
etag: W/"28feccc0-40ed"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1681848567.dop225.sk1.t,1681848567.cds014.sk1.hn,1681848567.cds071.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP
Hash 8cd9aa01db60293b18dcdbae7d3721db
27cc709e8fbceb5eb651ab77c58678094a323b0b
bdb89cf524c1f48708a3b9cba1b202ee009e534603301b01d94fbafe462c28b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Apr 2023 20:09:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash 8cd9aa01db60293b18dcdbae7d3721db
27cc709e8fbceb5eb651ab77c58678094a323b0b
bdb89cf524c1f48708a3b9cba1b202ee009e534603301b01d94fbafe462c28b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Apr 2023 20:09:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash 8cd9aa01db60293b18dcdbae7d3721db
27cc709e8fbceb5eb651ab77c58678094a323b0b
bdb89cf524c1f48708a3b9cba1b202ee009e534603301b01d94fbafe462c28b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Apr 2023 20:09:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash 8cd9aa01db60293b18dcdbae7d3721db
27cc709e8fbceb5eb651ab77c58678094a323b0b
bdb89cf524c1f48708a3b9cba1b202ee009e534603301b01d94fbafe462c28b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Apr 2023 20:09:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash 43db2c964498883fd98799a8b1dc6ea4
4814b7cbb03111d02286329392d2735225df3a5c
44b1d4e6c4b4ba2f50b3344787b34e1c8100454ce01eccd79c4c949fb7491690
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Apr 2023 20:09:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
200 OK 30 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint28:74:DC:A1:79:64:AB:97:A4:EA:AB:80:90:A6:E2:B9:D4:16:79:64
ValidityTue, 28 Mar 2023 16:54:33 GMT - Tue, 20 Jun 2023 16:54:32 GMT
File type ASCII text, with very long lines (32025)
Hash 83b3b5729cdff3976db52c51831e96b8
d23dc823e37f58e5366340be755730f3fa9a850d
675fa88b39008a09994460a93b310a7d4593735009a9b24b6f176c347ad12421
GET /ajax/libs/jquery/2.1.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29725
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 14 Apr 2023 07:03:30 GMT
expires: Sat, 13 Apr 2024 07:03:30 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 392757
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-210860007-1
200 OK 45 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-210860007-1
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint0D:E0:7D:60:57:50:BA:EB:CA:6E:2A:3F:20:5B:C7:91:67:89:3F:09
ValidityTue, 28 Mar 2023 16:45:47 GMT - Tue, 20 Jun 2023 16:45:46 GMT
File type ASCII text, with very long lines (2206)
Hash d25df7813acac1b42b1f714f2232d99a
4c678d5e1276f706212ffae00bd0674fe5f14f33
b98a7ae64dc245fb6bf617363e86dccae1ee7a838cb605d69f06c52b7e21ebd0
GET /gtag/js?id=UA-210860007-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 18 Apr 2023 20:09:27 GMT
expires: Tue, 18 Apr 2023 20:09:27 GMT
cache-control: private, max-age=900
last-modified: Tue, 18 Apr 2023 18:38:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44679
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
assets.anytrack.io/1y0o6qdBqYHr.js
200 OK 103 B URL GET HTTP/2 assets.anytrack.io/1y0o6qdBqYHr.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerAmazon
Subjectanytrack.io
Fingerprint8E:28:1B:95:6D:A8:BB:0C:DE:7B:E1:D3:4B:A0:24:65:34:A7:22:10
ValidityThu, 16 Feb 2023 00:00:00 GMT - Sat, 16 Mar 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 69b5271584dd67a9e6ae79216fe30110
7753fe034a0843770954f6979f6830ff9a82f987
b55a87e172f834369dfb6a2176712509026e5b3de676343ccdc64410245081d9
GET /1y0o6qdBqYHr.js HTTP/1.1
Host: assets.anytrack.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 103
date: Tue, 18 Apr 2023 20:09:27 GMT
access-control-allow-origin: *
cache-control: public, max-age=600
etag: W/"67-d1P+A0oIQ3cJVPaXn2gw/5qC+Yc"
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NKddi2oeMdjnBZz32Dx3NvUDhD12mej1QaN6H7vUjVdWqU5Mc4_95g==
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400,900,700,500,300,100
200 OK 2.2 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Roboto:400,900,700,500,300,100
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint28:74:DC:A1:79:64:AB:97:A4:EA:AB:80:90:A6:E2:B9:D4:16:79:64
ValidityTue, 28 Mar 2023 16:54:33 GMT - Tue, 20 Jun 2023 16:54:32 GMT
Hash ec36429fd9ad117714d66ef97f5ed1d8
aae931f8f2b2926fa493383f91493d5dea572ba5
1467c798461463d77453da4459d7da2955d0c0b3c7fb27505db4bea7b109d5da
GET /css?family=Roboto:400,900,700,500,300,100 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 18 Apr 2023 20:09:27 GMT
date: Tue, 18 Apr 2023 20:09:27 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
472 B IP
Hash 3c52df04f93f33af0d010ef4212f60b3
c385b42f0370a5064321f9b72cc2c26d9c1f64b7
26a02d8ead31ded3ab8011f6a03783ba7b1924d4cafb6290339f02ab6bd4da4e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 18 Apr 2023 20:09:27 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 16 Apr 2023 06:45:04 GMT
Expires: Sun, 23 Apr 2023 06:45:03 GMT
Etag: "c385b42f0370a5064321f9b72cc2c26d9c1f64b7"
Cache-Control: max-age=383135,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b9f8ba93cc7b51b-OSL
fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
200 OK 1.2 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint28:74:DC:A1:79:64:AB:97:A4:EA:AB:80:90:A6:E2:B9:D4:16:79:64
ValidityTue, 28 Mar 2023 16:54:33 GMT - Tue, 20 Jun 2023 16:54:32 GMT
Hash b3d1224459ea03f44ac3dd3ad2b3298c
d7357559270bc76f5346ba7716469dbe5f50c43e
a84efde044eb63e45db6ecf7f982b6602ff59614e26f4e8addc2d37d46ad1e33
GET /css?family=Open+Sans:300,400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 18 Apr 2023 20:09:27 GMT
date: Tue, 18 Apr 2023 20:09:27 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-NW5DZCL
200 OK 56 kB URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NW5DZCL
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint0D:E0:7D:60:57:50:BA:EB:CA:6E:2A:3F:20:5B:C7:91:67:89:3F:09
ValidityTue, 28 Mar 2023 16:45:47 GMT - Tue, 20 Jun 2023 16:45:46 GMT
File type ASCII text, with very long lines (7865)
Hash c7a50efa201d3ec1465279325c17be75
af877a6241c241d61a94681e7f09546265b4db67
6df723faee7442da161e0162fbe80014bc8372c4ab3562cbf1ced3a78f78e64d
GET /gtm.js?id=GTM-NW5DZCL HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 18 Apr 2023 20:09:27 GMT
expires: Tue, 18 Apr 2023 20:09:27 GMT
cache-control: private, max-age=900
last-modified: Tue, 18 Apr 2023 18:38:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 56300
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP
Hash 8cd9aa01db60293b18dcdbae7d3721db
27cc709e8fbceb5eb651ab77c58678094a323b0b
bdb89cf524c1f48708a3b9cba1b202ee009e534603301b01d94fbafe462c28b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Apr 2023 20:09:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700
200 OK 1.1 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint28:74:DC:A1:79:64:AB:97:A4:EA:AB:80:90:A6:E2:B9:D4:16:79:64
ValidityTue, 28 Mar 2023 16:54:33 GMT - Tue, 20 Jun 2023 16:54:32 GMT
Hash 329088192994b8d946154db016731c2f
412e8c5a09db1ccab1b194b0727bd10bace9add2
9b2feb1f156f68e10cf71b8a81d87258e29bb61145fe43e1370f30a30f5abca1
GET /css?family=Roboto+Condensed:300,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 18 Apr 2023 20:09:27 GMT
date: Tue, 18 Apr 2023 20:09:27 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/phone.png
200 OK 2.5 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/phone.png
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type PNG image data, 70 x 70, 4-bit colormap, non-interlaced\012- data
Hash b56838fff449db819b49eeb7e64ed614
74de76e6563e7d82a518d03f8f086554a2a3dac6
f91ead1cc6732a5af0755dfcbfcfc9b79f30e1d5d9f5a9e66859e4655438d136
GET /wp-content/uploads/phone.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: image/png
content-length: 2479
last-modified: Tue, 12 Oct 2021 16:10:11 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J4H%2FUkqmXnDQDJ2%2F25f0O9wVhl0HciDC7ljryJRJ8M%2FSBaCgBpvrWv05flpZX56nTCNZPFM3XmhObDMZO7TkLywI2S302BxoRiB3LUbbLqcRZN8PmoNjkR7fzxZl9drpL3s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8ba75843b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/icon-approval.png
200 OK 841 B URL GET HTTP/3 www.usbfund.com/wp-content/uploads/icon-approval.png
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type PNG image data, 64 x 64, 4-bit colormap, non-interlaced\012- data
Hash ae3c40db3ae713d3b2532f642579dc46
4c79d5f0d3aeb840763298eea898a69005955356
9f1e7382ee492be2670880685b2de565eef1ce8667cdedc03b2415c8c8e18012
GET /wp-content/uploads/icon-approval.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: image/png
content-length: 841
last-modified: Sat, 28 Sep 2019 00:15:17 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ilw4hVbEpB1%2B9r4UpsIlFefxYKloIJDpTyuBNqW9EDmRn%2FkS58vkD9PBPyicYmrFKYLxVFcxnd2m7CBE1SNvyTJxRw5KvRFyWNqA%2Bd6Fv8ep7zRa3IpI2yJwgijDQBHbLo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8ba7584db4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/icon-247.png
200 OK 992 B URL GET HTTP/3 www.usbfund.com/wp-content/uploads/icon-247.png
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type PNG image data, 64 x 64, 4-bit colormap, non-interlaced\012- data
Hash ef7c282ab6144fa5162ed00ca2ae0b66
263b7452a42c10de0401fea7ce10c580b1db9935
8fed20ba76c770f08d0c0a231f16b87cc7fa72e8ae89922b71f642f8ff026455
GET /wp-content/uploads/icon-247.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: image/png
content-length: 992
last-modified: Sat, 28 Sep 2019 00:14:10 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R1LqxW8oaMJGTLR2zRN3%2BI9YjB56bwpkS7oJEhkRQj7yyjor%2BVDrHYlvEFRDZ5Jfa%2FMA%2FAIsfp22c%2BeiN4UxiReOGcwarzn5kHaUHgiFlCkBqc4vhGhJ4QKgayS9UwlalTI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8ba75850b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/icon-paperwork.png
200 OK 569 B URL GET HTTP/3 www.usbfund.com/wp-content/uploads/icon-paperwork.png
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type PNG image data, 64 x 64, 4-bit colormap, non-interlaced\012- data
Hash 0c4ac1d950bf0c487a56ab5eda6db7d3
df2764e14bc2f9e503e0303a794db2cd834187d9
5c330674c7a9b46f5466d015d4764d8f983e314b817f2a3caf4fc437b808f088
GET /wp-content/uploads/icon-paperwork.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: image/png
content-length: 569
last-modified: Sat, 28 Sep 2019 00:15:16 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wMJbp4yRsJWLXB2gN55Dicw%2FjAllftFoNxfWL1gIknrn22lCL3watqkg0rq44uDCORnGC3klPu4MyBd9Gc6aKwbPofk55coLeiZC7HNURUoLpeEXI8Vb9zpHMeqhLEAF434%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8ba7585bb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/accredited-business-usbfunding.png
200 OK 2.2 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/accredited-business-usbfunding.png
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type PNG image data, 180 x 75, 8-bit colormap, non-interlaced\012- data
Hash 3befe9c6fb5e6602893570b99d3920aa
1e7c1d352448864975a23135097e59593ae71456
d59962c29e3487892da60ef799f75523576b6f006d54fc3dd43bb6993588f1dc
GET /wp-content/uploads/accredited-business-usbfunding.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: image/png
content-length: 2244
last-modified: Sat, 28 Sep 2019 00:15:06 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qf4hT%2F1TtMu8KDa0qLEhcyOhCbK%2F59%2FWElu3cwQlfCQ9zU%2Fszhwu1FUemDkimidii4y3wjI64CtDxdc3pwG4iHH3R0DlwvtBnEUoVh2K%2FM3bPBtWKA0xxJ2mUp%2BAYZb7xYI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8ba75865b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/icon-lowest-cost.png
200 OK 782 B URL GET HTTP/3 www.usbfund.com/wp-content/uploads/icon-lowest-cost.png
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type PNG image data, 64 x 64, 4-bit colormap, non-interlaced\012- data
Hash ad34d701a81be13e89ac5007f328c168
12bb1dd808cfb91272ec57d966c30c33b296ea22
e1b22c7c43c5594dfbf96d96dc1916f420a664234479c79180e82fdcb44fb6be
GET /wp-content/uploads/icon-lowest-cost.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: image/png
content-length: 782
last-modified: Sat, 28 Sep 2019 00:14:35 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BZKPh2f57Wghsix%2FziX9eQq8aK78nRKSrdF3pqN55mZl3goPoN%2BCflTQSI9vnXFGdsPzYLyC%2BWWBRDNfnUFAPydt9Y%2F80zZW3UvaV%2FmbCsFPmnX7o2wOuk9z%2Bt%2FPWPFZrJY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8ba75858b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.google.com/recaptcha/api.js?hl=en&render=explicit&ver=6.1.1
200 OK 556 B URL GET HTTP/2 www.google.com/recaptcha/api.js?hl=en&render=explicit&ver=6.1.1
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint3E:43:00:13:2A:5D:12:97:9E:3A:1C:62:F3:7E:D1:C4:FB:DB:B7:73
ValidityTue, 28 Mar 2023 16:54:58 GMT - Tue, 20 Jun 2023 16:54:57 GMT
File type ASCII text, with very long lines (852), with no line terminators
Hash 8ed7feeb0c706549b1904b6011947366
08e222e4331aa0ddf4d46caa46a02580a517ee78
8e6c167b81942e984aff9709c661ef91fd35ebf4d1509e3fe2e59b8fd1758d28
GET /recaptcha/api.js?hl=en&render=explicit&ver=6.1.1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Tue, 18 Apr 2023 20:09:27 GMT
date: Tue, 18 Apr 2023 20:09:27 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 556
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP
Hash 8cd9aa01db60293b18dcdbae7d3721db
27cc709e8fbceb5eb651ab77c58678094a323b0b
bdb89cf524c1f48708a3b9cba1b202ee009e534603301b01d94fbafe462c28b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Apr 2023 20:09:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
scripts.iconnode.com/100980.js
200 OK 7.7 kB URL GET HTTP/2 scripts.iconnode.com/100980.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerAmazon
Subject*.iconnode.com
Fingerprint2A:FB:28:30:52:32:14:03:84:5D:DF:C4:71:E9:EB:81:7F:A6:1A:60
ValidityMon, 27 Feb 2023 00:00:00 GMT - Tue, 22 Aug 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (46582), with no line terminators
Hash 05a6d57113e7870d8851ed0faf8ca12f
315c52641f469ec7e571648d5333982579cb6da3
0f4d04e15b0a5cb9f2e59f3cc9a7b36d522db0e7712454d1f962e77723348eb3
GET /100980.js HTTP/1.1
Host: scripts.iconnode.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-length: 7683
date: Tue, 18 Apr 2023 03:38:29 GMT
last-modified: Mon, 26 Sep 2022 18:10:24 GMT
etag: "05a6d57113e7870d8851ed0faf8ca12f"
cache-control: max-age=0
content-encoding: gzip
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AOBIETA0u0D2Y8Fe_Z7ANKl2owVkt1QlbjiImtFPq6obzFy3IgpoBw==
age: 59459
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP
Hash 43db2c964498883fd98799a8b1dc6ea4
4814b7cbb03111d02286329392d2735225df3a5c
44b1d4e6c4b4ba2f50b3344787b34e1c8100454ce01eccd79c4c949fb7491690
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Apr 2023 20:09:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.usbfund.com/wp-content/uploads/img-sba-loans.jpg
200 OK 22 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/img-sba-loans.jpg
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 300x200, components 3\012- data
Hash 23f72b8211202321fc5bf2d79da57b7b
a2bcedea0c3396e1eb7106e1e576e900b1062221
516e99c672b4bc62df5134409b5e8918a95ce1bc59277743887f814762f313c1
GET /wp-content/uploads/img-sba-loans.jpg HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: image/jpeg
content-length: 21745
last-modified: Sat, 28 Sep 2019 00:14:43 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LPCTTHQrkuEq%2BDC0Bym3K3MoooSZkvgzrDgq4hQux%2F5IvjIu%2B%2Bz0gG4IowihCi7MfO7jUEyqnWfPR4ebBO2i7Aa8BOIelANuF6gCowLyBdeMu8UP8lkm%2BdmHTH1lUIvznJE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8ba75845b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/img-working-capital.jpg
200 OK 13 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/img-working-capital.jpg
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 300x200, components 3\012- data
Hash 77e791f0bf53571239c7a08d4a6e71a6
596965606bcddfa0f5550bb1aee16ad83db76ead
93c2194c46571f708fc2f3af13766d0f2c93fa377f5c2ab6cbc08c68d7330cf6
GET /wp-content/uploads/img-working-capital.jpg HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: image/jpeg
content-length: 13371
last-modified: Sat, 28 Sep 2019 00:14:45 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RU12sd1R36FGTRzA8lPWwkB2%2BIi1ydoLSbJpoIAf78jeU89putt2SSR%2BbYYiniqcKb2JFuOfa2KvruYwB%2FXGRpMn%2FKYZWWg%2Fohbru491Q%2FF7iFGEzLBeL9MH52oRawVvCM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8ba75841b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/img-equipment-financing.jpg
200 OK 20 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/img-equipment-financing.jpg
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 300x200, components 3\012- data
Hash c0d6bce27af13e3d574b79a7987df2c8
44838a75e7b8f4e85a060d6196d3aa2012edb288
7a14596bf6034bbdc2029a158ae6c4a9abfae64faca549cdbd581b5ab978b9d1
GET /wp-content/uploads/img-equipment-financing.jpg HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: image/jpeg
content-length: 20449
last-modified: Sat, 28 Sep 2019 00:14:55 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ug8NXg%2BAtKTZOr9TnwVbs%2BzI5gs81T29YerXUViZQOtrmbuK4Pzum42SMa42Cxpg%2BdRVLqh7G2ETs4gXVxGE6SLazA4BSHWrQvgFNTdiRhIc6Rnt1tRR7a67deL7LUQB05Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8ba75847b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/img-section-business.jpg
200 OK 20 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/img-section-business.jpg
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 987x600, components 3\012- data
Hash 69b4568a70d5e823c2487ef75db31a3d
f716722204dfd61eefd092ba4aea0f5e03315d3e
31845c6cbd8abdf0187162d1170db2aa7643495bdffe3f92c301131c9d85af15
GET /wp-content/uploads/img-section-business.jpg HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: image/jpeg
content-length: 20080
last-modified: Sat, 28 Sep 2019 00:14:24 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RohSQF473o%2BHGWcsoeaFuBRZCM5%2BbpZKTyRMeGH89VW6AJE9JpCjeDdhDKq3hjqRyZmcpAgyjIEgblYYH6SyX%2BfTIXi5M3Vum%2BWFsUm5rLEwP%2Fbvk8dcdngqhO%2FePRH9Hro%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8ba7584bb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/img-vendor-program.jpg
200 OK 13 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/img-vendor-program.jpg
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 300x200, components 3\012- data
Hash cc288539f794416629801dc7c0a313bf
254033b2c00433efd50fbe114e45ed2c638b2777
d92a25f5b72d7659b7e836cb1658e9c112ab37da85fe65813d0cc81070a8009a
GET /wp-content/uploads/img-vendor-program.jpg HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: image/jpeg
content-length: 12812
last-modified: Sat, 28 Sep 2019 00:14:24 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2B1RdpnGJqm2YlZCXhtwwvibgL%2FfGxrouGtYuze2VYwvsk47E0Mfav4bCfLq4uqE3TVZ7jgKXD3dw6zGtj7SP5PCign2ZJVUNyetyBJ5XK%2FKEVxr4xsVgi7agt1INaKaLqs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8ba75848b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.pki.goog/gts1c3
471 B IP
Hash 2bb32eb287a980b1e3d6225302f2a399
2c5bfdfe6c3b0be4d73096793bdc6167ef920e4d
9fd58d9d6500c88f270ed41816a2d87472ce1fd1332e7a934e37cd499e39104a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Apr 2023 20:09:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.usbfund.com/wp-content/plugins/formidable/css/formidableforms.css
200 OK 19 kB URL GET HTTP/3 www.usbfund.com/wp-content/plugins/formidable/css/formidableforms.css
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type ASCII text, with very long lines (65436)
Hash 3d85ca9d4b202b46eb2a4d6f7fe1ebaa
9e903934b11954bac085c6fca51f3b9a133559dc
42b6239b3720616b444d98b0625b7af803deca359cd03a6023573e0acb47db58
GET /wp-content/plugins/formidable/css/formidableforms.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 14 Jan 2023 13:08:34 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8K2QvEvbFFt6H7BvVOdWsG6dRXITCArwfiFvgzNSbh7oUb%2FfpDv%2Bhe1ErcFDIz9WF9pZ9nPDV%2Fkb%2BiZDqkXDvsd%2BJHv5%2FDTVWQzIsTl2K5IsSx%2B1XqhlOidt8NVjfLCIF8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b9f8ba73ffdb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
shield.sitelock.com/shield/usbfund.com
200 OK 35 B URL GET HTTP/1.1 shield.sitelock.com/shield/usbfund.com
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerSectigo Limited
Subject*.sitelock.com
FingerprintDE:BD:8E:1E:86:D4:91:AC:F6:A4:EA:0E:96:1E:C4:D3:20:EE:C7:80
ValidityThu, 02 Feb 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type GIF image data, version 87a, 1 x 1\012- data
Hash 04d590ce36fcc6369f590ccfb7409e57
a3a71e8194f5541400b26be34f791d106f33256e
b18c315b986e7bcf03bbfff949dd65345f4cbabeec5267ade74c354d73cf5e28
GET /shield/usbfund.com HTTP/1.1
Host: shield.sitelock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif; charset=ISO-8859-1
Content-Length: 35
Date: Tue, 18 Apr 2023 20:09:27 GMT
Server: lighttpd
Set-Cookie: nlbi_275317=NB23CQLNsmCjlux4mBeFbAAAAAB0LmzrqVJAfet4ASy0NW3Z; path=/; Domain=.sitelock.com
visid_incap_275317=KDPi+wUcSl2plrtwPRLgjfb4PmQAAAAAQUIPAAAAAACTZvV+0oqqpmtFwMh5ADfC; expires=Tue, 16 Apr 2024 22:17:48 GMT; HttpOnly; path=/; Domain=.sitelock.com
incap_ses_277_275317=mE3Ieqxk7UrAwy1VnRrYA/f4PmQAAAAAC9oAptezR9mg1OVYbW5BKw==; path=/; Domain=.sitelock.com
X-CDN: Imperva
X-Iinfo: 5-35824458-35822776 2NNN RT(1681848566539 365) q(0 0 0 1) r(1 1)
www.googletagmanager.com/gtag/js?id=G-YYEX7W0G95&l=dataLayer&cx=c
200 OK 79 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-YYEX7W0G95&l=dataLayer&cx=c
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint0D:E0:7D:60:57:50:BA:EB:CA:6E:2A:3F:20:5B:C7:91:67:89:3F:09
ValidityTue, 28 Mar 2023 16:45:47 GMT - Tue, 20 Jun 2023 16:45:46 GMT
File type ASCII text, with very long lines (21772)
Hash 2e035336fe02254ca392fec67dc8c853
e185cdce9040026847699a7ffa9f936d5a9d3955
b9653e145fdf03f825136d4f3255924ed1b2e929cfb044fa92a472408579c71f
GET /gtag/js?id=G-YYEX7W0G95&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.googletagmanager.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 18 Apr 2023 20:09:27 GMT
expires: Tue, 18 Apr 2023 20:09:27 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79033
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
d.impactradius-event.com/A870624-b043-4b58-adb6-a8c4d22ccc5b1.js
200 OK 13 kB URL GET HTTP/3 d.impactradius-event.com/A870624-b043-4b58-adb6-a8c4d22ccc5b1.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerSectigo Limited
Subject*.impactradius-event.com
FingerprintEE:D3:74:1B:8F:1B:24:D4:38:F2:AE:C9:B9:44:66:42:09:32:9A:5A
ValidityWed, 07 Dec 2022 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT
File type C source, ASCII text, with very long lines (40914), with no line terminators
Hash 833e9c2431f16a9e4e590d8c18a01169
d932b0dc73f5dbe2f30c5991fbc95d598a7d6855
ba6dea3209c3bf545ed7db2f134ab8d241599d778988697a345124a4aa8d491a
GET /A870624-b043-4b58-adb6-a8c4d22ccc5b1.js HTTP/1.1
Host: d.impactradius-event.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtY7Zi6vqEa7w0QgXqZPtrNLbDEW2Drxi1KWS5CuoCduKe2YI3y4mZSdw4MP0XuKiMuHJSIEPIwJ5GMZd9mPLT9IBUnPDkV
date: Tue, 18 Apr 2023 20:09:27 GMT
cache-control: public,max-age=900,s-maxage=300
expires: Tue, 18 Apr 2023 20:14:27 GMT
last-modified: Tue, 18 Feb 2020 03:47:29 GMT
etag: "833e9c2431f16a9e4e590d8c18a01169"
vary: Accept-Encoding
x-goog-generation: 1581997649126919
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 12876
content-type: text/javascript; charset=utf-8
content-encoding: gzip
x-goog-hash: crc32c=PZt+Nw==, md5=gz6cJDHxap5OWQ2MGKARaQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 12876
access-control-allow-origin: *
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css
200 OK 685 B URL GET HTTP/3 www.usbfund.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
Hash 0a779725259f14ee20ff4152add58b78
17a56cc6b2fadd75ca3d2a5772ef1f403c3c84fc
7ddd5666fecc56cdc68dc404dc1ac29c761b01892fb9c3a06584360d6bd2b787
GET /wp-content/plugins/wp-pagenavi/pagenavi-css.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 11 Oct 2021 18:28:51 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3Wq4cw0%2BXXEtGGtbokF7xR4XrDoWwj4eQCv1YG5FkMgyxZf4cpD7uSmcIwtuH9QCS1NO6ziCuVPUBzM4gdijoJ4fGbHi0w6nM4LUF1osPy188kwLmRb7EYlpmRs3JNytqU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b9f8ba7381db4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.googletagmanager.com/gtag/js?id=UA-210860007-1&l=dataLayer&cx=c
200 OK 45 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=UA-210860007-1&l=dataLayer&cx=c
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint0D:E0:7D:60:57:50:BA:EB:CA:6E:2A:3F:20:5B:C7:91:67:89:3F:09
ValidityTue, 28 Mar 2023 16:45:47 GMT - Tue, 20 Jun 2023 16:45:46 GMT
File type ASCII text, with very long lines (2206)
Hash cfc7e714a2c25b8fb8fdd9d0395d706e
88957ce11c1719252aa95b3d9a7a919f104d2f5d
cd546ff0fab3dbe59eac493b96d61459ff19622f2d11d524909278fc6bb466a7
GET /gtag/js?id=UA-210860007-1&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.googletagmanager.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 18 Apr 2023 20:09:28 GMT
expires: Tue, 18 Apr 2023 20:09:28 GMT
cache-control: private, max-age=900
last-modified: Tue, 18 Apr 2023 18:38:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44695
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.usbfund.com/wp-content/themes/usb/js/site.js
200 OK 4.9 kB URL GET HTTP/3 www.usbfund.com/wp-content/themes/usb/js/site.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
Hash 3f13c869c17ab50041b8ac8b34563978
acc74458dd42902bfcf47e4c84355f1e4b6f118b
1c225b2bc49960e6acba39a2cb61986ecff2f2c3d62d14ae4da441075cb15cc3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/usb/js/site.js HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2019 00:35:52 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YDSd1GyYGuzjC%2FomjE0iILL5n%2F3fTnn0bCaQFnj2j0JmX0DHZFzrYUqpqs90RhPq1wZdqXnCfcLhfXD57IS6%2FZw8BYZZx2UjmWp7069az56eyLk%2Brw8U9IF1Xea9IT6Mmpg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b9f8ba788e9b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.pki.goog/gts1c3
472 B IP
Hash 62cfe57b4773046a41d40cfbc8f044fc
78fcc3231c90a662763e09ff074f01a18e0a4049
84c4c8501ba7c409b0f2f327a55facd956c33066485cf9621b3af195aa6a9344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Apr 2023 20:09:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.usbfund.com/wp-content/themes/usb/js/accounting.min.js
200 OK 1.8 kB URL GET HTTP/3 www.usbfund.com/wp-content/themes/usb/js/accounting.min.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type ASCII text, with very long lines (3019)
Hash d610948725ca52dc73c483103358605a
81351367b62ee6cfca485332d5611616c55275bb
79b3bd88adca304d5c625995eceac82b2beb8cb6a7c13a9f96ac0646963ef0f3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/usb/js/accounting.min.js HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2019 00:35:52 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lfwN93bPGor9q4zlhWsKkuZcCSYi14%2Blx1OXEoSZ%2BXz%2FW24ZhbhkAhUd2oG90rH1jdb11L6VcthTxiAVWRpfeTBdV10yKl1RxDZ0SUWf7YoPa3rbU%2BQ%2Bh4jkfQ3CJo83vBE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b9f8ba788e2b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
d.impactradius-event.com/A870624-b043-4b58-adb6-a8c4d22ccc5b1.js
200 OK 13 kB URL GET HTTP/3 d.impactradius-event.com/A870624-b043-4b58-adb6-a8c4d22ccc5b1.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerSectigo Limited
Subject*.impactradius-event.com
FingerprintEE:D3:74:1B:8F:1B:24:D4:38:F2:AE:C9:B9:44:66:42:09:32:9A:5A
ValidityWed, 07 Dec 2022 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT
File type C source, ASCII text, with very long lines (40914), with no line terminators
Hash 833e9c2431f16a9e4e590d8c18a01169
d932b0dc73f5dbe2f30c5991fbc95d598a7d6855
ba6dea3209c3bf545ed7db2f134ab8d241599d778988697a345124a4aa8d491a
GET /A870624-b043-4b58-adb6-a8c4d22ccc5b1.js HTTP/1.1
Host: d.impactradius-event.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: d.impactradius-event.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
x-guploader-uploadid: ADPycds6ANQBX_trohkSPrjJ39JzQOh2LK8N3cCXcVbEuB-QcqlwsqKIMyTNdF9fUhXpkNF42LlQ58IEaBnezW-rbUpGSKoJYTym
x-goog-generation: 1581997649126919
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 12876
content-encoding: gzip
x-goog-hash: crc32c=PZt+Nw==, md5=gz6cJDHxap5OWQ2MGKARaQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 12876
access-control-allow-origin: *
server: UploadServer
date: Tue, 18 Apr 2023 20:09:28 GMT
expires: Tue, 18 Apr 2023 20:14:28 GMT
cache-control: public,max-age=900,s-maxage=300
last-modified: Tue, 18 Feb 2020 03:47:29 GMT
etag: "833e9c2431f16a9e4e590d8c18a01169"
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
472 B IP
Hash 62cfe57b4773046a41d40cfbc8f044fc
78fcc3231c90a662763e09ff074f01a18e0a4049
84c4c8501ba7c409b0f2f327a55facd956c33066485cf9621b3af195aa6a9344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Apr 2023 20:09:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.usbfund.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.1.2
200 OK 1.5 kB URL GET HTTP/3 www.usbfund.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.1.2
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type ASCII text, with very long lines (1847), with no line terminators
Hash f01b358711235a3711e90a18bc12abfe
ad447f730fcd399edf7f8223c2d93c8b43d90388
668ed2c9d24c7873600c8e0442623c9a411100090286924d23deaa53665efa26
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.1.2 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2019 00:22:39 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LouMzRw4dq0Oe2E3QXeZvnR5N5uqQRqH1ClJdJF9w%2B31PDhfEjMY7o43EO7Zebjp%2FksnZ8YtGC1cQ0ORXv8tgBGb1%2BSrdfBE3rXJ5Jj9VEouYAQ6Puixxy7hho0jsObz8pg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b9f8ba788d7b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 16 Apr 2023 18:07:16 GMT
expires: Mon, 15 Apr 2024 18:07:16 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
age: 180132
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type Web Open Font Format (Version 2), TrueType, length 15528, version 1.0\012- data
Hash 595fe3fc0b85f3cc9ef5aed2d519abc5
96e76de44987e9dec2f97f1e5eb7a18c738daf5d
747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 18 Apr 2023 02:01:14 GMT
expires: Wed, 17 Apr 2024 02:01:14 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:53:07 GMT
content-type: font/woff2
age: 65294
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 16 Apr 2023 18:07:16 GMT
expires: Mon, 15 Apr 2024 18:07:16 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 180132
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Hash b20371a6daf29d4a1f2e85dbbf40fb20
0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 14 Apr 2023 02:57:38 GMT
expires: Sat, 13 Apr 2024 02:57:38 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
age: 407510
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Apr 2023 15:46:39 GMT
expires: Thu, 11 Apr 2024 15:46:39 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 534169
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/plugins/gravityforms/css/formsmain.min.css
200 OK 27 kB URL GET HTTP/3 www.usbfund.com/wp-content/plugins/gravityforms/css/formsmain.min.css
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1bfcf7058bbc8fe8cbc6a2634164b567
29340c5694d647a9647d5bada3e7825c31ae58d7
a32f850db6df9485e89074bb475adea4f086b77ccdd89ac5e4fb682966ab2785
GET /wp-content/plugins/gravityforms/css/formsmain.min.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2019 00:22:23 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORMuiRB2hgQg5fZC7o34sjoqF5I2qqcMiasrb9QzbYAwn3Fh98SEjF4E69WOCb4fQBrJrQ8EbLDF%2FFfa1ahjKoWsSSKdB6InGpgTlt0HKpZUoPQIYcAXTP%2B9wmjuFyDK7U4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b9f8ba7688bb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 16 Apr 2023 18:07:16 GMT
expires: Mon, 15 Apr 2024 18:07:16 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 180132
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP
Hash 62cfe57b4773046a41d40cfbc8f044fc
78fcc3231c90a662763e09ff074f01a18e0a4049
84c4c8501ba7c409b0f2f327a55facd956c33066485cf9621b3af195aa6a9344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Apr 2023 20:09:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.sendlane.com/js/eventing.js
404 Not Found 34 kB URL GET HTTP/2 www.sendlane.com/js/eventing.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerLet's Encrypt
Subjectwww.sendlane.com
Fingerprint81:C7:7B:71:A6:19:A5:09:E7:0D:AA:3F:4E:59:53:D0:9D:35:88:FD
ValiditySat, 04 Feb 2023 09:10:51 GMT - Fri, 05 May 2023 09:10:50 GMT
Hash eaaca43cdd040043e940135766f2f55c
7693990bc132e3685c5ff4f4fbc5ddeb5806619d
a017233487b2d13024af15cf205894cf9c9a711d550d0a133c8764f5a8fea54c
GET /js/eventing.js HTTP/1.1
Host: www.sendlane.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Tue, 18 Apr 2023 20:09:28 GMT
content-type: text/html
cache-control: private, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
etag: W/"785d5aa5b2c049a6f74436c074bbe670"
last-modified: Tue, 18 Apr 2023 09:28:33 GMT
x-frame-options: SAMEORIGIN
accept-ranges: bytes
x-served-by: cache-iad-kcgs7200054-IAD, cache-dub4321-DUB
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1681848568.124872,VS0,VE146
vary: Accept-Encoding,x-wf-forwarded-proto
x-cluster-name: eu-west-1-prod-edge-blue
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/icon-arrow-down-white.png
200 OK 172 B URL GET HTTP/3 www.usbfund.com/wp-content/uploads/icon-arrow-down-white.png
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type PNG image data, 14 x 14, 8-bit gray+alpha, non-interlaced\012- data
Hash 26d3bceaf73fad28fb322b6646860f78
1b70241f618df47a01729534d376a57c57bd8c07
0077bc52b60eb51d8785f3aa812a2cdcce59acd3a0b70a801b82c563787e1a7c
GET /wp-content/uploads/icon-arrow-down-white.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: _gcl_au=1.1.402517861.1681848702; __ss=1681848701814; __ss_referrer=https%3A//www.usbfund.com/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418; _ga_YYEX7W0G95=GS1.1.1681848702.1.0.1681848702.0.0.0; _ga=GA1.1.1395607014.1681848702; __ss_tk=202304%7C643ef8f73059825d2d4130f7; _gd1681848702537=; wc_visitor=100980-672f2673-599e-9494-633d-4f996e25b59c; _gd1681848702538=; wc_client=bayengage+..+campaign-email+..+sales-0418+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418+..+100980-672f2673-599e-9494-633d-4f996e25b59c+..+; wc_client_current=bayengage+..+campaign-email+..+sales-0418+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418+..+100980-672f2673-599e-9494-633d-4f996e25b59c+..+; IR_gbd=usbfund.com; IR_7486=1681848702062%7C0%7C1681848702062%7C%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:28 GMT
content-type: image/png
content-length: 172
last-modified: Sat, 28 Sep 2019 00:15:12 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZRhrBmp4z2dmfx7MaVJdu7RQDNXq5cVBbEDKhKvlrA1fbJc2qt%2FvlvtoscPd9iZXpPxtJciJ0%2B0BAzO7SG5o9fqrULvMY8BdLy9XNOL3XH57XjjZ%2FjGwvHYf6lHl5NJF7U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8bb01f6cb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/js/jquery.cookie.min.js?ver=1.4.0
200 OK 733 B URL GET HTTP/3 www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/js/jquery.cookie.min.js?ver=1.4.0
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type ASCII text, with very long lines (1667), with no line terminators
Hash b7b69e825315a44b6a975dc80c5a3767
193f044713ece213d18b4ec3c0d286d4ffd04c19
ba42832b5051ed954f3756b307881d17ec4580b3b67a1f380e2a3950168cb9b6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/AffiliateWP-master/assets/js/jquery.cookie.min.js?ver=1.4.0 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2019 00:24:32 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yuFNbWrjQ4nIdOOb8T8LHRPdLs%2Fwb0wDfJ%2F725QJdPOuuKrFOFGo0eOwMmA7%2BddFoOm4xvGDh842yKeSlocxFGRAMsbbjnEpjd%2BDqmjBf4s3xlmTz1mODBdT9EYqSCFue%2F0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b9f8ba7482cb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.1.2
200 OK 12 kB URL GET HTTP/3 www.usbfund.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.1.2
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type ASCII text, with very long lines (26634), with no line terminators
Hash ae3d24b19d73e9a0cb1e8f28096264f6
bd0216a42d0631e8c7c6de5fc503d7b24b9d7e5e
be0800133c0514e0eb4a345f8fec0b2a64d6aaec5a017a96a31afe4f773bd940
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.1.2 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:28 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2019 00:22:39 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xz7f6YRUXvee2iR6L91vhQHBmy2fIx1BPA%2BgOXrLQ0xGJ4yhlehmUG1iO%2BN5qnfaqpXQ6WMza%2FKsr%2BA8VrvHA4oS8kvOVta1VBP9tJfJHQgzj7PyrzBQ4tn2RCjE9e5ir9o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b9f8ba788d0b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/icon-arrow-down-black.png
200 OK 195 B URL GET HTTP/3 www.usbfund.com/wp-content/uploads/icon-arrow-down-black.png
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type PNG image data, 14 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash f984736b4b9dfe03bb8831a718c6a238
d95304fa5fed6fdf9020c21ece2b7e35aec4808c
4944824b4a23581a4660857551680fffd806f6fa42e3d9414fb1529ba78651b9
GET /wp-content/uploads/icon-arrow-down-black.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: _gcl_au=1.1.402517861.1681848702; __ss=1681848701814; __ss_referrer=https%3A//www.usbfund.com/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418; _ga_YYEX7W0G95=GS1.1.1681848702.1.0.1681848702.0.0.0; _ga=GA1.1.1395607014.1681848702; __ss_tk=202304%7C643ef8f73059825d2d4130f7; _gd1681848702537=; wc_visitor=100980-672f2673-599e-9494-633d-4f996e25b59c; _gd1681848702538=; wc_client=bayengage+..+campaign-email+..+sales-0418+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418+..+100980-672f2673-599e-9494-633d-4f996e25b59c+..+; wc_client_current=bayengage+..+campaign-email+..+sales-0418+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418+..+100980-672f2673-599e-9494-633d-4f996e25b59c+..+; IR_gbd=usbfund.com; IR_7486=1681848702062%7C0%7C1681848702062%7C%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:28 GMT
content-type: image/png
content-length: 195
last-modified: Sat, 28 Sep 2019 00:15:09 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4hVM6g%2FIVbCqZ7bSOdZnkheAQmpMiwQhzJUyDBK%2FcQG3pddBTp1y6NESDRRXTalgadsmDjzJHvgn4ay3IlDifvm0cjyuRE3JM9GdV8D6jpJI298ZQsMrtgVh8VXew0ydj3o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8bb01f7db4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/main.js
200 OK 31 kB URL GET HTTP/2 widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/main.js
IP
Requested by https://widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=57559cd10000ff00058effd9#locale=en-US&styleHeight=240px&styleWidth=100%25&theme=light&stars=5&schemaType=Organization
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintED:01:2E:50:4C:98:9B:F1:34:D7:8C:1E:93:45:E6:05:00:3C:47:86
ValidityThu, 02 Feb 2023 00:00:00 GMT - Sat, 02 Mar 2024 23:59:59 GMT
File type Unicode text, UTF-8 (with BOM) text, with very long lines (64030), with no line terminators
Hash 2e3edb0ca56a4b6e3a0425ac711a5928
fb9a6bcba231dc84aa0a352495b74a5fb0090fd3
d000cdf690d72aba7baa5530f3a3d42bd3666e0cdac906f9e04bbbd3348d2a65
GET /trustboxes/54ad5defc6454f065c28af8b/main.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=57559cd10000ff00058effd9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 31025
date: Tue, 18 Apr 2023 05:48:33 GMT
last-modified: Tue, 21 Mar 2023 10:45:42 GMT
etag: "2e3edb0ca56a4b6e3a0425ac711a5928"
x-amz-server-side-encryption: AES256
cache-control: max-age=86400
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xQZveECMIq6CwrKlL8x4qCdNj7gbfCKAiccp7ujROsg1P6-EcXzLEQ==
age: 51656
X-Firefox-Spdy: h2
process.iconnode.com/keyword/
200 OK 37 B URL POST HTTP/2 process.iconnode.com/keyword/
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerAmazon
Subject*.iconnode.com
Fingerprint2A:FB:28:30:52:32:14:03:84:5D:DF:C4:71:E9:EB:81:7F:A6:1A:60
ValidityMon, 27 Feb 2023 00:00:00 GMT - Tue, 22 Aug 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash fac2c1e20a128685cdcba772a8c9b296
f127be1ffc01fdd3ea9089f3ab40865696e1b17c
3061414be1c4f3e0684da28abcf00646a28a40fda5a9a12e6948628b6d5a6991
POST /keyword/ HTTP/1.1
Host: process.iconnode.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 770
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 18 Apr 2023 20:09:28 GMT
content-type: text/html; charset=UTF-8
content-length: 37
server: Apache/2.4.56 () OpenSSL/1.0.2k-fips PHP/7.4.33
x-powered-by: PHP/7.4.33
access-control-allow-origin: https://www.usbfund.com
access-control-allow-credentials: true
access-control-max-age: 86400
X-Firefox-Spdy: h2
www.usbfund.com/fonts/socicon.woff
200 OK 31 kB URL GET HTTP/3 www.usbfund.com/fonts/socicon.woff
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type Web Open Font Format, TrueType, length 31444, version 1.0\012- data
Hash dcbd1f9c4275862f002f21619e96b8f4
a97cd865925e5102ae7c25aa5dd09112ccf50651
a680b776319127695950fd7c490b17cd15120d683bde57845707a2f7dc0f1a74
Analyzer Verdict Alert fortinet Malware
GET /fonts/socicon.woff HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: _gcl_au=1.1.402517861.1681848702; __ss=1681848701814; __ss_referrer=https%3A//www.usbfund.com/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418; _ga_YYEX7W0G95=GS1.1.1681848702.1.0.1681848702.0.0.0; _ga=GA1.1.1395607014.1681848702; __ss_tk=202304%7C643ef8f73059825d2d4130f7; _gd1681848702537=; wc_visitor=100980-672f2673-599e-9494-633d-4f996e25b59c; _gd1681848702538=; wc_client=bayengage+..+campaign-email+..+sales-0418+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418+..+100980-672f2673-599e-9494-633d-4f996e25b59c+..+; wc_client_current=bayengage+..+campaign-email+..+sales-0418+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418+..+100980-672f2673-599e-9494-633d-4f996e25b59c+..+; IR_gbd=usbfund.com; IR_7486=1681848702062%7C0%7C1681848702062%7C%7C
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:29 GMT
content-type: font/woff
content-length: 31444
last-modified: Fri, 27 Sep 2019 21:47:06 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GFu1CQ4weP1ppn7m0Y7Z01WBlIfU2DJmmbTH9lfpXimIIIzSM4Dnm%2FcANjQkxExUPP9TkKY7rqaDvaB1H4iOeXHXrjHb6UxLTluCpc7BpFT0AgZVnx0wIoDBWESF5wOOkdw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8bb169bab4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/bg-section-business.jpg
200 OK 349 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/bg-section-business.jpg
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x600, components 3\012- data
Size 349 kB (348779 bytes)
Hash de5e6695d4d920c79dc59cf349165609
fdbc5c62b647b966b29475c703fef8e6df2265ac
39e955407048d0e1e09f62e68f65d266f2b641512ed1918c79c3778cca72b931
GET /wp-content/uploads/bg-section-business.jpg HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: _gcl_au=1.1.402517861.1681848702; __ss=1681848701814; __ss_referrer=https%3A//www.usbfund.com/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418; _ga_YYEX7W0G95=GS1.1.1681848702.1.0.1681848702.0.0.0; _ga=GA1.1.1395607014.1681848702; __ss_tk=202304%7C643ef8f73059825d2d4130f7; _gd1681848702537=; wc_visitor=100980-672f2673-599e-9494-633d-4f996e25b59c; _gd1681848702538=; wc_client=bayengage+..+campaign-email+..+sales-0418+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418+..+100980-672f2673-599e-9494-633d-4f996e25b59c+..+; wc_client_current=bayengage+..+campaign-email+..+sales-0418+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418+..+100980-672f2673-599e-9494-633d-4f996e25b59c+..+; IR_gbd=usbfund.com; IR_7486=1681848702062%7C0%7C1681848702062%7C%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:28 GMT
content-type: image/jpeg
content-length: 348779
last-modified: Sat, 28 Sep 2019 00:15:01 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i1fCWrAHOa%2BPcFelsEi1Ch6mf8I7aEPoltit3ZDOWKJvS9p9WkzddnzP%2BMYx6tPaBBOSEouM3ivbKYnkPMmZ3vo8SOZMpK2POgZ2cCEqI8lLBe4rpQedk4DcDc1EmsBeDlA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8bb01f81b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=240px&styleWidth=100%25&theme=light&stars=5&schemaType=Organization&url=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=57559cd10000ff00058effd9&widgetId=54ad5defc6454f065c28af8b
0 B URL widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=240px&styleWidth=100%25&theme=light&stars=5&schemaType=Organization&url=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=57559cd10000ff00058effd9&widgetId=54ad5defc6454f065c28af8b
IP
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintED:01:2E:50:4C:98:9B:F1:34:D7:8C:1E:93:45:E6:05:00:3C:47:86
ValidityThu, 02 Feb 2023 00:00:00 GMT - Sat, 02 Mar 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxImpression?locale=en-US&styleHeight=240px&styleWidth=100%25&theme=light&stars=5&schemaType=Organization&url=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=57559cd10000ff00058effd9&widgetId=54ad5defc6454f065c28af8b HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=57559cd10000ff00058effd9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Tue, 18 Apr 2023 20:09:28 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TtNOpkxQ2TuTckiXJy0SncZuvWYARKB7Q5krk2Bor2EH7JSifidWKw==
X-Firefox-Spdy: h2
www.checkbca.org/CompanyWidget.aspx?ID=100094667&WidgetType=1
301 Moved Permanently 196 B URL GET HTTP/2 www.checkbca.org/CompanyWidget.aspx?ID=100094667&WidgetType=1
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash e4450c4791dadbc8f0fe8409a9b278ec
70f8e597f291a8a247c4f1bbbc4586e300f75723
e350fe60679b3272336147b700171d459374f3a66c6e228673a94ec0d9239b7e
GET /CompanyWidget.aspx?ID=100094667&WidgetType=1 HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
date: Tue, 18 Apr 2023 20:09:28 GMT
content-length: 196
X-Firefox-Spdy: h2
trackcmp.net/t_prism_sitemessages.php?trackid=224499963&prismid=90ab9ec9-fa75-4ee8-86b5-1e4d94223522&url=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418
200 OK 0 B URL GET HTTP/2 trackcmp.net/t_prism_sitemessages.php?trackid=224499963&prismid=90ab9ec9-fa75-4ee8-86b5-1e4d94223522&url=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:67:4E:CC:4A:0F:16:72:90:95:A2:D6:A7:50:E7:85:F3:84:7E:DA
ValiditySun, 25 Sep 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t_prism_sitemessages.php?trackid=224499963&prismid=90ab9ec9-fa75-4ee8-86b5-1e4d94223522&url=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418 HTTP/1.1
Host: trackcmp.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 18 Apr 2023 20:09:29 GMT
content-type: text/javascript;charset=UTF-8
content-length: 0
cache-control: no-cache, private
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
x-envoy-upstream-service-time: 12
x-powered-by: PHP/8.1.17
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7b9f8bb5ad4cb4f4-OSL
X-Firefox-Spdy: h2
tag.getdrip.com/9726461.js
200 OK 8 B URL GET HTTP/2 tag.getdrip.com/9726461.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerAmazon
Subject*.getdrip.com
Fingerprint3E:57:50:A6:D1:A1:2E:AF:A3:74:E3:E3:F5:0E:42:F8:C9:9F:C8:C8
ValidityFri, 24 Feb 2023 00:00:00 GMT - Sat, 27 Jan 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash de2e1607e500ee465eca3ec4505c0859
cfd432c8178796a4af548a7ed62f09bdf5fbb897
295bdad3ed86f4eeb0249f30e724344ec7be85582094013a85403ecbb77a0047
GET /9726461.js HTTP/1.1
Host: tag.getdrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-length: 8
last-modified: Fri, 20 May 2022 20:08:53 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 18 Apr 2023 20:09:30 GMT
etag: "de2e1607e500ee465eca3ec4505c0859"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CqW0SaYw_8j1j9-7ccd1eXdiVbFKoeUsBAxyoextg8rgYZd3h5bmKQ==
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/uploads/USBusinessFunding-Home1.png
200 OK 944 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/USBusinessFunding-Home1.png
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type PNG image data, 1696 x 1131, 8-bit colormap, non-interlaced\012- data
Size 944 kB (944072 bytes)
Hash b4b6bd078ef229456fc9d5b22d31ca0e
51cb87382bfb8b0029df296adb021229ad4cf6da
870b85b6771aeb0fc9c84c444ca24919dd6f71e4b34a6bb97003a0a4f34bdfd3
GET /wp-content/uploads/USBusinessFunding-Home1.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: _gcl_au=1.1.402517861.1681848702; __ss=1681848701814; __ss_referrer=https%3A//www.usbfund.com/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418; _ga_YYEX7W0G95=GS1.1.1681848702.1.0.1681848702.0.0.0; _ga=GA1.1.1395607014.1681848702; __ss_tk=202304%7C643ef8f73059825d2d4130f7; _gd1681848702537=; wc_visitor=100980-672f2673-599e-9494-633d-4f996e25b59c; _gd1681848702538=; wc_client=bayengage+..+campaign-email+..+sales-0418+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418+..+100980-672f2673-599e-9494-633d-4f996e25b59c+..+; wc_client_current=bayengage+..+campaign-email+..+sales-0418+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418+..+100980-672f2673-599e-9494-633d-4f996e25b59c+..+; IR_gbd=usbfund.com; IR_7486=1681848702062%7C0%7C1681848702062%7C%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:28 GMT
content-type: image/png
content-length: 944072
last-modified: Sat, 28 Sep 2019 00:14:13 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BpcbwJNmT%2FC%2FmtV%2B3Y%2FGvdgMfuA8MsxAzq%2FJxwd0HskB6VoM8VrWDeWpqYbNe89KTGJSmyZTitl59CTX1ke8loxbdKSqZjFFsI5VY762KmrPeDNUx47nWXZn6oph808aUBU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8bb01f73b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
200 OK 6.5 kB URL GET HTTP/2 www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (540), with CRLF line terminators
Hash 2022dc8a479b5e7991f29d20548f972b
2404f31ebd097dda339eac996ca736690b8edb25
a1c645e307c9fcfe26d16b875008eaeaebb6804c7648e675b2731f91eb0513ca
GET /companywidget.aspx?ID=100094667&WidgetType=1 HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=ug5oqhibs1wtbwnzhklclchy; path=/; secure; HttpOnly; SameSite=Lax
date: Tue, 18 Apr 2023 20:09:28 GMT
content-length: 6465
X-Firefox-Spdy: h2
forms.soundestlink.com/REST/forms/v1/renderedForms?v=2023-04-18T20&brandID=60034c978a48f7337bc1a105&displayType=popup,embedded
200 OK 2 B URL GET HTTP/3 forms.soundestlink.com/REST/forms/v1/renderedForms?v=2023-04-18T20&brandID=60034c978a48f7337bc1a105&displayType=popup,embedded
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint54:B8:46:7B:76:99:67:6C:EA:5F:AD:F7:5C:7B:46:F2:95:48:76:22
ValidityTue, 24 Jan 2023 00:00:00 GMT - Wed, 24 Jan 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /REST/forms/v1/renderedForms?v=2023-04-18T20&brandID=60034c978a48f7337bc1a105&displayType=popup,embedded HTTP/1.1
Host: forms.soundestlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Origin: https://www.usbfund.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:29 GMT
content-type: application/json
content-length: 2
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=600, public
expires: Tue, 18 Apr 2023 20:19:29 GMT
last-modified: Tue, 18 Apr 2023 20:09:29 GMT
x-envoy-upstream-service-time: 2
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7b9f8bb65bdfb4f7-OSL
www.usbfund.com/wp-content/uploads/cropped-iconusbfund-192x192.png
200 OK 20 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/cropped-iconusbfund-192x192.png
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 273b22a347363c8bfaa20ddcca897d53
0bf5106cb96db26030ae4bee997db3aef8914130
3c673a54e1fea64b6b57dc31365058249f665f327b0e032746b310a2f6a2c0b2
GET /wp-content/uploads/cropped-iconusbfund-192x192.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Cookie: _gcl_au=1.1.402517861.1681848702; __ss=1681848701814; __ss_referrer=https%3A//www.usbfund.com/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418; _ga_YYEX7W0G95=GS1.1.1681848702.1.0.1681848702.0.0.0; _ga=GA1.1.1395607014.1681848702; __ss_tk=202304%7C643ef8f73059825d2d4130f7; wc_visitor=100980-672f2673-599e-9494-633d-4f996e25b59c; wc_client=bayengage+..+campaign-email+..+sales-0418+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418+..+100980-672f2673-599e-9494-633d-4f996e25b59c+..+; wc_client_current=bayengage+..+campaign-email+..+sales-0418+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418+..+100980-672f2673-599e-9494-633d-4f996e25b59c+..+; IR_gbd=usbfund.com; IR_7486=1681848702062%7C0%7C1681848702062%7C%7C; soundestID=20230418201143-LSnY6IcAXIJq0UquxnddDL1NusMjjXVCDqMaJ5MClfWSD0xYH; omnisendSessionID=MwpBaLc3Ss6FMY-20230418201143; _gd1681848703261=; wc_swap=9493560881+..+9494611140+..+68836; prism_224499963=90ab9ec9-fa75-4ee8-86b5-1e4d94223522
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:29 GMT
content-type: image/png
content-length: 19606
last-modified: Sat, 28 Sep 2019 00:15:06 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2617
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHO2Dnw9N%2FKYWP0M2LdAnye4jX0LAJ4XdmNH3oz%2BpDo78QO7Vys5rqBnH%2BnoY3zmF15qEDYrYpKcImer%2FRazsJ%2Bv3LBTe6b3iNBS0ZHWguuzc3%2FD06lgU5j%2BkcDSwiUrR%2Bo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8bb81e5fb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/cropped-iconusbfund-32x32.png
200 OK 1.4 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/cropped-iconusbfund-32x32.png
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 331f8022f00882988b3dd50a45511040
295b137770dedf8de5101ba30c05f515e21b6fb0
f83bb7fbb6ab6b05a6129fdc513d6edeb3b9029b0cbe6cf3eae361ad56c58cf5
GET /wp-content/uploads/cropped-iconusbfund-32x32.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Cookie: _gcl_au=1.1.402517861.1681848702; __ss=1681848701814; __ss_referrer=https%3A//www.usbfund.com/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418; _ga_YYEX7W0G95=GS1.1.1681848702.1.0.1681848702.0.0.0; _ga=GA1.1.1395607014.1681848702; __ss_tk=202304%7C643ef8f73059825d2d4130f7; wc_visitor=100980-672f2673-599e-9494-633d-4f996e25b59c; wc_client=bayengage+..+campaign-email+..+sales-0418+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418+..+100980-672f2673-599e-9494-633d-4f996e25b59c+..+; wc_client_current=bayengage+..+campaign-email+..+sales-0418+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418+..+100980-672f2673-599e-9494-633d-4f996e25b59c+..+; IR_gbd=usbfund.com; IR_7486=1681848702062%7C0%7C1681848702062%7C%7C; soundestID=20230418201143-LSnY6IcAXIJq0UquxnddDL1NusMjjXVCDqMaJ5MClfWSD0xYH; omnisendSessionID=MwpBaLc3Ss6FMY-20230418201143; _gd1681848703261=; wc_swap=9493560881+..+9494611140+..+68836; prism_224499963=90ab9ec9-fa75-4ee8-86b5-1e4d94223522
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:29 GMT
content-type: image/png
content-length: 1438
last-modified: Sat, 28 Sep 2019 00:14:07 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2617
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=exndgpYqaXWyZnOqdhc14a5rO3MPoAGkFReaf3O1NumjUiX2jeuIlv8a4Y147f1p7okB%2Bmubqx4WacdXIgVnanOiJtiN5mXbOVTe5%2FaWrxJIU5sQbJHy1zgp8S7sH9N2ucY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8bb81e6cb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.checkbca.org/stylesheets/font-awesome.min.css
200 OK 7.0 kB URL GET HTTP/2 www.checkbca.org/stylesheets/font-awesome.min.css
IP
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with very long lines (30837)
Hash 775375b17c16dc85854ba29bbba28807
91c2f8c2838211a85090f061340b6c0c24e763af
e05c4f03a6c957e6b769e9ac46b9b6d7f1de8f46f49fc894be7c7493aaf4e033
GET /stylesheets/font-awesome.min.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: text/css
content-encoding: gzip
last-modified: Fri, 03 Mar 2023 16:46:05 GMT
accept-ranges: bytes
etag: "80c44da5ef4dd91:0"
vary: Accept-Encoding
date: Tue, 18 Apr 2023 20:09:28 GMT
content-length: 6965
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/jquery.selectBox.css
301 Moved Permanently 180 B URL GET HTTP/2 www.checkbca.org/stylesheets/jquery.selectBox.css
IP
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 65d99af646ca7622a01fc0d3eb7a6b6d
a6b71820c0572f17c183b5669255346947bc3492
425fea6b4acfc8c48eee414af2be035b5c77a87742cf0bb46b136d07e0c29f6a
GET /stylesheets/jquery.selectBox.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/stylesheets/jquery.selectbox.css
date: Tue, 18 Apr 2023 20:09:28 GMT
content-length: 180
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/style.css
200 OK 11 kB URL GET HTTP/2 www.checkbca.org/stylesheets/style.css
IP
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type assembler source, Unicode text, UTF-8 text, with very long lines (548), with CRLF line terminators
Hash a3ec3a585ca53c4eaa1082ae3427a329
7f08739e149ab8dc280a05b280c31b04bfb1bd6d
1e44bca5aecfd50bff07a4df9f9bb9c524f6addd9c24bb8c463eef67798283c9
GET /stylesheets/style.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: text/css
content-encoding: gzip
last-modified: Fri, 03 Mar 2023 16:46:05 GMT
accept-ranges: bytes
etag: "80c44da5ef4dd91:0"
vary: Accept-Encoding
date: Tue, 18 Apr 2023 20:09:28 GMT
content-length: 10899
X-Firefox-Spdy: h2
serve.albacross.com/track.js
200 OK 3.9 kB URL GET HTTP/1.1 serve.albacross.com/track.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerAmazon
Subject*.albacross.com
FingerprintDE:3F:CD:D1:57:E6:35:CD:6B:A7:D8:1A:DF:F4:FE:FA:91:E0:C0:06
ValidityFri, 17 Feb 2023 00:00:00 GMT - Tue, 22 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (10031)
Hash 4066e2c808577b2d0c3ca707c3d91e57
832eab5c019590fe1e60325278c19b4cbcc9c1fe
eb47f99998bddfe05f6fdd3253fb9f8baeb37ec12023a5487b7cbf294faa8ff6
GET /track.js HTTP/1.1
Host: serve.albacross.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 15 Dec 2022 09:39:19 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Tue, 18 Apr 2023 20:08:41 GMT
Cache-Control: max-age=120
ETag: W/"677b062b7ee7382b7082b87bab179b14"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4qGu7MNzefC1sVlBd5ja7d2UNl432v1V8pP3LeMrOwNlR_N_cZZGtA==
Age: 50
snap.licdn.com/li.lms-analytics/insight.min.js
200 OK 4.8 kB URL GET HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP
ASN #20940 Akamai International B.V.
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subjectsnap.licdn.com
FingerprintC5:08:87:7C:56:2D:12:22:84:85:35:3B:B2:1C:B5:4D:DA:F1:3A:64
ValidityWed, 01 Feb 2023 00:00:00 GMT - Wed, 31 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (13351)
Hash 74f72658f6efd10c4c286ab07cd5e452
9fa4dfc644b6e818914f2f2c4fe4bdf791fd6d39
6681619d5962f95b3fccfa34a7f035664edb66522d237ea0c28a05851f9d295c
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=38241
date: Tue, 18 Apr 2023 20:09:29 GMT
content-length: 4777
x-content-type-options: nosniff
x-cdn: AKAM
X-Firefox-Spdy: h2
munchkin.marketo.net/munchkin.js
200 OK 729 B URL GET HTTP/1.1 munchkin.marketo.net/munchkin.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.marketo.net
FingerprintC6:C2:4C:D3:C1:CA:89:26:8F:42:81:08:D4:93:23:EE:6E:A7:D3:F0
ValidityMon, 06 Feb 2023 00:00:00 GMT - Mon, 05 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (521)
Hash 18240fc6ef657b9852872c8b44adbdc0
da8e98f7a27ef410848bd315d9072eaf574e137f
9253df10170ad87289467ed6373d203f123968c7b4010bbe4c2437f18b35db40
GET /munchkin.js HTTP/1.1
Host: munchkin.marketo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 18 Apr 2023 20:09:29 GMT
Content-Length: 729
Connection: keep-alive
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
200 OK 167 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type ASCII text, with very long lines (697)
Size 167 kB (166600 bytes)
Hash fdfdaf63d56b4a9cd6641d79f7159fdc
18b413d8b6b9f3bec32026b7e9d9f4e5e366922f
f4dba3e15f08cf0686e6d89370ed42e8a5dafc38973501f0aa6baa9b93c720f3
GET /recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 16 Apr 2023 16:05:23 GMT
expires: Mon, 15 Apr 2024 16:05:23 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 187446
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
munchkin.marketo.net/163/munchkin.js
200 OK 4.7 kB URL GET HTTP/1.1 munchkin.marketo.net/163/munchkin.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.marketo.net
FingerprintC6:C2:4C:D3:C1:CA:89:26:8F:42:81:08:D4:93:23:EE:6E:A7:D3:F0
ValidityMon, 06 Feb 2023 00:00:00 GMT - Mon, 05 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (606)
Hash a67a8463872b30a03a9952f3704ba2d4
f1dc13fdf9167c4b8345c8c87ac355d197680614
96b9fd7fc7364d5ea8938d96ee726ca4063d45a8df23d4662ca492b0175ce0df
GET /163/munchkin.js HTTP/1.1
Host: munchkin.marketo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=8640000
Expires: Thu, 27 Jul 2023 20:09:29 GMT
Date: Tue, 18 Apr 2023 20:09:29 GMT
Content-Length: 4741
Connection: keep-alive
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
ocsp.r2m01.amazontrust.com/
471 B URL ocsp.r2m01.amazontrust.com/
IP
Hash 34b51aabdb385fe74544b741a2be8298
97772aa710f55912d921c50a59ef71329149c978
1b5d6b5bb065a70ec758fc4e4a37776de61c128cf86b9cbc2c28765514a78635
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=114431
Date: Tue, 18 Apr 2023 20:09:29 GMT
Etag: "643e0d90-1d7"
Expires: Thu, 20 Apr 2023 03:56:40 GMT
Last-Modified: Tue, 18 Apr 2023 03:25:04 GMT
Server: ECAcc (dcb/7F0A)
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4zUtXHGvnOvAAk7_J7Zib3f_RffrlrBr_N8HdIrtBH0rPBsVjuFHLg==
Age: 1896
www.checkbca.org/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZBAd-3g2iBrrqGpefWWgmRAZw8TONzGF-aV_9TjkbkyCvwDWnstKlAYe583il9NLzw2&t=637823077705833095
200 OK 23 kB URL GET HTTP/2 www.checkbca.org/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZBAd-3g2iBrrqGpefWWgmRAZw8TONzGF-aV_9TjkbkyCvwDWnstKlAYe583il9NLzw2&t=637823077705833095
IP
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with CRLF line terminators
Hash 20180537e2ac64e5c60143ac90c84998
82d03de61c4dededbc9fd79d8c3a8e18d3b43744
0999cb5dfb2dcd76a944ef880be49f8e2d66fc60d00817e2b251ba0a67090cbf
GET /WebResource.axd?d=pynGkmcFUV13He1Qd6_TZBAd-3g2iBrrqGpefWWgmRAZw8TONzGF-aV_9TjkbkyCvwDWnstKlAYe583il9NLzw2&t=637823077705833095 HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: application/x-javascript
content-encoding: gzip
expires: Wed, 17 Apr 2024 14:49:06 GMT
last-modified: Tue, 08 Mar 2022 11:42:50 GMT
vary: Accept-Encoding
date: Tue, 18 Apr 2023 20:09:28 GMT
content-length: 23086
X-Firefox-Spdy: h2
sendlane.com/js/eventing.js
302 Found 541 B URL GET HTTP/2 sendlane.com/js/eventing.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerLet's Encrypt
Subject*.sendlane.com
Fingerprint38:54:B8:09:90:3F:CD:43:4F:C7:D1:10:AB:B5:21:21:2F:ED:4D:CD
ValidityWed, 12 Apr 2023 08:56:10 GMT - Tue, 11 Jul 2023 08:56:09 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7a61f1cdaa9955bd261a3ce634f3cd40
d52a2b0e9d8faf153999610b0eccde26ac5d44a6
3805d6801ccfead7718cb449b7f22b0a331000d7e05161201b95afa8cf04f471
GET /js/eventing.js HTTP/1.1
Host: sendlane.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Tue, 18 Apr 2023 20:09:29 GMT
content-type: text/html; charset=UTF-8
location: https://www.sendlane.com/js/eventing.js
cache-control: no-cache, private, max-age=0
x-frame-options: *
x-ratelimit-limit: 480
x-ratelimit-remaining: 478
expires: Tue, 18 Apr 2023 20:09:29 GMT
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b9f8bb309e6b518-OSL
X-Firefox-Spdy: h2
diffuser-cdn.app-us1.com/diffuser/diffuser.js
200 OK 7.5 kB URL GET HTTP/2 diffuser-cdn.app-us1.com/diffuser/diffuser.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerLet's Encrypt
Subjectdiffuser-cdn.app-us1.com
Fingerprint1F:0D:9E:A7:64:75:91:0A:1B:CD:9A:34:B7:53:B2:CE:6E:5A:F0:EA
ValidityMon, 10 Apr 2023 17:41:39 GMT - Sun, 09 Jul 2023 17:41:38 GMT
Hash d82105f00f185ad5eab5de52d1c10e7b
8a7c3ec54cc329f746a06abc82e0efd99afe5caf
ec3791e5f6baf217ebbaf66373a26ba222cf884a5cb52928dbb99867ab8dba1e
GET /diffuser/diffuser.js HTTP/1.1
Host: diffuser-cdn.app-us1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 18 Apr 2023 20:09:28 GMT
content-type: application/javascript
last-modified: Tue, 04 Apr 2023 18:58:37 GMT
etag: W/"613257bb316d347d9417023321c6d62f"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=300
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 554927166d10692a589190ab59950854.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P2
x-amz-cf-id: f8pkjTRsM9Sty-xGa2geI8FQ7gbWjlMXiWclAYyNvBQ4amkFmoZgJg==
cf-cache-status: HIT
age: 193
server: cloudflare
cf-ray: 7b9f8bb37d80b4ed-OSL
X-Firefox-Spdy: h2
tag.simpli.fi/sifitag/7c49dfc0-b0ef-0139-b544-06a60fe5fe77
200 OK 3.1 kB URL GET HTTP/2 tag.simpli.fi/sifitag/7c49dfc0-b0ef-0139-b544-06a60fe5fe77
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (3100)
Hash 3f39bd6aa96de4bb5bd9275b06354981
14f61e1cbeb536266027c98d8f48cc3211f1a2b2
4f8cbfd5c952dcec41e51c8cdf551acc7acf44e7e4d51ab90be179a503fb4b00
GET /sifitag/7c49dfc0-b0ef-0139-b544-06a60fe5fe77 HTTP/1.1
Host: tag.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 18 Apr 2023 20:09:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 3101
set-cookie: suid=8053CABE7A41437099B414FB31FB3FEE; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:29 GMT; SameSite=none; Secure;
suid_legacy=8053CABE7A41437099B414FB31FB3FEE; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:29 GMT; Secure;
x-request-id: F1cgXQjcTaMHyYSHOqqC
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache, no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery-3.3.1.min.js
200 OK 30 kB URL GET HTTP/2 www.checkbca.org/scripts/jquery-3.3.1.min.js
IP
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with very long lines (65451)
Hash a263be51483c81a54aa8c85104a93e55
555a54a73531c553bd2aede6abc25c128b63312e
b2f13ad730928958c09d89e6e32bb6a227c0260d032a39ca464d998a59e57a66
GET /scripts/jquery-3.3.1.min.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Tue, 18 Apr 2023 20:09:28 GMT
content-length: 30394
X-Firefox-Spdy: h2
omnisrc.com/inshop/launcher-v2.js
200 OK 17 kB URL GET HTTP/2 omnisrc.com/inshop/launcher-v2.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB7:6C:47:28:4B:F8:AD:97:84:D1:3F:E2:82:45:F3:E3:9D:79:A7:B2
ValidityTue, 24 Jan 2023 00:00:00 GMT - Tue, 23 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (32008)
Hash ca4d8188d394067f4b00eb5ca4780914
10cc8ab456ca8e896b27d9ced24c70f525351be6
43c22cddeeae48653c9073db3d550939d0d8e6d735ab5dece6562af9f410d11e
GET /inshop/launcher-v2.js HTTP/1.1
Host: omnisrc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 18 Apr 2023 20:09:28 GMT
content-type: application/javascript
last-modified: Thu, 23 Mar 2023 12:46:01 GMT
etag: W/"641c4a09-c5db"
expires: Tue, 18 Apr 2023 20:29:40 GMT
cache-control: max-age=3600
x-envoy-upstream-service-time: 1
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 337
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7b9f8bb37ab0b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=58092&time=1681848703990&url=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418
302 Found 0 B URL GET HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=58092&time=1681848703990&url=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subjectwww.linkedin.com
Fingerprint1F:CD:8F:F2:82:0B:B9:19:6B:DE:AD:66:B4:F9:B0:8B:F0:91:FF:6C
ValidityTue, 07 Mar 2023 00:00:00 GMT - Thu, 07 Sep 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=58092&time=1681848703990&url=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418 HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D58092%26time%3D1681848703990%26url%3Dhttps%253A%252F%252Fwww.usbfund.com%252F%253Futm_source%253Dbayengage%2526utm_medium%253Dcampaign-email%2526utm_campaign%253Dsales-0418%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQKXK4MVT3S-oQAAAYeV_I_zmMdAJJxBgNqHYoCG5qpExfsL-8v0WczufsvDJAstOgfKyFeGG_8sPA; Max-Age=2592000; Expires=Thu, 18 May 2023 20:09:29 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQIW7pt_6K5dmAAAAYeV_I_zAvid25rM5bK0CmCk-Z6HLIyXwKa-clpvd0qv_c_mFg7wgW7yKj1DWfi6fggPQA; Max-Age=2592000; Expires=Thu, 18 May 2023 20:09:29 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
bcookie="v=2&961e9f4a-ccd6-4372-8c71-96cb5b6b521e"; domain=.linkedin.com; Path=/; Secure; Expires=Wed, 17-Apr-2024 20:09:29 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2506:u=1:x=1:i=1681848569:t=1681934969:v=2:sig=AQH_kNfgB6OILWr1jEhOP5G5yicSYW_r"; Expires=Wed, 19 Apr 2023 20:09:29 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-source-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAX5oeKR/jnpz7fhGIWcEQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 5C3C5FE8E97C4D6FA25F338B924B2504 Ref B: OSL30EDGE0522 Ref C: 2023-04-18T20:09:29Z
date: Tue, 18 Apr 2023 20:09:29 GMT
content-length: 0
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=xbxll83v7f9z
200 OK 27 kB URL GET HTTP/3 www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=xbxll83v7f9z
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (41267)
Hash 0424f3dce2790e3899a8d95f20b54918
8ef9f4b0fe7ce119ed789bac285bc0f9f3eb53b5
ab8e6a8efb3bee9b16f11129a5ca1acfdfd851047bfb4489ec5948a7c570b42c
GET /recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=xbxll83v7f9z HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 18 Apr 2023 20:09:29 GMT
content-security-policy: script-src 'nonce-rFk7XelEhRmM92agjQFqHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 26836
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
widget.trustpilot.com/trustbox-data/54ad5defc6454f065c28af8b?businessUnitId=57559cd10000ff00058effd9&locale=en-US&reviewStars=5&reviewsPerPage=15
200 OK 8.2 kB URL GET HTTP/2 widget.trustpilot.com/trustbox-data/54ad5defc6454f065c28af8b?businessUnitId=57559cd10000ff00058effd9&locale=en-US&reviewStars=5&reviewsPerPage=15
IP
Requested by https://widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=57559cd10000ff00058effd9#locale=en-US&styleHeight=240px&styleWidth=100%25&theme=light&stars=5&schemaType=Organization
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintED:01:2E:50:4C:98:9B:F1:34:D7:8C:1E:93:45:E6:05:00:3C:47:86
ValidityThu, 02 Feb 2023 00:00:00 GMT - Sat, 02 Mar 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (18813)
Hash d2aa5f061fd9e1ca6e82459ac2190609
180dfbb64252c2ee5e0d1bd5920a77dc09ecd3cf
dc4b7f29bd220ff4627900aa6306cb52cff465acb7591d61f06a51ac454e05ef
GET /trustbox-data/54ad5defc6454f065c28af8b?businessUnitId=57559cd10000ff00058effd9&locale=en-US&reviewStars=5&reviewsPerPage=15 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=57559cd10000ff00058effd9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: public,max-age=1800
content-encoding: gzip
date: Tue, 18 Apr 2023 20:09:28 GMT
etag: "623f1bedbd88d2164330d3956493b308"
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8lASCturR30vg2kLCbWyrNBTBUO_cB9iWMSxhbAAuZDq6JRDzLTqmg==
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.1.2
200 OK 1.9 kB URL GET HTTP/3 www.usbfund.com/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.1.2
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type ASCII text, with very long lines (4610)
Hash bc441a33b45e62f32e29f93980d44de1
d30f806daa31d3f0f5c48670c1cbd44d0f972b63
b7ac6e067d0b62c0b06c97f768f061c78114f6e27011880b292a8cb222f8c9f1
GET /wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.1.2 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2019 00:22:39 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHfJpGioMKARuw7utr9FyukQyGihcxWEGM1%2Bm4fVhJpa45MJDSqo5gmtWF1WhI%2BvFXYCXjB5VhO96owQIjqaN8O%2FF1BtoOcJYgPw0%2Fh4izoqwMeRkisl%2F7Wd8D8Xs%2BLRJF8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b9f8ba788e5b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
koi-3qnetrwct6.marketingautomation.services/client/ss.js?ver=1.1.1
200 OK 9.3 kB URL GET HTTP/2 koi-3qnetrwct6.marketingautomation.services/client/ss.js?ver=1.1.1
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGlobalSign nv-sa
Subject*.marketingautomation.services
FingerprintB7:49:65:C5:92:42:69:3D:A0:BB:F8:6B:B1:7D:06:FF:FF:16:AC:36
ValidityFri, 03 Jun 2022 16:56:02 GMT - Wed, 05 Jul 2023 16:56:01 GMT
File type ASCII text, with very long lines (12275), with CRLF line terminators
Hash 9c15ed6e08cf3d5544c4593105e5f051
88eb73ed9389d2a55aa23f5578b90f84be361ff4
bbd59d8c80ae81cfe870b0037a1899f4a527e1a1dcd1f511470cae437796af1f
GET /client/ss.js?ver=1.1.1 HTTP/1.1
Host: koi-3qnetrwct6.marketingautomation.services
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: application/javascript
last-modified: Thu, 06 Apr 2023 19:12:21 GMT
vary: Accept-Encoding
etag: W/"642f1995-2fe4"
expires: Tue, 25 Apr 2023 20:09:27 GMT
cache-control: max-age=604800, public
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.checkbca.org/images/widget_seal.png
200 OK 2.7 kB URL GET HTTP/2 www.checkbca.org/images/widget_seal.png
IP
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash 270ad3deddbe8a845043e3d6a8000f91
3835898b5aba554e51bf8c9191b3804e7fad65a2
30f3c9000753eaaba38681a3a44471668df6f9c60258644baba4ca24cdf62c89
GET /images/widget_seal.png HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: image/png
last-modified: Sat, 09 May 2020 03:31:08 GMT
accept-ranges: bytes
etag: "ba4a5b47b225d61:0"
date: Tue, 18 Apr 2023 20:09:28 GMT
content-length: 2723
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/jquery.selectbox.css
200 OK 844 B URL GET HTTP/2 www.checkbca.org/stylesheets/jquery.selectbox.css
IP
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with very long lines (2823), with no line terminators
Hash ef6ac3dc00cd170fb2e40e76489dc10d
02964dcc31527690062facef2f5ca2c0cf24ea23
06e4f8e3d1d4e68a23c9fd4927304906f912307b71f80025f6b74dfe3945d813
GET /stylesheets/jquery.selectbox.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: text/css
content-encoding: gzip
last-modified: Fri, 02 Aug 2019 17:52:06 GMT
accept-ranges: bytes
etag: "0a783ff5a49d51:0"
vary: Accept-Encoding
date: Tue, 18 Apr 2023 20:09:28 GMT
content-length: 844
X-Firefox-Spdy: h2
www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
200 OK 24 kB URL GET HTTP/2 www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
IP
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with very long lines (65262), with CRLF line terminators
Hash 1aa546445a52ff5e781cb1e335f445c4
a8071c7d8f7c2798100ceed7ef5842a587cc41d2
6a3e80b4cc602560e187e061ff5070fdda5c608125956f878f417b01867f6b09
GET /scripts/webforms/msajax/microsoftajax.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 03 Mar 2023 16:46:05 GMT
accept-ranges: bytes
etag: "80c44da5ef4dd91:0"
vary: Accept-Encoding
date: Tue, 18 Apr 2023 20:09:28 GMT
content-length: 24320
X-Firefox-Spdy: h2
www.checkbca.org/scripts/webforms/msajax/microsoftajaxwebforms.js
200 OK 9.6 kB URL GET HTTP/2 www.checkbca.org/scripts/webforms/msajax/microsoftajaxwebforms.js
IP
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with very long lines (39257), with CRLF line terminators
Hash 211aa6b9096a11187131cbc6c3ab6d16
380ff6b00fc93d78031319a6d1b0e78f2a9e6017
4f1ec7256c84b77776b8c75fd59dca0c6b5560fa3a5010a290e46b6b5d8d4f5f
GET /scripts/webforms/msajax/microsoftajaxwebforms.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 03 Mar 2023 16:46:05 GMT
accept-ranges: bytes
etag: "80c44da5ef4dd91:0"
vary: Accept-Encoding
date: Tue, 18 Apr 2023 20:09:28 GMT
content-length: 9603
X-Firefox-Spdy: h2
sc.cdnma.com/apps/18595/capture.js
200 OK 32 kB URL GET HTTP/2 sc.cdnma.com/apps/18595/capture.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerAmazon
Subjectbeacon.cdnma.com
Fingerprint50:C6:2C:3E:55:7D:4A:E1:3D:E3:E4:D6:7E:45:89:3C:92:43:C0:C0
ValiditySun, 02 Apr 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (37880)
Hash abb2c12d77485582bbaa12c568988d1a
3f9653b970896ba743a6ff354e772d44c365d447
1f35f6ff9c84d6fe3324df8132787aeb5249d1d77536ce9cd81e4f76b6a40604
GET /apps/18595/capture.js HTTP/1.1
Host: sc.cdnma.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 18 Apr 2023 20:09:30 GMT
last-modified: Thu, 15 Dec 2022 23:31:14 GMT
expires: Wed, 19 Apr 2023 00:09:30 GMT
cache-control: max-age=14400
access-control-allow-origin: *
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
etag: W/"639bae42-6c08"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: DHb_YObHRLU3992TyNmUqtCpNHfyBW1_1KzXLOLIdi3vz0EB78oMpQ==
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
200 OK 167 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type ASCII text, with very long lines (697)
Size 167 kB (166600 bytes)
Hash fdfdaf63d56b4a9cd6641d79f7159fdc
18b413d8b6b9f3bec32026b7e9d9f4e5e366922f
f4dba3e15f08cf0686e6d89370ed42e8a5dafc38973501f0aa6baa9b93c720f3
GET /recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.gstatic.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 16 Apr 2023 16:05:23 GMT
expires: Mon, 15 Apr 2024 16:05:23 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 187447
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sendlane.com/js/eventing.js
302 Found 353 B URL GET HTTP/2 sendlane.com/js/eventing.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerLet's Encrypt
Subject*.sendlane.com
Fingerprint38:54:B8:09:90:3F:CD:43:4F:C7:D1:10:AB:B5:21:21:2F:ED:4D:CD
ValidityWed, 12 Apr 2023 08:56:10 GMT - Tue, 11 Jul 2023 08:56:09 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7eeeb4f0c7de464201b9e7caf135caa0
e61cbc560014083dd67a374d70dbcf61ff6c26da
3163dec58ac83786ba30a7dbfd4ac4131fe5b00abe79c3be894423c80b094d95
GET /js/eventing.js HTTP/1.1
Host: sendlane.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: text/html; charset=UTF-8
location: https://www.sendlane.com/js/eventing.js
cache-control: no-cache, private, max-age=0
x-frame-options: *
x-ratelimit-limit: 480
x-ratelimit-remaining: 479
expires: Tue, 18 Apr 2023 20:09:27 GMT
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b9f8ba9183bb518-OSL
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
471 B URL ocsp.r2m01.amazontrust.com/
IP
Hash 34b51aabdb385fe74544b741a2be8298
97772aa710f55912d921c50a59ef71329149c978
1b5d6b5bb065a70ec758fc4e4a37776de61c128cf86b9cbc2c28765514a78635
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=117932
Date: Tue, 18 Apr 2023 20:09:30 GMT
Etag: "643e0d90-1d7"
Expires: Thu, 20 Apr 2023 04:55:02 GMT
Last-Modified: Tue, 18 Apr 2023 03:25:04 GMT
Server: ECAcc (nya/789D)
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _Xq-Y2eDC_J2Ip8eQ5j3X7rLSzyrMzI24tXETxoeFxflhajV76NQsw==
Age: 5398
www.checkbca.org/scripts/jquery.selectbox.js
200 OK 4.2 kB URL GET HTTP/2 www.checkbca.org/scripts/jquery.selectbox.js
IP
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type Unicode text, UTF-8 text, with very long lines (15896), with no line terminators
Hash 786f2eb7bf72098ca18b9afd6d127237
5e75cb575c23f13e064a913cbe55570670e718ab
d8a1f1df33bbe0f528bfd53be5c1388890220e54c5aaa7281b889a1e5dde3189
GET /scripts/jquery.selectbox.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Tue, 18 Apr 2023 20:09:30 GMT
content-length: 4192
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=xbxll83v7f9z
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 16 Apr 2023 18:07:16 GMT
expires: Mon, 15 Apr 2024 18:07:16 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 180134
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/webworker.js?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw
200 OK 112 B URL GET HTTP/3 www.google.com/recaptcha/api2/webworker.js?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=xbxll83v7f9z
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
File type ASCII text, with no line terminators
Hash 8771b78bf8540cb0f0abd565803ec778
47cd6a15b47404961c8d0f5a1e11fe2125b46c1c
ea56675b25b1314bc82952ca08e0590788909f502ff612b300cf54cc2eea54ad
GET /recaptcha/api2/webworker.js?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=xbxll83v7f9z
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
expires: Tue, 18 Apr 2023 20:09:30 GMT
date: Tue, 18 Apr 2023 20:09:30 GMT
cache-control: private, max-age=300
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/logo_48.png
200 OK 2.2 kB URL GET HTTP/3 www.gstatic.com/recaptcha/api2/logo_48.png
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=xbxll83v7f9z
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.gstatic.com
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 14 Apr 2023 10:47:17 GMT
expires: Fri, 21 Apr 2023 10:47:17 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 379333
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
200 OK 167 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type ASCII text, with very long lines (697)
Size 167 kB (166600 bytes)
Hash fdfdaf63d56b4a9cd6641d79f7159fdc
18b413d8b6b9f3bec32026b7e9d9f4e5e366922f
f4dba3e15f08cf0686e6d89370ed42e8a5dafc38973501f0aa6baa9b93c720f3
GET /recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.gstatic.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 16 Apr 2023 16:05:23 GMT
expires: Mon, 15 Apr 2024 16:05:23 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 187447
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
px.ads.linkedin.com/collect?v=2&fmt=js&pid=58092&time=1681848703990&url=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418&liSync=true
200 OK 0 B URL GET HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=58092&time=1681848703990&url=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418&liSync=true
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subjectwww.linkedin.com
Fingerprint1F:CD:8F:F2:82:0B:B9:19:6B:DE:AD:66:B4:F9:B0:8B:F0:91:FF:6C
ValidityTue, 07 Mar 2023 00:00:00 GMT - Thu, 07 Sep 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=58092&time=1681848703990&url=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: bcookie="v=2&321c9b0f-2769-4223-89f5-c4fe1bc9909a"; domain=.linkedin.com; Path=/; Secure; Expires=Wed, 17-Apr-2024 20:09:30 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2506:u=1:x=1:i=1681848570:t=1681934970:v=2:sig=AQGOMXQhYG7m8NdZ0RCgRG7gmR92DmY1"; Expires=Wed, 19 Apr 2023 20:09:30 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAX5oeKY6D9lvt8oW/zFGQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: D0321D103A584E7B94551E44DBBEA964 Ref B: OSL30EDGE0522 Ref C: 2023-04-18T20:09:30Z
date: Tue, 18 Apr 2023 20:09:30 GMT
content-length: 0
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/bframe?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5
200 OK 1.1 kB URL GET HTTP/3 www.google.com/recaptcha/api2/bframe?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 08a8c1bd0feea86e8d2bcd470db1dd0e
e4913e641d49353a3b0cff606b375cd04ca1dfc1
eb7fc5f5df988c9c0dfe266f684381154a55a7ea77de853f3176a8fe3cf1f1a3
GET /recaptcha/api2/bframe?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 18 Apr 2023 20:09:30 GMT
content-security-policy: script-src 'nonce-KFVxYsa-oqKD8NbBgl15Fg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1119
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=xbxll83v7f9z
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type ASCII text, with very long lines (56403), with no line terminators
Hash a42c6333a13e5376af95f46fd9c7b627
57a98e519a44915e39a0cb6f23812adfa6611e67
62bff9dd0379da44f9d7f739af671bb6b243c016b49c7146b431ae9e6b9cb41b
GET /recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.gstatic.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Apr 2023 18:10:59 GMT
expires: Thu, 11 Apr 2024 18:10:59 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
content-type: text/css
vary: Accept-Encoding
age: 525511
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
200 OK 167 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type ASCII text, with very long lines (697)
Size 167 kB (166600 bytes)
Hash fdfdaf63d56b4a9cd6641d79f7159fdc
18b413d8b6b9f3bec32026b7e9d9f4e5e366922f
f4dba3e15f08cf0686e6d89370ed42e8a5dafc38973501f0aa6baa9b93c720f3
GET /recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.gstatic.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 16 Apr 2023 16:05:23 GMT
expires: Mon, 15 Apr 2024 16:05:23 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 187447
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.r2m01.amazontrust.com/
471 B URL ocsp.r2m01.amazontrust.com/
IP
Hash a2e65c947490661056d4246a229488c6
1b68959c19e9c901d104c8d9e3f967a958f8b1dd
7da162db7ad389a88ba726e910af65a51ddfb1a9844ba84f70471834a984f61b
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=165473
Date: Tue, 18 Apr 2023 20:09:30 GMT
Etag: "643edc5b-1d7"
Expires: Thu, 20 Apr 2023 18:07:23 GMT
Last-Modified: Tue, 18 Apr 2023 18:07:23 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: obDSFfTUO6dadQpFVkMAFrf37X8OGieavltY1c2_YDf1jCZK9v8jKA==
rec.smartlook.com/recorder.js
200 OK 1.6 kB URL GET HTTP/2 rec.smartlook.com/recorder.js
IP
ASN #60068 Datacamp Limited
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerLet's Encrypt
Subject1610534878.rsc.cdn77.org
FingerprintBB:5B:2A:E4:11:8D:C4:B8:5E:3A:2D:9D:A5:F5:F3:39:06:C3:8E:63
ValidityThu, 23 Mar 2023 00:59:41 GMT - Wed, 21 Jun 2023 00:59:40 GMT
Hash f92a18a2d21b0adf9df7e759678766ad
84419f474b3683b811bfba2304e21fa84e7329a5
7d59ca8a3a4c0ed65f527cd1fecc61d3f723965fc1623c2c437265d35c1196a7
GET /recorder.js HTTP/1.1
Host: rec.smartlook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 18 Apr 2023 20:09:29 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600
cross-origin-resource-policy: cross-origin
etag: W/"643e8cba-e8b"
last-modified: Tue, 18 Apr 2023 12:27:38 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Accept-Encoding
server: CDN77-Turbo
x-77-nzt: AblMCRRhn1DvDgAAAA
x-77-nzt-ray: af5856305c9f51f2f9f83e64948a5727
x-accel-expires: @1681849155
x-cache: HIT
x-age: 14
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=57559cd10000ff00058effd9
3.5 kB URL widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=57559cd10000ff00058effd9
IP
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintED:01:2E:50:4C:98:9B:F1:34:D7:8C:1E:93:45:E6:05:00:3C:47:86
ValidityThu, 02 Feb 2023 00:00:00 GMT - Sat, 02 Mar 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13396)
Hash ec8997a01685f3d46f7e65c853a558f4
063512c999b1ee6c28dd191641516b6e9d09155a
4588d348b32d3dccd38309f50e5d0802f2a43bb84f98f7b7ea3fcf4e76d767ed
GET /trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=57559cd10000ff00058effd9 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 3451
date: Tue, 18 Apr 2023 03:26:04 GMT
last-modified: Tue, 21 Mar 2023 10:45:41 GMT
etag: "ec8997a01685f3d46f7e65c853a558f4"
x-amz-server-side-encryption: AES256
cache-control: max-age=86400
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: T8zCWtG7qFRRifpqmo35bsOtx0N3zOA4q_SfRkSjIc2tBy7u1ZZKuA==
age: 60208
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/bframe?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5
200 OK 1.1 kB URL GET HTTP/3 www.google.com/recaptcha/api2/bframe?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2ab95fd4e397b3b397033573ad3999ce
bdb26a3d3965c1bd2d53b08cbf107d97cb5abe03
a56f8b21358a18681d82e2963abdb64d91140db6f1fb905901c8d6bd973da925
GET /recaptcha/api2/bframe?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 18 Apr 2023 20:09:31 GMT
content-security-policy: script-src 'nonce-ImDWGftXicZ3AB83_yKsMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1116
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=xbxll83v7f9z
200 OK 27 kB URL GET HTTP/3 www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=xbxll83v7f9z
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (41392)
Hash 4371d53c7ef5c2045bda17994c7d4843
c61e9fec3472855e7baae54ee8d923f943de3679
58bbd19eda68dd0370ab574307cc322dd435c18b071f38d51a8dcae3328d49c3
GET /recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=xbxll83v7f9z HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 18 Apr 2023 20:09:31 GMT
content-security-policy: script-src 'nonce-aVnUPL2PNqkSkLzvq_sp6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 26881
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/main.js
200 OK 31 kB URL GET HTTP/2 widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/main.js
IP
Requested by https://widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=57559cd10000ff00058effd9#locale=en-US&styleHeight=240px&styleWidth=100%25&theme=light&stars=5&schemaType=Organization
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintED:01:2E:50:4C:98:9B:F1:34:D7:8C:1E:93:45:E6:05:00:3C:47:86
ValidityThu, 02 Feb 2023 00:00:00 GMT - Sat, 02 Mar 2024 23:59:59 GMT
File type Unicode text, UTF-8 (with BOM) text, with very long lines (64030), with no line terminators
Hash 2e3edb0ca56a4b6e3a0425ac711a5928
fb9a6bcba231dc84aa0a352495b74a5fb0090fd3
d000cdf690d72aba7baa5530f3a3d42bd3666e0cdac906f9e04bbbd3348d2a65
GET /trustboxes/54ad5defc6454f065c28af8b/main.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=57559cd10000ff00058effd9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 31025
date: Tue, 18 Apr 2023 05:48:33 GMT
last-modified: Tue, 21 Mar 2023 10:45:42 GMT
etag: "2e3edb0ca56a4b6e3a0425ac711a5928"
x-amz-server-side-encryption: AES256
cache-control: max-age=86400
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nt_hKrbvOvMBbZyhahgiEE28Gv_oXvychSyFsK5Chiq6e50hnet7KA==
age: 51659
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=xbxll83v7f9z
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type ASCII text, with very long lines (56403), with no line terminators
Hash a42c6333a13e5376af95f46fd9c7b627
57a98e519a44915e39a0cb6f23812adfa6611e67
62bff9dd0379da44f9d7f739af671bb6b243c016b49c7146b431ae9e6b9cb41b
GET /recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.gstatic.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Apr 2023 18:10:59 GMT
expires: Thu, 11 Apr 2024 18:10:59 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
content-type: text/css
vary: Accept-Encoding
age: 525512
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
200 OK 167 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type ASCII text, with very long lines (697)
Size 167 kB (166600 bytes)
Hash fdfdaf63d56b4a9cd6641d79f7159fdc
18b413d8b6b9f3bec32026b7e9d9f4e5e366922f
f4dba3e15f08cf0686e6d89370ed42e8a5dafc38973501f0aa6baa9b93c720f3
GET /recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.gstatic.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 16 Apr 2023 16:05:23 GMT
expires: Mon, 15 Apr 2024 16:05:23 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 187448
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
200 OK 167 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type ASCII text, with very long lines (697)
Size 167 kB (166600 bytes)
Hash fdfdaf63d56b4a9cd6641d79f7159fdc
18b413d8b6b9f3bec32026b7e9d9f4e5e366922f
f4dba3e15f08cf0686e6d89370ed42e8a5dafc38973501f0aa6baa9b93c720f3
GET /recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.gstatic.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 16 Apr 2023 16:05:23 GMT
expires: Mon, 15 Apr 2024 16:05:23 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 187448
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.checkbca.org/CompanyWidget.aspx?ID=100094667&WidgetType=1
301 Moved Permanently 196 B URL GET HTTP/2 www.checkbca.org/CompanyWidget.aspx?ID=100094667&WidgetType=1
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash e4450c4791dadbc8f0fe8409a9b278ec
70f8e597f291a8a247c4f1bbbc4586e300f75723
e350fe60679b3272336147b700171d459374f3a66c6e228673a94ec0d9239b7e
GET /CompanyWidget.aspx?ID=100094667&WidgetType=1 HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
date: Tue, 18 Apr 2023 20:09:30 GMT
content-length: 196
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=xbxll83v7f9z
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 16 Apr 2023 18:07:16 GMT
expires: Mon, 15 Apr 2024 18:07:16 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 180135
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/api2/webworker.js?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw
200 OK 112 B URL GET HTTP/3 www.google.com/recaptcha/api2/webworker.js?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=xbxll83v7f9z
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
File type ASCII text, with no line terminators
Hash 8771b78bf8540cb0f0abd565803ec778
47cd6a15b47404961c8d0f5a1e11fe2125b46c1c
ea56675b25b1314bc82952ca08e0590788909f502ff612b300cf54cc2eea54ad
GET /recaptcha/api2/webworker.js?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=xbxll83v7f9z
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
expires: Tue, 18 Apr 2023 20:09:31 GMT
date: Tue, 18 Apr 2023 20:09:31 GMT
cache-control: private, max-age=300
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
track.hubspot.com/__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3046474533&v=1.1&a=5627136&ct=standard-page&rcu=https%3A%2F%2Fwww.usbfund.com%2F&pu=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418&t=US+Business+Funding+-+Equipment+Financing+and+Working+Capital+Loans&cts=1681848705252&vi=7af3bcce44eea018ebb32c0ed94cd3ea&nc=true&u=152200550.7af3bcce44eea018ebb32c0ed94cd3ea.1681848705249.1681848705249.1681848705249.1&b=152200550.1.1681848705250&cc=15
200 OK 45 B URL GET HTTP/2 track.hubspot.com/__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3046474533&v=1.1&a=5627136&ct=standard-page&rcu=https%3A%2F%2Fwww.usbfund.com%2F&pu=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418&t=US+Business+Funding+-+Equipment+Financing+and+Working+Capital+Loans&cts=1681848705252&vi=7af3bcce44eea018ebb32c0ed94cd3ea&nc=true&u=152200550.7af3bcce44eea018ebb32c0ed94cd3ea.1681848705249.1681848705249.1681848705249.1&b=152200550.1.1681848705250&cc=15
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerCloudflare, Inc.
Subjecthubspot.com
Fingerprint3C:BA:BA:9A:BA:DB:73:C8:7B:C2:5D:05:8C:BB:9C:D8:8D:D9:D4:19
ValiditySun, 05 Feb 2023 00:00:00 GMT - Mon, 05 Feb 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash c8817d472077ebfc04593c1fa019d32d
e1e86f41c86c7b9cd2e8b76c6a925a1a3e7e3247
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
GET /__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3046474533&v=1.1&a=5627136&ct=standard-page&rcu=https%3A%2F%2Fwww.usbfund.com%2F&pu=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418&t=US+Business+Funding+-+Equipment+Financing+and+Working+Capital+Loans&cts=1681848705252&vi=7af3bcce44eea018ebb32c0ed94cd3ea&nc=true&u=152200550.7af3bcce44eea018ebb32c0ed94cd3ea.1681848705249.1681848705249.1681848705249.1&b=152200550.1.1681848705250&cc=15 HTTP/1.1
Host: track.hubspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 18 Apr 2023 20:09:31 GMT
content-type: image/gif
content-length: 45
cf-ray: 7b9f8bc1ebd2069b-OSL
cache-control: no-cache, no-store, no-transform
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-hubspot-correlation-id: f4afc26f-5652-492a-883b-4e7f6322141b
x-robots-tag: none
set-cookie: __cf_bm=MY0_0VzoyUd7ahPFEiN_4hhpLyXFsfJTD0olgDNG2X8-1681848571-0-AdvbH47uZBuLaYGzvmKoAQcnUjaKEa9xnZYme/0qWRby1Sh5qc2SwwXjRrc+N2NCDdFYWLqWVvXzH3gJgRI8yr8=; path=/; expires=Tue, 18-Apr-23 20:39:31 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2F8QFNpdJVVk0CAKN3zyZh8og3sxEvCsobNzPwW%2FhwQpMXCDyW8qcEa3N%2F0iYBk%2B%2BqmX5709pyDRts777UroH8xsFJRm%2B1KuItkHIOT9qH3CYgCzseqmxnu1hVeGnkXlrUZ4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/api2/logo_48.png
200 OK 2.2 kB URL GET HTTP/3 www.gstatic.com/recaptcha/api2/logo_48.png
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=xbxll83v7f9z
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.gstatic.com
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 14 Apr 2023 10:47:17 GMT
expires: Fri, 21 Apr 2023 10:47:17 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 379334
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
200 OK 6.5 kB URL GET HTTP/2 www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (540), with CRLF line terminators
Hash bde87b41c86b1d214dc68a5b52cfb83f
ded49253ff9d267e45b68b0e44db4ce6924f9721
e99c03643652e8182692601d7d2b69315d650d35558aa7586b1868350cfecc26
GET /companywidget.aspx?ID=100094667&WidgetType=1 HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=0ucbc1kjdrazaglyev4j5qqo; path=/; secure; HttpOnly; SameSite=Lax
date: Tue, 18 Apr 2023 20:09:31 GMT
content-length: 6465
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
200 OK 167 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type ASCII text, with very long lines (697)
Size 167 kB (166600 bytes)
Hash fdfdaf63d56b4a9cd6641d79f7159fdc
18b413d8b6b9f3bec32026b7e9d9f4e5e366922f
f4dba3e15f08cf0686e6d89370ed42e8a5dafc38973501f0aa6baa9b93c720f3
GET /recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.gstatic.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 16 Apr 2023 16:05:23 GMT
expires: Mon, 15 Apr 2024 16:05:23 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 187448
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/api2/bframe?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5
200 OK 1.1 kB URL GET HTTP/3 www.google.com/recaptcha/api2/bframe?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7082eb3e4f703ba0bb402791add6c6a9
69b24d765da0498bda96b0b01eb458ce19821a45
96fa1d1db5a2c611426fce1b7a780edf915205d1020fa0ae3ad116cc606d2525
GET /recaptcha/api2/bframe?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 18 Apr 2023 20:09:31 GMT
content-security-policy: script-src 'nonce-ocHEgihP0w8HJs1qyg0TZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1116
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
speedyfox.io/anywhere/5f1d4e2f1d5e403592a56487267b609f40807d7ef69744e7aa045795455c9581?t=&u=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418&r=
403 Forbidden 18 B URL GET HTTP/1.1 speedyfox.io/anywhere/5f1d4e2f1d5e403592a56487267b609f40807d7ef69744e7aa045795455c9581?t=&u=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418&r=
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerLet's Encrypt
Subjectspeedyfox.io
Fingerprint07:09:A4:A4:F2:34:58:BA:DB:2F:7F:3E:9C:AF:C7:B8:1F:34:89:65
ValidityTue, 21 Mar 2023 00:01:32 GMT - Mon, 19 Jun 2023 00:01:31 GMT
File type ASCII text, with no line terminators
Hash 25f009f228cd844020264ff74a36bb64
8e2ada0df86c2ea12930c55ebdc0575aa5e31d87
a4578829918d4df61d980bf0665df65a68d19ea4de6d0dfdb75fb099b47474bf
GET /anywhere/5f1d4e2f1d5e403592a56487267b609f40807d7ef69744e7aa045795455c9581?t=&u=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418&r= HTTP/1.1
Host: speedyfox.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Content-Type: application/json
Content-Length: 18
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS
X-Timing: lt=1
Date: Tue, 18 Apr 2023 20:09:31 GMT
Connection: close
um.simpli.fi/triplelift
302 Found 142 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /triplelift HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: openresty
date: Tue, 18 Apr 2023 20:09:31 GMT
content-type: text/html
content-length: 142
location: https://eb2.3lift.com/xuid?mid=7969&xuid=46ACA242E1C04EDA8F541351313FFE91&dongle=yf3
set-cookie: suid=46ACA242E1C04EDA8F541351313FFE91; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; SameSite=none; Secure;
suid_legacy=46ACA242E1C04EDA8F541351313FFE91; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; Secure;
expires: Mon, 17 Apr 2023 20:09:31 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/freewheel
200 OK 43 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /freewheel HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 18 Apr 2023 20:09:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
set-cookie: suid=B547BD39FE834C86B4A161ADAADA1DA1; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; SameSite=none; Secure;
suid_legacy=B547BD39FE834C86B4A161ADAADA1DA1; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; Secure;
expires: Mon, 17 Apr 2023 20:09:31 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
beacon.cdnma.com/apps/capture.php?p=18595&l=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418&u=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418&r=&uq=e6074456-9ff3-4142-a341-18595f390641&c=0&o=&ac=3f686923-581f-4ba6-ac9e-18595f601d1e&t=1681848704382
200 OK 162 B URL GET HTTP/2 beacon.cdnma.com/apps/capture.php?p=18595&l=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418&u=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418&r=&uq=e6074456-9ff3-4142-a341-18595f390641&c=0&o=&ac=3f686923-581f-4ba6-ac9e-18595f601d1e&t=1681848704382
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerAmazon
Subjectbeacon.cdnma.com
FingerprintA6:3C:0C:C6:81:F1:31:50:5F:4C:49:9F:51:4E:07:B6:95:A8:F2:AC
ValidityTue, 21 Feb 2023 00:00:00 GMT - Thu, 21 Mar 2024 23:59:59 GMT
Hash 075f12dc2d3fe43192b4da89d9465bbe
d1fc429b12217d848781f652642d5298dd34778e
4342be18d24c4144a5779ed28aea497e2b8851633c3ee23cdefdd40226152bf7
GET /apps/capture.php?p=18595&l=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418&u=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418&r=&uq=e6074456-9ff3-4142-a341-18595f390641&c=0&o=&ac=3f686923-581f-4ba6-ac9e-18595f601d1e&t=1681848704382 HTTP/1.1
Host: beacon.cdnma.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 18 Apr 2023 20:09:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
pragma: public
cache-control: max-age=1209600
expires: Tue, 02 May 2023 20:09:30 GMT
access-control-allow-origin: *
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
um.simpli.fi/exelatem
302 Found 142 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /exelatem HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Tue, 18 Apr 2023 20:09:31 GMT
content-type: text/html
content-length: 142
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=F4CA91FD2BE9484D8EE240143CB02C9A&j=0
set-cookie: suid=F4CA91FD2BE9484D8EE240143CB02C9A; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; SameSite=none; Secure;
suid_legacy=F4CA91FD2BE9484D8EE240143CB02C9A; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; Secure;
expires: Mon, 17 Apr 2023 20:09:31 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/yahoo
200 OK 43 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /yahoo HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 18 Apr 2023 20:09:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
set-cookie: suid=14C45079C692491DA1F9A30F8F8ED6C3; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; SameSite=none; Secure;
suid_legacy=14C45079C692491DA1F9A30F8F8ED6C3; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; Secure;
expires: Mon, 17 Apr 2023 20:09:31 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/beachfront
302 Found 142 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /beachfront HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Tue, 18 Apr 2023 20:09:31 GMT
content-type: text/html
content-length: 142
location: https://sync.bfmio.com/sync?pid=141&uid=AD0F340CE75441DC8BD0568AD2E16983
set-cookie: suid=AD0F340CE75441DC8BD0568AD2E16983; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; SameSite=none; Secure;
suid_legacy=AD0F340CE75441DC8BD0568AD2E16983; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; Secure;
expires: Mon, 17 Apr 2023 20:09:31 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/bluekai
302 Found 142 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /bluekai HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Tue, 18 Apr 2023 20:09:31 GMT
content-type: text/html
content-length: 142
location: https://stags.bluekai.com/site/29931?id=D82080DE247F49E1A94FB26D7CED5A19
set-cookie: suid=D82080DE247F49E1A94FB26D7CED5A19; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; SameSite=none; Secure;
suid_legacy=D82080DE247F49E1A94FB26D7CED5A19; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; Secure;
expires: Mon, 17 Apr 2023 20:09:31 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/crwdcntrl
302 Found 142 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /crwdcntrl HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Tue, 18 Apr 2023 20:09:31 GMT
content-type: text/html
content-length: 142
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=1862EE78AAA54B21BA7BC60065448080
set-cookie: suid=1862EE78AAA54B21BA7BC60065448080; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; SameSite=none; Secure;
suid_legacy=1862EE78AAA54B21BA7BC60065448080; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; Secure;
expires: Mon, 17 Apr 2023 20:09:31 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/lj_match
302 Found 142 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /lj_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Tue, 18 Apr 2023 20:09:31 GMT
content-type: text/html
content-length: 142
location: https://ce.lijit.com/merge?pid=2&3pid=4CD7B957EBE94CC588659CFF1709468A
set-cookie: suid=4CD7B957EBE94CC588659CFF1709468A; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; SameSite=none; Secure;
suid_legacy=4CD7B957EBE94CC588659CFF1709468A; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; Secure;
expires: Mon, 17 Apr 2023 20:09:31 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/liveramp_match
302 Found 142 B URL GET HTTP/2 um.simpli.fi/liveramp_match
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /liveramp_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Tue, 18 Apr 2023 20:09:31 GMT
content-type: text/html
content-length: 142
location: https://idsync.rlcdn.com/419566.gif?partner_uid=9D4688A3D0644A8EA443430F1B6B29AF
set-cookie: suid=9D4688A3D0644A8EA443430F1B6B29AF; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; SameSite=none; Secure;
suid_legacy=9D4688A3D0644A8EA443430F1B6B29AF; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; Secure;
expires: Mon, 17 Apr 2023 20:09:31 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/spotx_match
302 Found 142 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /spotx_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Tue, 18 Apr 2023 20:09:31 GMT
content-type: text/html
content-length: 142
location: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=57CFF9DC68224A3CBE8F46A0D0178048
set-cookie: suid=57CFF9DC68224A3CBE8F46A0D0178048; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; SameSite=none; Secure;
suid_legacy=57CFF9DC68224A3CBE8F46A0D0178048; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; Secure;
expires: Mon, 17 Apr 2023 20:09:31 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/an
302 Found 142 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /an HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Tue, 18 Apr 2023 20:09:31 GMT
content-type: text/html
content-length: 142
location: https://ib.adnxs.com/setuid?entity=66&code=58CDA78937E44AE5907BB679A478B6BB
set-cookie: suid=58CDA78937E44AE5907BB679A478B6BB; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; SameSite=none; Secure;
suid_legacy=58CDA78937E44AE5907BB679A478B6BB; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; Secure;
expires: Mon, 17 Apr 2023 20:09:31 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/rb_match
302 Found 142 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rb_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Tue, 18 Apr 2023 20:09:31 GMT
content-type: text/html
content-length: 142
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=128EB58B1AAE441581E12137D7291AC2&expires=365
set-cookie: suid=128EB58B1AAE441581E12137D7291AC2; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; SameSite=none; Secure;
suid_legacy=128EB58B1AAE441581E12137D7291AC2; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; Secure;
expires: Mon, 17 Apr 2023 20:09:31 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/ox_match
302 Found 142 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /ox_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Tue, 18 Apr 2023 20:09:31 GMT
content-type: text/html
content-length: 142
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=DA0C03549E1445B299F054ED59A03978
set-cookie: suid=DA0C03549E1445B299F054ED59A03978; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; SameSite=none; Secure;
suid_legacy=DA0C03549E1445B299F054ED59A03978; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; Secure;
expires: Mon, 17 Apr 2023 20:09:31 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/58092/domain/usbfund.com/token
200 OK 204 B URL GET HTTP/2 cdn.linkedin.oribi.io/partner/58092/domain/usbfund.com/token
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerAmazon
Subjectlinkedin.oribi.io
FingerprintBE:46:90:54:17:C8:57:FD:82:7C:7D:E5:DF:7D:7E:01:F1:B8:4B:47
ValidityFri, 24 Feb 2023 00:00:00 GMT - Sun, 06 Aug 2023 23:59:59 GMT
Hash 899ca9554410bea6c9b9cdbbc65fd2e4
5ec92132d260813bba1bc62607edb439488d27b0
218ed8a78ba0e5901d714e8018b67aafcce86d5bfab25b2465acf87d24987ee7
GET /partner/58092/domain/usbfund.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json
date: Tue, 18 Apr 2023 20:09:29 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3gI7PqFmWREnOI9RFmcDoSV2CGVBBYbr1FD3T3uOPlGdL87K8P71mg==
X-Firefox-Spdy: h2
um.simpli.fi/tapad
302 Found 142 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /tapad HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: openresty
date: Tue, 18 Apr 2023 20:09:31 GMT
content-type: text/html
content-length: 142
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=1921B6643E974AD99891641B73787FD4
set-cookie: suid=1921B6643E974AD99891641B73787FD4; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; SameSite=none; Secure;
suid_legacy=1921B6643E974AD99891641B73787FD4; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; Secure;
expires: Mon, 17 Apr 2023 20:09:31 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/telaria_p
302 Found 142 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /telaria_p HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: openresty
date: Tue, 18 Apr 2023 20:09:31 GMT
content-type: text/html
content-length: 142
location: https://simplifi.partners.tremorhub.com/sync?UISF=076E26F1C0C94A1AA4B0C5871DD76E0A
set-cookie: suid=076E26F1C0C94A1AA4B0C5871DD76E0A; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; SameSite=none; Secure;
suid_legacy=076E26F1C0C94A1AA4B0C5871DD76E0A; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; Secure;
expires: Mon, 17 Apr 2023 20:09:31 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/intentiq
302 Found 142 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /intentiq HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: openresty
date: Tue, 18 Apr 2023 20:09:31 GMT
content-type: text/html
content-length: 142
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=AC02259CA61744BEB7225CEB8757956D
set-cookie: suid=AC02259CA61744BEB7225CEB8757956D; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; SameSite=none; Secure;
suid_legacy=AC02259CA61744BEB7225CEB8757956D; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; Secure;
expires: Mon, 17 Apr 2023 20:09:31 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/pubmatic
200 OK 43 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /pubmatic HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 18 Apr 2023 20:09:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
set-cookie: suid=823FA397460541C5893733B5AD86E6E9; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; SameSite=none; Secure;
suid_legacy=823FA397460541C5893733B5AD86E6E9; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; Secure;
expires: Mon, 17 Apr 2023 20:09:31 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeV-r0UAAAAAL6BGGYoyPzKeCbkmp6lFJjP5HZ5&co=aHR0cHM6Ly93d3cudXNiZnVuZC5jb206NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&cb=xbxll83v7f9z
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type ASCII text, with very long lines (56403), with no line terminators
Hash a42c6333a13e5376af95f46fd9c7b627
57a98e519a44915e39a0cb6f23812adfa6611e67
62bff9dd0379da44f9d7f739af671bb6b243c016b49c7146b431ae9e6b9cb41b
GET /recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.gstatic.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Apr 2023 18:10:59 GMT
expires: Thu, 11 Apr 2024 18:10:59 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
content-type: text/css
vary: Accept-Encoding
age: 525512
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
200 OK 167 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type ASCII text, with very long lines (697)
Size 167 kB (166600 bytes)
Hash fdfdaf63d56b4a9cd6641d79f7159fdc
18b413d8b6b9f3bec32026b7e9d9f4e5e366922f
f4dba3e15f08cf0686e6d89370ed42e8a5dafc38973501f0aa6baa9b93c720f3
GET /recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.gstatic.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 16 Apr 2023 16:05:23 GMT
expires: Mon, 15 Apr 2024 16:05:23 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 187448
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
471 B IP
Hash f45b6dac0de536576c0f5c93cfff3a48
88173e76f7c20f59c8e7e7984423ec1b2b826742
db17b35e2fce343f8cf458438cb6b086db11547023de83311d9842716f791314
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Apr 2023 20:09:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googleadservices.com/pagead/conversion/1026675585/?random=1681848571155&cv=7&fst=1681848571155&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
302 Found 42 B URL GET HTTP/2 www.googleadservices.com/pagead/conversion/1026675585/?random=1681848571155&cv=7&fst=1681848571155&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectwww.googleadservices.com
Fingerprint6F:E0:E1:E5:AC:22:5E:F7:BF:96:91:9A:6A:ED:EA:A2:66:A1:1A:88
ValidityTue, 28 Mar 2023 16:54:32 GMT - Tue, 20 Jun 2023 16:54:31 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/conversion/1026675585/?random=1681848571155&cv=7&fst=1681848571155&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 20:09:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
location: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=42616182&cv=7&fst=1681848571155&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=-_g-ZIy8KtG-ygXepJzwBA&sscte=1&crd=
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/font-awesome.min.css
200 OK 7.0 kB URL GET HTTP/2 www.checkbca.org/stylesheets/font-awesome.min.css
IP
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with very long lines (30837)
Hash 775375b17c16dc85854ba29bbba28807
91c2f8c2838211a85090f061340b6c0c24e763af
e05c4f03a6c957e6b769e9ac46b9b6d7f1de8f46f49fc894be7c7493aaf4e033
GET /stylesheets/font-awesome.min.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: text/css
content-encoding: gzip
last-modified: Fri, 03 Mar 2023 16:46:05 GMT
accept-ranges: bytes
etag: "80c44da5ef4dd91:0"
vary: Accept-Encoding
date: Tue, 18 Apr 2023 20:09:31 GMT
content-length: 6965
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/jquery.selectBox.css
301 Moved Permanently 180 B URL GET HTTP/2 www.checkbca.org/stylesheets/jquery.selectBox.css
IP
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 65d99af646ca7622a01fc0d3eb7a6b6d
a6b71820c0572f17c183b5669255346947bc3492
425fea6b4acfc8c48eee414af2be035b5c77a87742cf0bb46b136d07e0c29f6a
GET /stylesheets/jquery.selectBox.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/stylesheets/jquery.selectbox.css
date: Tue, 18 Apr 2023 20:09:31 GMT
content-length: 180
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/style.css
200 OK 11 kB URL GET HTTP/2 www.checkbca.org/stylesheets/style.css
IP
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type assembler source, Unicode text, UTF-8 text, with very long lines (548), with CRLF line terminators
Hash a3ec3a585ca53c4eaa1082ae3427a329
7f08739e149ab8dc280a05b280c31b04bfb1bd6d
1e44bca5aecfd50bff07a4df9f9bb9c524f6addd9c24bb8c463eef67798283c9
GET /stylesheets/style.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: text/css
content-encoding: gzip
last-modified: Fri, 03 Mar 2023 16:46:05 GMT
accept-ranges: bytes
etag: "80c44da5ef4dd91:0"
vary: Accept-Encoding
date: Tue, 18 Apr 2023 20:09:31 GMT
content-length: 10899
X-Firefox-Spdy: h2
www.checkbca.org/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZBAd-3g2iBrrqGpefWWgmRAZw8TONzGF-aV_9TjkbkyCvwDWnstKlAYe583il9NLzw2&t=637823077705833095
200 OK 23 kB URL GET HTTP/2 www.checkbca.org/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZBAd-3g2iBrrqGpefWWgmRAZw8TONzGF-aV_9TjkbkyCvwDWnstKlAYe583il9NLzw2&t=637823077705833095
IP
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with CRLF line terminators
Hash 20180537e2ac64e5c60143ac90c84998
82d03de61c4dededbc9fd79d8c3a8e18d3b43744
0999cb5dfb2dcd76a944ef880be49f8e2d66fc60d00817e2b251ba0a67090cbf
GET /WebResource.axd?d=pynGkmcFUV13He1Qd6_TZBAd-3g2iBrrqGpefWWgmRAZw8TONzGF-aV_9TjkbkyCvwDWnstKlAYe583il9NLzw2&t=637823077705833095 HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: application/x-javascript
content-encoding: gzip
expires: Wed, 17 Apr 2024 14:49:06 GMT
last-modified: Tue, 08 Mar 2022 11:42:50 GMT
vary: Accept-Encoding
date: Tue, 18 Apr 2023 20:09:31 GMT
content-length: 23086
X-Firefox-Spdy: h2
www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjax.js
301 Moved Permanently 188 B URL GET HTTP/2 www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjax.js
IP
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 6f83537ac9d2567aa0049ad8d28282d8
7e4975fe0edee16d97ab1f59dd7473a95902f30e
c614ae1fc44d88ab3555782295fd0de23f7b1062ef93e0777530a9ff2fdb2fe6
GET /Scripts/WebForms/MsAjax/MicrosoftAjax.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
date: Tue, 18 Apr 2023 20:09:31 GMT
content-length: 188
X-Firefox-Spdy: h2
www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjaxWebForms.js
301 Moved Permanently 196 B URL GET HTTP/2 www.checkbca.org/Scripts/WebForms/MsAjax/MicrosoftAjaxWebForms.js
IP
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 95d708e49ef3d81c5832e354dbdafb01
ddb6aa6d1990a59c42331129fef517bb9101fad1
429e36746d58356e8d7fd50c755f2ec8de5fcf67bc3980f782eef9c14e89db18
GET /Scripts/WebForms/MsAjax/MicrosoftAjaxWebForms.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/scripts/webforms/msajax/microsoftajaxwebforms.js
date: Tue, 18 Apr 2023 20:09:31 GMT
content-length: 196
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery-3.3.1.min.js
200 OK 30 kB URL GET HTTP/2 www.checkbca.org/scripts/jquery-3.3.1.min.js
IP
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with very long lines (65451)
Hash a263be51483c81a54aa8c85104a93e55
555a54a73531c553bd2aede6abc25c128b63312e
b2f13ad730928958c09d89e6e32bb6a227c0260d032a39ca464d998a59e57a66
GET /scripts/jquery-3.3.1.min.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Tue, 18 Apr 2023 20:09:31 GMT
content-length: 30394
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery.simplemodal.1.4.4.min.js
200 OK 3.1 kB URL GET HTTP/2 www.checkbca.org/scripts/jquery.simplemodal.1.4.4.min.js
IP
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with very long lines (626), with CRLF, LF line terminators
Hash 487fda8eb4e12565909588706300e2fb
9224d8c027d499bb7ec852c2bf3c580e593f5d5b
664736273b9cff9b035c3c682e6ea5e1220468bf24d3199d45148b0a45e101dc
GET /scripts/jquery.simplemodal.1.4.4.min.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Tue, 18 Apr 2023 20:09:31 GMT
content-length: 3081
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery.bxslider.min.js
200 OK 5.1 kB URL GET HTTP/2 www.checkbca.org/scripts/jquery.bxslider.min.js
IP
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with very long lines (18813)
Hash 9777aab0bd6025cd5c7ecaebd409284d
ab73cc0c1c09e58a1fa0d5bda44c313f697f14da
7b01c6335fa7c91f0b359d56158676c2553323f6e09dd01db242b0da0d104d1b
GET /scripts/jquery.bxslider.min.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Tue, 18 Apr 2023 20:09:31 GMT
content-length: 5135
X-Firefox-Spdy: h2
www.checkbca.org/scripts/jquery.selectBox.js
301 Moved Permanently 175 B URL GET HTTP/2 www.checkbca.org/scripts/jquery.selectBox.js
IP
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 46da262b5b1399dfbf30fac73e57a298
c176cf3cfa6da6a0748c497591ff3619467d6434
4089029c368f61bcc5e6be36c952e1c440e0e20475e247b8316c6ce57ea7cc99
GET /scripts/jquery.selectBox.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: no-cache
content-type: text/html; charset=UTF-8
location: https://www.checkbca.org/scripts/jquery.selectbox.js
date: Tue, 18 Apr 2023 20:09:31 GMT
content-length: 175
X-Firefox-Spdy: h2
ocsp.usertrust.com/
472 B IP
Hash 86549993c1d8d5b75b960ee9dcd39aca
4cc2f714cdf4384b0944956565bdbf9319876d6d
753317813abc7b26973ca0a81c95906589abfcc5a760ec91d0b53006107036b0
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 18 Apr 2023 20:09:31 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 15 Apr 2023 22:10:20 GMT
Expires: Sat, 22 Apr 2023 22:10:19 GMT
Etag: "4cc2f714cdf4384b0944956565bdbf9319876d6d"
Cache-Control: max-age=602495,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 894
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b9f8bc5af21b51e-OSL
ocsp.pki.goog/gts1c3
471 B IP
Hash 612a4035440aad44cff3ef492cfe67af
6b6a546e1f866b7ebe8ae64ebfb36b7c2f9b48f4
0d20ba7383f08606086b604f36457448a7530e4587a30a0a2f143ab92883a75f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Apr 2023 20:09:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=AC02259CA61744BEB7225CEB8757956D
403 Forbidden 986 B URL GET HTTP/2 sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=AC02259CA61744BEB7225CEB8757956D
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerAmazon
Subject*.intentiq.com
Fingerprint46:A5:4A:C5:1A:09:9D:13:28:87:B1:41:E6:00:C5:99:D7:93:50:FF
ValidityTue, 11 Apr 2023 00:00:00 GMT - Wed, 08 May 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1121ad031c0c6b61a7c116b21f174c64
73aab1f53ac1da1f0c42fd9805d59f6aba71bd38
62ae4c1db9eb0512f8f6839269bef571da97ea61f4c6fe004a485fb4a8e2305c
GET /profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=AC02259CA61744BEB7225CEB8757956D HTTP/1.1
Host: sync.intentiq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
server: CloudFront
date: Tue, 18 Apr 2023 20:09:31 GMT
content-type: text/html
content-length: 986
x-cache: Error from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: CpBqjpTQs9lZ2n3Onc1kDEM64UM6a6yDVSggaOtTLHsSwP4YFLhe2Q==
X-Firefox-Spdy: h2
ocsp.sectigo.com/
472 B IP
Hash fa2ad7cff98d9ed902ac493dc25e840e
73fa27804c8fbcf62cf9506675a7ec57f5a932f2
dbcd10d4960ac4023557e8cf39880580944f99e2462cc77b92d8baa7a6b39180
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 18 Apr 2023 20:09:31 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 16 Apr 2023 20:38:07 GMT
Expires: Sun, 23 Apr 2023 20:38:06 GMT
Etag: "73fa27804c8fbcf62cf9506675a7ec57f5a932f2"
Cache-Control: max-age=433114,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b9f8bc5ef05b51b-OSL
ocsp.r2m02.amazontrust.com/
471 B URL ocsp.r2m02.amazontrust.com/
IP
Hash 1ff2352af381e3846550a888efb4b3fe
699e88f4133f63a3cd3d1e1d77702b2419859666
cdff9242a954cb805c9e2dd120e9fd49790cba8dcf61d517a4fba4d609ba6713
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 18 Apr 2023 20:09:31 GMT
Last-Modified: Tue, 18 Apr 2023 18:55:04 GMT
Server: ECAcc (nya/788E)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: OQH_OrTdgR34xPXElY61NsgTY8JDTs8tba_hxLt9XqEoBNORizjrqw==
Age: 4467
fei.pro-market.net/engine?du=24;csync=DBAC5F74E6574053961B951BF382EC27;mimetype=img;
302 Found 0 B URL GET HTTP/2 fei.pro-market.net/engine?du=24;csync=DBAC5F74E6574053961B951BF382EC27;mimetype=img;
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGandi
Subject*.pro-market.net
FingerprintC2:2E:6F:6E:BF:D1:1A:5D:D3:DC:45:34:45:00:8A:4E:52:DF:CF:41
ValidityWed, 03 Aug 2022 00:00:00 GMT - Sun, 03 Sep 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /engine?du=24;csync=DBAC5F74E6574053961B951BF382EC27;mimetype=img; HTTP/1.1
Host: fei.pro-market.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
anserver: gapp-eu-5.c.datonics-gcp-01.internal
set-cookie: anProfile="1+1+1f=1+1g=2+1j=57:1+rs=s+rt=5B5A2A9A+s2=(rtbunv)"; Domain=.pro-market.net; Max-Age=15552000; Path=/; Secure; SameSite=None;
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: Mon, 1 Jan 1990 0:0:0 GMT
access-control-allow-origin: *
location: https://fei.pro-market.net/engine?du=24;csync=DBAC5F74E6574053961B951BF382EC27;mimetype=img;sr
content-type: image/gif
content-length: 0
date: Tue, 18 Apr 2023 20:09:31 GMT
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ib.adnxs.com/setuid?entity=66&code=58CDA78937E44AE5907BB679A478B6BB
307 Redirection 0 B URL GET HTTP/1.1 ib.adnxs.com/setuid?entity=66&code=58CDA78937E44AE5907BB679A478B6BB
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.adnxs.com
Fingerprint30:E1:57:C8:5A:77:64:AE:54:99:08:F7:2B:B8:C7:F4:28:85:56:08
ValidityMon, 13 Feb 2023 00:00:00 GMT - Fri, 15 Mar 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /setuid?entity=66&code=58CDA78937E44AE5907BB679A478B6BB HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Tue, 18 Apr 2023 20:09:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D58CDA78937E44AE5907BB679A478B6BB
AN-X-Request-Uuid: 69f0d50f-5a44-4710-bf2c-aaf99c7e6313
Set-Cookie: uuid2=2735395534107052015; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 17-Jul-2023 20:09:31 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
www.checkbca.org/scripts/scripts.js
200 OK 4.3 kB URL GET HTTP/2 www.checkbca.org/scripts/scripts.js
IP
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with CRLF line terminators
Hash 3b38a1caac14cc0685da48549e84da3b
2ce4f852dced2ddee12614640dcfeb0f3a96ae48
4e45d270791d6d30c782e95c1763ef0a1ac7b934d5cb703b651f3c6434c8b22b
GET /scripts/scripts.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 03 Mar 2023 16:46:02 GMT
accept-ranges: bytes
etag: "0184a3ef4dd91:0"
vary: Accept-Encoding
date: Tue, 18 Apr 2023 20:09:31 GMT
content-length: 4272
X-Firefox-Spdy: h2
eb2.3lift.com/xuid?mid=7969&xuid=46ACA242E1C04EDA8F541351313FFE91&dongle=yf3
200 OK 37 B URL GET HTTP/2 eb2.3lift.com/xuid?mid=7969&xuid=46ACA242E1C04EDA8F541351313FFE91&dongle=yf3
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerAmazon
Subject*.3lift.com
Fingerprint09:B6:FC:60:D6:47:55:6B:81:05:F3:54:D0:88:1D:D0:6B:89:09:17
ValidityThu, 13 Apr 2023 00:00:00 GMT - Sat, 11 May 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=7969&xuid=46ACA242E1C04EDA8F541351313FFE91&dongle=yf3 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 18 Apr 2023 20:09:31 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=1921B6643E974AD99891641B73787FD4
302 Found 0 B URL GET HTTP/2 pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=1921B6643E974AD99891641B73787FD4
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.tapad.com
Fingerprint43:9B:06:FF:B0:B9:FC:22:9E:58:89:C0:8E:9E:1D:5C:18:9F:86:56
ValidityWed, 14 Sep 2022 00:00:00 GMT - Sun, 15 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /idsync/ex/receive?partner_id=2305&partner_device_id=1921B6643E974AD99891641B73787FD4 HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 18 Apr 2023 20:09:31 GMT
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1681848571894;Expires=Sat, 17 Jun 2023 20:09:31 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=7840d77f-f577-47ab-8f3d-b54701a3bfab;Expires=Sat, 17 Jun 2023 20:09:31 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=1921B6643E974AD99891641B73787FD4
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.checkbca.org/images/widget_seal.png
200 OK 2.7 kB URL GET HTTP/2 www.checkbca.org/images/widget_seal.png
IP
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash 270ad3deddbe8a845043e3d6a8000f91
3835898b5aba554e51bf8c9191b3804e7fad65a2
30f3c9000753eaaba38681a3a44471668df6f9c60258644baba4ca24cdf62c89
GET /images/widget_seal.png HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: image/png
last-modified: Sat, 09 May 2020 03:31:08 GMT
accept-ranges: bytes
etag: "ba4a5b47b225d61:0"
date: Tue, 18 Apr 2023 20:09:31 GMT
content-length: 2723
X-Firefox-Spdy: h2
status.geotrust.com/
471 B IP
Hash f614a1d65257102e753392530d51fb45
e2ab0d5e0825e46d99eee6353190e62fde641198
309f2c86691026b2139e3e9871cd8e26fa0a09809ccb8e0f6a13e5c2f8f64254
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3209
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 18 Apr 2023 20:09:31 GMT
Last-Modified: Tue, 18 Apr 2023 19:16:02 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 471
idsync.rlcdn.com/419566.gif?partner_uid=9D4688A3D0644A8EA443430F1B6B29AF
451 Unavailable For Legal Reasons 0 B URL GET HTTP/2 idsync.rlcdn.com/419566.gif?partner_uid=9D4688A3D0644A8EA443430F1B6B29AF
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerSectigo Limited
Subject*.rlcdn.com
FingerprintD0:53:31:E4:C7:75:D6:F0:7C:20:13:36:4F:E3:25:1B:31:C6:46:F9
ValidityThu, 02 Feb 2023 00:00:00 GMT - Sun, 03 Mar 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /419566.gif?partner_uid=9D4688A3D0644A8EA443430F1B6B29AF HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 451 Unavailable For Legal Reasons
date: Tue, 18 Apr 2023 20:09:31 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fei.pro-market.net/engine?du=24;csync=DBAC5F74E6574053961B951BF382EC27;mimetype=img;sr
200 OK 43 B URL GET HTTP/2 fei.pro-market.net/engine?du=24;csync=DBAC5F74E6574053961B951BF382EC27;mimetype=img;sr
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGandi
Subject*.pro-market.net
FingerprintC2:2E:6F:6E:BF:D1:1A:5D:D3:DC:45:34:45:00:8A:4E:52:DF:CF:41
ValidityWed, 03 Aug 2022 00:00:00 GMT - Sun, 03 Sep 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 968c3ad2c1183fee0bf0dd479f7904b7
1d770800ecb05eb9133f9b51620c9e4349656859
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
GET /engine?du=24;csync=DBAC5F74E6574053961B951BF382EC27;mimetype=img;sr HTTP/1.1
Host: fei.pro-market.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
anserver: gapp-eu-5.c.datonics-gcp-01.internal
set-cookie: anProfile="0+1+1f=1+1g=2+1j=57:1+rs=s+rt=5B5A2A9A+s2=(rtbunv)"; Domain=.pro-market.net; Max-Age=15552000; Path=/; Secure; SameSite=None;
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: Mon, 1 Jan 1990 0:0:0 GMT
access-control-allow-origin: *
content-type: image/gif
content-length: 43
date: Tue, 18 Apr 2023 20:09:31 GMT
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.checkbca.org/stylesheets/jquery.selectbox.css
200 OK 844 B URL GET HTTP/2 www.checkbca.org/stylesheets/jquery.selectbox.css
IP
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with very long lines (2823), with no line terminators
Hash ef6ac3dc00cd170fb2e40e76489dc10d
02964dcc31527690062facef2f5ca2c0cf24ea23
06e4f8e3d1d4e68a23c9fd4927304906f912307b71f80025f6b74dfe3945d813
GET /stylesheets/jquery.selectbox.css HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: text/css
content-encoding: gzip
last-modified: Fri, 02 Aug 2019 17:52:06 GMT
accept-ranges: bytes
etag: "0a783ff5a49d51:0"
vary: Accept-Encoding
date: Tue, 18 Apr 2023 20:09:31 GMT
content-length: 844
X-Firefox-Spdy: h2
pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=128EB58B1AAE441581E12137D7291AC2&expires=365
204 No Content 0 B URL GET HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=128EB58B1AAE441581E12137D7291AC2&expires=365
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.rubiconproject.com
FingerprintC4:52:9D:E4:75:90:A8:C8:8C:00:C5:77:37:65:3B:CD:61:A4:31:25
ValiditySun, 05 Mar 2023 00:00:00 GMT - Wed, 03 Apr 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6286&nid=2132&put=128EB58B1AAE441581E12137D7291AC2&expires=365 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 0163a7456b0a5605e8b1fb1d4fba3e4d
Content-Type: image/gif
status.geotrust.com/
471 B IP
Hash 2b4521da6eda9789bc8cd8a6ead208d1
d5b2b751451e38d8e949b40994c1771f021cd41e
95f413be8827f7f904c10fcc52b2244fad6fa861f691aa13cec7d224f9ab7df4
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 672
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 18 Apr 2023 20:09:31 GMT
Last-Modified: Tue, 18 Apr 2023 19:58:20 GMT
Server: ECAcc (ska/F776)
X-Cache: HIT
Content-Length: 471
us-u.openx.net/w/1.0/sd?id=537072966&val=DA0C03549E1445B299F054ED59A03978
200 OK 43 B URL GET HTTP/2 us-u.openx.net/w/1.0/sd?id=537072966&val=DA0C03549E1445B299F054ED59A03978
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.openx.net
FingerprintB3:D3:26:58:36:02:80:41:5A:BB:FB:39:73:E8:7B:5B:CB:0A:47:1A
ValidityThu, 21 Jul 2022 00:00:00 GMT - Mon, 21 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /w/1.0/sd?id=537072966&val=DA0C03549E1445B299F054ED59A03978 HTTP/1.1
Host: us-u.openx.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
vary: Accept
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Tue, 18 Apr 2023 20:09:31 GMT
content-type: image/gif
content-length: 43
cache-control: private, max-age=0, no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
200 OK 24 kB URL GET HTTP/2 www.checkbca.org/scripts/webforms/msajax/microsoftajax.js
IP
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with very long lines (65262), with CRLF line terminators
Hash 1aa546445a52ff5e781cb1e335f445c4
a8071c7d8f7c2798100ceed7ef5842a587cc41d2
6a3e80b4cc602560e187e061ff5070fdda5c608125956f878f417b01867f6b09
GET /scripts/webforms/msajax/microsoftajax.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 03 Mar 2023 16:46:05 GMT
accept-ranges: bytes
etag: "80c44da5ef4dd91:0"
vary: Accept-Encoding
date: Tue, 18 Apr 2023 20:09:31 GMT
content-length: 24320
X-Firefox-Spdy: h2
ocsp.godaddy.com/
1.8 kB IP
Hash 25d13586ddf71fcd15f8942de6b28c61
82b19cb14019536a774bf7993eed66b819d17b86
00173fdc4fcd28eb501792a6cef4a5508543adfde4934775d09de69af9983b0d
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 18 Apr 2023 20:09:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 18 Apr 2023 19:05:54 GMT
Expires: Wed, 19 Apr 2023 19:05:54 GMT
ETag: "82b19cb14019536a774bf7993eed66b819d17b86"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.r2m02.amazontrust.com/
471 B URL ocsp.r2m02.amazontrust.com/
IP
Hash fc33e585c171cc9994aee708c915a428
6e8229b0f7a845ae8ad60d57121dd2d21c74dc8d
2857bdce878cfa1edd9707b8b22e4171c5bf42403aa6bde4c2305a12118bb2f4
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 18 Apr 2023 20:09:31 GMT
Last-Modified: Tue, 18 Apr 2023 18:57:17 GMT
Server: ECAcc (bsa/EB76)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ry9UfogO2Qqz_DR1orb0TLPLTChcmFTtsdENQKXnGE-hlTwVkIygGw==
Age: 4334
www.checkbca.org/scripts/webforms/msajax/microsoftajaxwebforms.js
200 OK 9.6 kB URL GET HTTP/2 www.checkbca.org/scripts/webforms/msajax/microsoftajaxwebforms.js
IP
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type ASCII text, with very long lines (39257), with CRLF line terminators
Hash 211aa6b9096a11187131cbc6c3ab6d16
380ff6b00fc93d78031319a6d1b0e78f2a9e6017
4f1ec7256c84b77776b8c75fd59dca0c6b5560fa3a5010a290e46b6b5d8d4f5f
GET /scripts/webforms/msajax/microsoftajaxwebforms.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 03 Mar 2023 16:46:05 GMT
accept-ranges: bytes
etag: "80c44da5ef4dd91:0"
vary: Accept-Encoding
date: Tue, 18 Apr 2023 20:09:31 GMT
content-length: 9603
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D58CDA78937E44AE5907BB679A478B6BB
200 OK 43 B URL GET HTTP/1.1 ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D58CDA78937E44AE5907BB679A478B6BB
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.adnxs.com
Fingerprint30:E1:57:C8:5A:77:64:AE:54:99:08:F7:2B:B8:C7:F4:28:85:56:08
ValidityMon, 13 Feb 2023 00:00:00 GMT - Fri, 15 Mar 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fsetuid%3Fentity%3D66%26code%3D58CDA78937E44AE5907BB679A478B6BB HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Tue, 18 Apr 2023 20:09:31 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: a27de60a-aaf6-4258-81cf-1b602bfa34a3
Set-Cookie: anj=dTM7k!M4.FE:2jUF']wIg2In?sg=ue!]tbPl1N!7On*M$=BX/ukz?DtdYD+qjatHVjc[%dlw``clx]Xllvv4[f`yJgf8:=]/X%W#.wL4W1Qw2fL8?^H; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 17-Jul-2023 20:09:31 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
www.checkbca.org/scripts/jquery.selectbox.js
200 OK 4.2 kB URL GET HTTP/2 www.checkbca.org/scripts/jquery.selectbox.js
IP
Requested by https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Certificate IssuerGoDaddy.com, Inc.
Subjectwww.checkbca.org
Fingerprint87:AD:C4:C8:1F:DC:D9:3D:5B:82:E5:41:FB:4A:C6:AC:05:E5:9F:DF
ValidityMon, 29 Aug 2022 19:07:54 GMT - Sat, 30 Sep 2023 00:45:53 GMT
File type Unicode text, UTF-8 text, with very long lines (15896), with no line terminators
Hash 786f2eb7bf72098ca18b9afd6d127237
5e75cb575c23f13e064a913cbe55570670e718ab
d8a1f1df33bbe0f528bfd53be5c1388890220e54c5aaa7281b889a1e5dde3189
GET /scripts/jquery.selectbox.js HTTP/1.1
Host: www.checkbca.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.checkbca.org/companywidget.aspx?ID=100094667&WidgetType=1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 20:49:20 GMT
accept-ranges: bytes
etag: "0c813b69165d41:0"
vary: Accept-Encoding
date: Tue, 18 Apr 2023 20:09:31 GMT
content-length: 4192
X-Firefox-Spdy: h2
ws.zoominfo.com/pixel/62e2c4ac62a6b2008e05e3be
200 OK 1.5 kB URL GET HTTP/2 ws.zoominfo.com/pixel/62e2c4ac62a6b2008e05e3be
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerCloudflare, Inc.
Subjectzoominfo.com
Fingerprint29:36:A2:79:5F:28:CB:5F:B6:9C:1D:E0:D1:9F:A0:E9:5E:95:59:46
ValidityTue, 04 Apr 2023 00:00:00 GMT - Wed, 03 Apr 2024 23:59:59 GMT
Hash 74bc23fc37a3630e0a59ca755e6e37ae
f93e3807b4632dfdc109626e4fe2154b11d4707f
0d84a2e0169d2f1a38876d70ff80023f76d774f541f99023f1f074708c336322
GET /pixel/62e2c4ac62a6b2008e05e3be HTTP/1.1
Host: ws.zoominfo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 18 Apr 2023 20:09:30 GMT
content-type: text/javascript
vary: Accept-Encoding
x-powered-by: Express
x-content-type-options: nosniff
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
set-cookie: visitorId=bd67798e01a5a0a397ead542eaee073eb0a118b95d07fc75b5ee222f7e0f80c4; Max-Age=31536000; Domain=ws.zoominfo.com; Path=/; Expires=Wed, 17 Apr 2024 20:09:29 GMT; Secure; SameSite=None
__cf_bm=e5EFQBtDBeeuOwKlDkfcNzl9wPqP2ABLtRLIVFpC4tY-1681848570-0-AQXNrzc3+Zmd17RR40KuWsUEaDnK+mfDJwEk9xaO6UiMKnXVgVd8wkPu8X2T/dnj+/tIqbX0feYk+k4fWOk5f1Y=; path=/; expires=Tue, 18-Apr-23 20:39:30 GMT; domain=.zoominfo.com; HttpOnly; Secure; SameSite=None
_cfuvid=4u2wVcuMyHwJm6ur3UEqi3oAdRgMO3vRQjVOW2yOnKM-1681848570159-0-604800000; path=/; domain=.zoominfo.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7b9f8bb85882b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?adv_id=7797&uid=57CFF9DC68224A3CBE8F46A0D0178048
302 Found 0 B URL GET HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7797&uid=57CFF9DC68224A3CBE8F46A0D0178048
IP
ASN #35220 SpotXchange, INC
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.search.spotxchange.com
Fingerprint0F:7C:3E:72:2A:7D:5A:A1:F7:57:61:45:0B:8A:AA:67:AA:C3:71:92
ValidityMon, 02 May 2022 00:00:00 GMT - Tue, 09 May 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?adv_id=7797&uid=57CFF9DC68224A3CBE8F46A0D0178048 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 18 Apr 2023 20:09:32 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=ee83d62a-de24-11ed-ab9a-1d7abbad0306; expires=Tue, 16-May-2023 20:09:32 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?adv_id=7797&uid=57CFF9DC68224A3CBE8F46A0D0178048&__user_check__=1&sync_id=ee83d683-de24-11ed-ab9a-1d7abbad0306
X-fe: 28
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
loadm.exelator.com/load/?p=204&g=2191&simid=F4CA91FD2BE9484D8EE240143CB02C9A&j=0
204 No Content 0 B URL GET HTTP/2 loadm.exelator.com/load/?p=204&g=2191&simid=F4CA91FD2BE9484D8EE240143CB02C9A&j=0
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.exelator.com
FingerprintC5:B4:F1:AE:77:A4:7D:13:A6:8D:E3:1D:C2:03:74:8E:7D:B3:0B:2F
ValidityWed, 08 Jun 2022 00:00:00 GMT - Sat, 10 Jun 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /load/?p=204&g=2191&simid=F4CA91FD2BE9484D8EE240143CB02C9A&j=0 HTTP/1.1
Host: loadm.exelator.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx
date: Tue, 18 Apr 2023 20:09:32 GMT
cache-control: no-cache
x-powered-by: Undertow/1
access-control-allow-credentials: true
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
X-Firefox-Spdy: h2
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=1862EE78AAA54B21BA7BC60065448080
404 Not Found 49 B URL GET HTTP/2 bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=1862EE78AAA54B21BA7BC60065448080
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoDaddy.com, Inc.
Subject*.crwdcntrl.net
Fingerprint5F:53:E0:8F:2E:A1:EB:73:53:BF:DC:31:F0:05:6F:B1:74:A4:3A:84
ValiditySun, 01 May 2022 07:09:18 GMT - Fri, 02 Jun 2023 07:09:18 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 56398e76be6355ad5999b262208a17c9
a1fdee122b95748d81cee426d717c05b5174fe96
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
GET /map/c=7625/tp=SIMP/tpid=1862EE78AAA54B21BA7BC60065448080 HTTP/1.1
Host: bcp.crwdcntrl.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Tue, 18 Apr 2023 20:09:32 GMT
content-type: image/gif
content-length: 49
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.1.177
access-control-allow-origin: *
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
status.geotrust.com/
471 B IP
Hash f614a1d65257102e753392530d51fb45
e2ab0d5e0825e46d99eee6353190e62fde641198
309f2c86691026b2139e3e9871cd8e26fa0a09809ccb8e0f6a13e5c2f8f64254
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3255
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 18 Apr 2023 20:09:32 GMT
Etag: "643ea133-1d7"
Last-Modified: Tue, 18 Apr 2023 19:15:17 GMT
Server: ECAcc (ska/F7A3)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
472 B IP
Hash fa2ad7cff98d9ed902ac493dc25e840e
73fa27804c8fbcf62cf9506675a7ec57f5a932f2
dbcd10d4960ac4023557e8cf39880580944f99e2462cc77b92d8baa7a6b39180
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 18 Apr 2023 20:09:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 16 Apr 2023 20:38:07 GMT
Expires: Sun, 23 Apr 2023 20:38:06 GMT
Etag: "73fa27804c8fbcf62cf9506675a7ec57f5a932f2"
Cache-Control: max-age=433113,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b9f8bc7694bb51b-OSL
pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=1921B6643E974AD99891641B73787FD4
200 OK 95 B URL GET HTTP/2 pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=1921B6643E974AD99891641B73787FD4
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.tapad.com
Fingerprint43:9B:06:FF:B0:B9:FC:22:9E:58:89:C0:8E:9E:1D:5C:18:9F:86:56
ValidityWed, 14 Sep 2022 00:00:00 GMT - Sun, 15 Oct 2023 23:59:59 GMT
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /idsync/ex/receive/check?partner_id=2305&partner_device_id=1921B6643E974AD99891641B73787FD4 HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 18 Apr 2023 20:09:32 GMT
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1681848572113;Expires=Sat, 17 Jun 2023 20:09:32 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=f720ec3f-c10a-4f40-9f04-d2e09e3d91ae;Expires=Sat, 17 Jun 2023 20:09:32 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_3WAY_SYNCS=;Expires=Sat, 17 Jun 2023 20:09:32 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
content-type: image/png
content-length: 95
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
471 B URL ocsp.r2m02.amazontrust.com/
IP
Hash d609450383daa2fbe395a4d0783c48f4
367faae70f0c1e03b356804d5dbf32bade2e62d7
4ed93297c2d3b8caa0495333b279014d2032c09fa917129c84f29f24c41fec63
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 18 Apr 2023 20:09:32 GMT
Last-Modified: Tue, 18 Apr 2023 18:24:14 GMT
Server: ECAcc (nya/1C3C)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 63SQDmwI6jnE1XXJqHXCeTRKGmmVxJZDfmnr4APkuYqdzo85mwXiXA==
Age: 6318
sync.search.spotxchange.com/partner?adv_id=7797&uid=57CFF9DC68224A3CBE8F46A0D0178048&__user_check__=1&sync_id=ee83d683-de24-11ed-ab9a-1d7abbad0306
200 OK 43 B URL GET HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7797&uid=57CFF9DC68224A3CBE8F46A0D0178048&__user_check__=1&sync_id=ee83d683-de24-11ed-ab9a-1d7abbad0306
IP
ASN #35220 SpotXchange, INC
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.search.spotxchange.com
Fingerprint0F:7C:3E:72:2A:7D:5A:A1:F7:57:61:45:0B:8A:AA:67:AA:C3:71:92
ValidityMon, 02 May 2022 00:00:00 GMT - Tue, 09 May 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55fade2068e7503eae8d7ddf5eb6bd09
317496a096d6c86486a71d4521994bcd171a6bb3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
GET /partner?adv_id=7797&uid=57CFF9DC68224A3CBE8F46A0D0178048&__user_check__=1&sync_id=ee83d683-de24-11ed-ab9a-1d7abbad0306 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 18 Apr 2023 20:09:32 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Set-Cookie: audience=ee9ed576-de24-11ed-8b53-18c6427b0106; expires=Tue, 16-May-2023 20:09:32 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 108
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ocsp.godaddy.com/
1.8 kB IP
Hash dcf6bceeaa97671d93a674db7993e09c
8ecf3de6453c399cb50128ed0dcdaadb2abc357c
3fe28bc1be19cdbea1fb078382121c07fe9513e589078cf00489d38696599048
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 18 Apr 2023 20:09:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 18 Apr 2023 17:19:20 GMT
Expires: Wed, 19 Apr 2023 17:19:20 GMT
ETag: "8ecf3de6453c399cb50128ed0dcdaadb2abc357c"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.r2m01.amazontrust.com/
471 B URL ocsp.r2m01.amazontrust.com/
IP
Hash fe57cf503672a2dd1dc04c03c17aed81
03a9aee8ece5b7bf79a504132d28881d162499bf
498549207e887c951cba2c1922b2ff237d5ca176eaff8f59025f51bbab5f2987
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 18 Apr 2023 20:09:32 GMT
Last-Modified: Tue, 18 Apr 2023 18:22:25 GMT
Server: ECAcc (nya/78C0)
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 974JqWDULAksub7k8fLiZPUNGi_tYjNooMDnIYnTQvJFU3qZkGKvNw==
Age: 6427
i.simpli.fi/p?cid=323546&cb=sifi_att_42656._hp
200 OK 750 B URL GET HTTP/2 i.simpli.fi/p?cid=323546&cb=sifi_att_42656._hp
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (750), with no line terminators
Hash e5234af32cf8e954ae518143c593da19
54e70dc43e9e7b4db65e9d88256b9b5e48f18601
f84227829db59ed7a72a92133f646e55bebd9ed5f4572cf593a5e53cd8af4fcc
GET /p?cid=323546&cb=sifi_att_42656._hp HTTP/1.1
Host: i.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 18 Apr 2023 20:09:31 GMT
content-type: application/javascript; charset=UTF-8
set-cookie: suid=FB782BD1639E4413B9D20ABF2D4DD29E; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; SameSite=none; Secure;
suid_legacy=FB782BD1639E4413B9D20ABF2D4DD29E; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; Secure;
uid_syncd=true; path=/; expires=Tue, 25 Apr 2023 20:09:31 GMT; domain=.simpli.fi; secure
uid_syncd_secure=true; path=/; expires=Tue, 25 Apr 2023 20:09:31 GMT; domain=.simpli.fi; samesite=none; secure
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache, no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2
ce.lijit.com/merge?pid=2&3pid=4CD7B957EBE94CC588659CFF1709468A
204 No Content 0 B URL GET HTTP/1.1 ce.lijit.com/merge?pid=2&3pid=4CD7B957EBE94CC588659CFF1709468A
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoDaddy.com, Inc.
Subject*.lijit.com
FingerprintAD:D4:57:DA:85:C3:73:48:E3:EC:4F:53:18:BB:E8:AB:9C:A2:37:BD
ValidityMon, 27 Jun 2022 19:12:10 GMT - Mon, 05 Jun 2023 21:13:33 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /merge?pid=2&3pid=4CD7B957EBE94CC588659CFF1709468A HTTP/1.1
Host: ce.lijit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Date: Tue, 18 Apr 2023 20:09:32 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Sovrn-Pod: ad_ap4ams1
ocsp.r2m02.amazontrust.com/
471 B URL ocsp.r2m02.amazontrust.com/
IP
Hash 13247d1c08db03e817c0e066a32f763e
94f47fc49415646de5c7c2f8a9b2e44645f290fc
90d9f82c70b9f485ce40a9a3d3243a5d09c2f5c3d9a02985dcc5e48a5df65dea
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=105303
Date: Tue, 18 Apr 2023 20:09:32 GMT
Etag: "643de4e1-1d7"
Expires: Thu, 20 Apr 2023 01:24:35 GMT
Last-Modified: Tue, 18 Apr 2023 00:31:29 GMT
Server: ECAcc (bsa/EA9D)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2oiFzc25WkbhDs7Lj_lUKiVsYmrtUvEPB6QYewiVX02VzhbgYPhW8Q==
Age: 3186
new-collect.albacross.com/e.gif?s=JSCollector%2C3.1.2&e0=pageview&ci0=b45e96a4-4090-4a3b-7679-184ada3646b4&v0=193e887a-3bbd-4332-2165-72de6351aecd&p0=31512585-1146-79f3-7273-546e5f07a280&u0=31512585-1146-79f3-7273-546e5f07a280&c0=89342177&t0=1681848703954&ur0=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418&ti0=US%20Business%20Funding%20-%20Equipment%20Financing%20and%20Working%20Capital%20Loans&re0=1280&re0=1024&o0=landscape-primary&us0=bayengage&um0=campaign-email&uca0=sales-0418
200 OK 37 B URL GET HTTP/2 new-collect.albacross.com/e.gif?s=JSCollector%2C3.1.2&e0=pageview&ci0=b45e96a4-4090-4a3b-7679-184ada3646b4&v0=193e887a-3bbd-4332-2165-72de6351aecd&p0=31512585-1146-79f3-7273-546e5f07a280&u0=31512585-1146-79f3-7273-546e5f07a280&c0=89342177&t0=1681848703954&ur0=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418&ti0=US%20Business%20Funding%20-%20Equipment%20Financing%20and%20Working%20Capital%20Loans&re0=1280&re0=1024&o0=landscape-primary&us0=bayengage&um0=campaign-email&uca0=sales-0418
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerAmazon
Subject*.albacross.com
FingerprintEB:C6:D6:DD:E2:5E:42:FA:AE:43:29:46:0C:D5:23:D2:78:35:E7:3F
ValidityMon, 13 Feb 2023 00:00:00 GMT - Mon, 01 Jan 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 637eb2cda011678b8ccd6b5b3c6e3570
300ffa6cb3b70adc05038ef2a4e9936978459ff2
49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d
GET /e.gif?s=JSCollector%2C3.1.2&e0=pageview&ci0=b45e96a4-4090-4a3b-7679-184ada3646b4&v0=193e887a-3bbd-4332-2165-72de6351aecd&p0=31512585-1146-79f3-7273-546e5f07a280&u0=31512585-1146-79f3-7273-546e5f07a280&c0=89342177&t0=1681848703954&ur0=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418&ti0=US%20Business%20Funding%20-%20Equipment%20Financing%20and%20Working%20Capital%20Loans&re0=1280&re0=1024&o0=landscape-primary&us0=bayengage&um0=campaign-email&uca0=sales-0418 HTTP/1.1
Host: new-collect.albacross.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 18 Apr 2023 20:09:32 GMT
content-type: image/gif
content-length: 37
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/js/tracking.min.js?ver=2.1.6.1
200 OK 3.0 kB URL GET HTTP/3 www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/js/tracking.min.js?ver=2.1.6.1
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type ASCII text, with very long lines (3074), with no line terminators
Hash 2a4453477fd69facf96ba973a116acac
808a3d969d60422df7715ab09aeb1f705f6203f9
cec426ba808c7d3930bedaa09643da11490c9eb390f2111d234eee9b960ae012
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/AffiliateWP-master/assets/js/tracking.min.js?ver=2.1.6.1 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:28 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2019 00:24:33 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2Ll3z0oZODZZ%2FmBSaqN%2Fk7DFjonJ%2F2HilyIVTe3bkGzue1UxgrZt6WI9pm0pTt%2Fl%2FUF0GeU20c%2F2Lr5GOP%2BuZbbjy5YqwJs95iqyjH2kAVohqEqSCuH7Z7ToR2OkYLyUyo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b9f8ba74831b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/uploads/bg-section-header.png
200 OK 22 kB URL GET HTTP/3 www.usbfund.com/wp-content/uploads/bg-section-header.png
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type PNG image data, 1920 x 149, 8-bit colormap, non-interlaced\012- data
Hash 65b13235e26653c77b0ed328dfdb8dc2
2dcc21d12b909058345b01f087062f6b59f4f05c
acba6ce2f083bf3e78176be5f1c68dfbeb67e609472b4f8c034ba8676d0995b2
GET /wp-content/uploads/bg-section-header.png HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/wp-content/themes/usb/style.css
Cookie: _gcl_au=1.1.402517861.1681848702; __ss=1681848701814; __ss_referrer=https%3A//www.usbfund.com/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418; _ga_YYEX7W0G95=GS1.1.1681848702.1.0.1681848702.0.0.0; _ga=GA1.1.1395607014.1681848702; __ss_tk=202304%7C643ef8f73059825d2d4130f7; _gd1681848702537=; wc_visitor=100980-672f2673-599e-9494-633d-4f996e25b59c; _gd1681848702538=; wc_client=bayengage+..+campaign-email+..+sales-0418+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418+..+100980-672f2673-599e-9494-633d-4f996e25b59c+..+; wc_client_current=bayengage+..+campaign-email+..+sales-0418+..++..++..++..+https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418+..+100980-672f2673-599e-9494-633d-4f996e25b59c+..+; IR_gbd=usbfund.com; IR_7486=1681848702062%7C0%7C1681848702062%7C%7C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:28 GMT
content-type: image/png
content-length: 22531
last-modified: Sat, 28 Sep 2019 00:14:58 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7cTZS8Nx39D%2BO%2BnrDyY0oPHfd5s%2Bke15ww%2F5BzJec%2BLFUGrJ%2BGt%2FlwqssKP8maSIvw9EkMSu7m6uyQevnCjz3GA2cOZj41HU4U07S1sUQpPH1Ik5EWG1kPAP2FFLhR19OE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8bb01f6ab4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
200 OK 72 kB URL User Request GET HTTP/2 www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
IP
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 18 Apr 2023 20:09:26 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://www.usbfund.com/wp-json/>; rel="https://api.w.org/", <https://www.usbfund.com/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json", <https://www.usbfund.com/>; rel=shortlink
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Swfao94ouJsAj9wIeass8tYAhFM1KwbhsBHWhSN5zkHtTUapVqJo3lz5gKawJp4fJCwNw1DeFDosp%2FT18ueRvrvzpHQeSXzrS3Gbjwepx1lk8HRUTxoBZBv9Mn%2ByEYZcM9g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b9f8ba11844b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.usbfund.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
200 OK 1.2 kB URL GET HTTP/3 www.usbfund.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type HTML document, ASCII text, with very long lines (1271), with no line terminators
Hash 40d981045a7516cdadd00e8dccc9c58d
8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3
71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c
Analyzer Verdict Alert fortinet Malware
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:26 GMT
content-type: application/javascript
last-modified: Fri, 14 Apr 2023 19:06:50 GMT
etag: W/"6439a44a-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JAfnnHdgY8%2Fq%2ByXtBL0xN3rM35O7anAJvutjKvnXMPIoi4cMfDZfkE%2FB4Wghh7voOIZ%2FnHChZ1ruyRGmnh8gxS7KLP9w7oKfUec%2FqdYqUQSf7eMBHi%2BQSsBbreprDAMGaJQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b9f8ba76886b4f9-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 20 Apr 2023 20:09:26 GMT
cache-control: max-age=172800, public
content-encoding: gzip
stags.bluekai.com/site/29931?id=D82080DE247F49E1A94FB26D7CED5A19
200 OK 62 B URL GET HTTP/2 stags.bluekai.com/site/29931?id=D82080DE247F49E1A94FB26D7CED5A19
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subjectodc-pixel-prod-01.oracle.com
Fingerprint9F:83:6C:57:F9:31:F8:2B:DC:ED:6D:38:18:F5:F1:01:CF:2A:2D:E3
ValidityTue, 07 Feb 2023 00:00:00 GMT - Thu, 08 Feb 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3f386f5061436a0338a64e0910db495d
599fe4a552c991a2b3ce5a1660732bf7b21fb901
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
GET /site/29931?id=D82080DE247F49E1A94FB26D7CED5A19 HTTP/1.1
Host: stags.bluekai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/gif
content-length: 62
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 18 Apr 2023 20:09:32 GMT
set-cookie: bku=blx99wFTwZxTvvDi; Path=/; Domain=.bluekai.com; Expires=Wed, 18 Oct 2023 20:09:31 GMT; Secure; SameSite=None
bkpa=KJy9nyexd02pSUHknp/8mE1hwtkAwDxT1M9T1WHa1MxlHMx8HEaOmEHsxM/tHe5eHDxNxEW89y9oaQrd; Path=/; Domain=.bluekai.com; Expires=Wed, 18 Oct 2023 20:09:31 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2
js.hs-banner.com/v2/5627136/banner.js
200 OK 213 kB URL GET HTTP/2 js.hs-banner.com/v2/5627136/banner.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0B:F5:BD:8D:21:BE:37:A5:03:72:D7:62:50:36:B8:16:5B:AA:85:4A
ValidityThu, 02 Jun 2022 00:00:00 GMT - Thu, 01 Jun 2023 23:59:59 GMT
File type ASCII text, with very long lines (65044)
Size 213 kB (212711 bytes)
Hash cdce2dc555e4864d7603211ee8efc583
c65614a07685c35f95985b76c3f8e8ca0fbe2dfc
6df121737f5c72a579b9c1b56113b4391f669f781bd4eaa176b7a790ae777aa6
GET /v2/5627136/banner.js HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 18 Apr 2023 20:09:28 GMT
content-type: text/javascript; charset=UTF-8
x-amz-id-2: 2kN1lwZCu5F+MWdJu5GmfZB7INmHreUEe1r+rx5hCYfVBRG+YuZXT+kjFfl73xEo8XimkuRvfFznJKMjEmAMGg==
x-amz-request-id: JV9VM245TDNWD1XX
last-modified: Mon, 17 Apr 2023 15:38:24 GMT
etag: W/"cdce2dc555e4864d7603211ee8efc583"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: m3lyAmi2EFE1D8wIXByq5fHLowkIUPum
access-control-allow-origin: https://www.usbfund.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin, Accept-Encoding
expires: Tue, 18 Apr 2023 20:14:28 GMT
cf-cache-status: MISS
server: cloudflare
cf-ray: 7b9f8bb1ccd3b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
rec.smartlook.com/es6/init.f5f25e4a0d9f5fce5c8d.js
200 OK 57 kB URL GET HTTP/2 rec.smartlook.com/es6/init.f5f25e4a0d9f5fce5c8d.js
IP
ASN #60068 Datacamp Limited
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerLet's Encrypt
Subject1610534878.rsc.cdn77.org
FingerprintBB:5B:2A:E4:11:8D:C4:B8:5E:3A:2D:9D:A5:F5:F3:39:06:C3:8E:63
ValidityThu, 23 Mar 2023 00:59:41 GMT - Wed, 21 Jun 2023 00:59:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /es6/init.f5f25e4a0d9f5fce5c8d.js HTTP/1.1
Host: rec.smartlook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 18 Apr 2023 20:09:29 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cross-origin-resource-policy: cross-origin
etag: W/"643e8cba-de50"
last-modified: Tue, 18 Apr 2023 12:27:38 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Accept-Encoding
server: CDN77-Turbo
x-77-nzt: AblMCRR1ECb/mWUAAA
x-77-nzt-ray: af58563043a312f4f9f83e64840cc72e
x-accel-expires: @1713358560
x-cache: HIT
x-age: 26009
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/themes/usb/style.css
200 OK 60 kB URL GET HTTP/3 www.usbfund.com/wp-content/themes/usb/style.css
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type ASCII text, with very long lines (6744)
Hash ff82997c2be31d6b6fa1e90ac97df1ac
0e377bf32af7d347aa51d4885e18d2cc416c8f9c
78f2946b6bdb5e61eb2683808059bebfab45a2e64eedb7157c5a718389b5957d
GET /wp-content/themes/usb/style.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 13 Apr 2022 22:11:44 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQWdivEgXt%2B5thGGWhKdfTUcU8CgkcrIxQ4hQ2hydsGFGwIs669KFHUVVq%2FV1ade385VifeApOuJ2CzT2h%2FqjvCCMflAdNcon%2BYDwaApik0grkX2lBxQv0as4j5Fc%2FZsBEQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b9f8ba7381bb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/themes/usb/css/grid.css
200 OK 45 kB URL GET HTTP/3 www.usbfund.com/wp-content/themes/usb/css/grid.css
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type assembler source, ASCII text, with very long lines (3536), with CRLF line terminators
Hash 4181231e03890eec942556e99056c078
53f540c04ad3871774cab94d7cf4fd7f48178d05
fe2d7f946ad400cef515d2933476fb3d30f45199a119a668338ab9c7b4061711
GET /wp-content/themes/usb/css/grid.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2019 00:35:49 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vppdGXndAGEEOpcZN1iB8K8u%2FV11vOiX9%2FWWs%2FSzuonfiNd5J39TfdybdDOZE4NSxGEdPI5fDqNi1rnWMK4WirHFcBBp3CJ9dpae%2Fuulawprm%2F%2BjGs5xF0CBTYZuNxh%2BHCs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b9f8ba72ff0b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/plugins/gravityforms/css/readyclass.min.css
200 OK 32 kB URL GET HTTP/3 www.usbfund.com/wp-content/plugins/gravityforms/css/readyclass.min.css
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type ASCII text, with very long lines (32180), with no line terminators
Hash e8cb782d10e0c6964b9d0b1bab063838
c82794914b3943156c8299bd069d1b02de75c90f
ec8af9acc2272ea0d0f5380ae424670a70b0bc429c3e404675f33db3c9daab22
GET /wp-content/plugins/gravityforms/css/readyclass.min.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:28 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2019 00:22:26 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6krOmuPGpkyN6rPMoL6W1%2FQLwrJ1w0R8s8k0wquA%2BraaciA4%2F203YxQF1pn3%2BE5Fhji0KDbSnTwilrjSZYouPLB8qjE4Cvc5tGVYl8Mbh9j%2F59G9kQCWw40sy5oc95GQHIQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b9f8ba788dab4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE8:8D:29:52:9C:44:66:28:BB:43:25:CE:11:45:BB:A1:5A:4E:44:11
ValidityTue, 28 Mar 2023 16:54:02 GMT - Tue, 20 Jun 2023 16:54:01 GMT
File type Web Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data
Hash d7b0b953a50fddaa88089b5b787cf719
2f85bc568b27659a3d6452f58f9fd7678450326d
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Apr 2023 20:03:21 GMT
expires: Fri, 12 Apr 2024 20:03:21 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
content-type: font/woff2
age: 432367
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.usbfund.com/?display_custom_css=css&ver=6.1.1
200 OK 1.5 kB URL GET HTTP/3 www.usbfund.com/?display_custom_css=css&ver=6.1.1
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type ASCII text, with very long lines (1581), with no line terminators
Hash b1f47076df76ba1c9462b4ca56ae90bf
247a3fcc494a83c987814734a29b57521bd26571
f18db6837ba149c8d32f9c0072c09859c0fa4ba5c136745cf9747f2d467c5b30
GET /?display_custom_css=css&ver=6.1.1 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: text/css;charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uec%2FXwgJ%2FnftzG1wBBiGHVALSfDXi5%2B6EKskRiFYS1DfjaHiSBiIAc1AwNtDJJfbBQAslEFYER0bntybjGUyXuwngh6vLDBD1%2FX62OepnOy5Ltk1tvKb8LxE6KRp2A0rhi0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b9f8ba74828b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
forms.soundestlink.com/REST/inShop/v1/getSettings?callback=_omnisend.setSettings&responseType=jsonp&shopHostname=www.usbfund.com&shopType=api&brandID=60034c978a48f7337bc1a105
0 B URL GET forms.soundestlink.com/REST/inShop/v1/getSettings?callback=_omnisend.setSettings&responseType=jsonp&shopHostname=www.usbfund.com&shopType=api&brandID=60034c978a48f7337bc1a105
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint54:B8:46:7B:76:99:67:6C:EA:5F:AD:F7:5C:7B:46:F2:95:48:76:22
ValidityTue, 24 Jan 2023 00:00:00 GMT - Wed, 24 Jan 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /REST/inShop/v1/getSettings?callback=_omnisend.setSettings&responseType=jsonp&shopHostname=www.usbfund.com&shopType=api&brandID=60034c978a48f7337bc1a105 HTTP/1.1
Host: forms.soundestlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 18 Apr 2023 20:09:29 GMT
content-type: application/json
cache-control: max-age=0, s-maxage=600, public
last-modified: Tue, 18 Apr 2023 20:09:29 GMT
x-envoy-upstream-service-time: 4
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: MISS
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7b9f8bb43f11b524-OSL
content-encoding: br
X-Firefox-Spdy: h2
js.hs-analytics.net/analytics/1681848300000/5627136.js
200 OK 66 kB URL GET HTTP/2 js.hs-analytics.net/analytics/1681848300000/5627136.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF8:FF:A7:86:85:79:73:9A:AA:35:3B:EF:66:02:AF:E3:03:26:0D:62
ValidityMon, 13 Jun 2022 00:00:00 GMT - Tue, 13 Jun 2023 23:59:59 GMT
File type ASCII text, with very long lines (64828)
Hash 15c755bed4a3dbcf8bb69afa103ef3ea
4a23653fc988ad54ebfe720f24926692baf19437
24ef4782eb5dc035332d65792571ed9e1937001d78229163ba7ddabac94f9c1b
GET /analytics/1681848300000/5627136.js HTTP/1.1
Host: js.hs-analytics.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 18 Apr 2023 20:09:29 GMT
content-type: text/javascript
x-amz-id-2: ebyenQd2DeUnG0I7OkQqlp/vpdBSiJz/bMjiX4URHUAEBRPvGum1PN1mGYZTwlU2J5N1lb84AFY=
x-amz-request-id: 2G0TAGZKAFQ42WGV
last-modified: Tue, 18 Apr 2023 14:04:23 GMT
etag: W/"15c755bed4a3dbcf8bb69afa103ef3ea"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: null
access-control-allow-credentials: false
vary: origin, Accept-Encoding
expires: Tue, 18 Apr 2023 20:14:29 GMT
cf-cache-status: MISS
server: cloudflare
cf-ray: 7b9f8bb85a72b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/plugins/gravityforms/css/formreset.min.css
200 OK 3.8 kB URL GET HTTP/3 www.usbfund.com/wp-content/plugins/gravityforms/css/formreset.min.css
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type ASCII text, with very long lines (3840), with no line terminators
Hash b91b0939a92c34946238d50b1d752451
ced01ef28a297ab45d494018f232dbe88a6e9f9a
784a99d40268afc0eab1bd5c2cd3f4c46e80748dd5d511b5fb53c1abf027eb24
GET /wp-content/plugins/gravityforms/css/formreset.min.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2019 00:22:28 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JrIAxd%2Fz7vYX%2F1BY%2BWRiN90cmekPqgHPgQ9DMAx47eRRK4uAgLmNR2i4a2uFAt%2F0ebC4GesubqUHD46Yy3DtFd%2Foj8c4x5hNtvKjVhQc5hIHBkZ2bf9rdCEsCgDym8Ueb3Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b9f8ba7688ab4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D58092%26time%3D1681848703990%26url%3Dhttps%253A%252F%252Fwww.usbfund.com%252F%253Futm_source%253Dbayengage%2526utm_medium%253Dcampaign-email%2526utm_campaign%253Dsales-0418%26liSync%3Dtrue
302 Found 0 B URL GET HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D58092%26time%3D1681848703990%26url%3Dhttps%253A%252F%252Fwww.usbfund.com%252F%253Futm_source%253Dbayengage%2526utm_medium%253Dcampaign-email%2526utm_campaign%253Dsales-0418%26liSync%3Dtrue
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subjectwww.linkedin.com
Fingerprint1F:CD:8F:F2:82:0B:B9:19:6B:DE:AD:66:B4:F9:B0:8B:F0:91:FF:6C
ValidityTue, 07 Mar 2023 00:00:00 GMT - Thu, 07 Sep 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D58092%26time%3D1681848703990%26url%3Dhttps%253A%252F%252Fwww.usbfund.com%252F%253Futm_source%253Dbayengage%2526utm_medium%253Dcampaign-email%2526utm_campaign%253Dsales-0418%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=58092&time=1681848703990&url=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418&liSync=true
set-cookie: bcookie="v=2&e010b5ee-518f-4088-8cb9-1a0a97eb1118"; Domain=.linkedin.com; Expires=Wed, 17-Apr-2024 20:09:30 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20230418200930546d7533-2871-484b-8036-c5ebfff66959AQGbU5_-62AJStMq-K6k-YblgFrdonvE"; Domain=.www.linkedin.com; Expires=Wed, 17-Apr-2024 20:09:30 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2ODE4NDg1NzA7MjswMjG9mz4RnTb4jzfwNj4zN5WnE7sdOw9Kw95ws5RSSodV8A==; Domain=.linkedin.com; Expires=Sun, 15 Oct 2023 20:09:30 GMT; Path=/; Secure; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2506:u=1:x=1:i=1681848570:t=1681934970:v=2:sig=AQGOMXQhYG7m8NdZ0RCgRG7gmR92DmY1"; Expires=Wed, 19 Apr 2023 20:09:30 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; script-src-attr 'report-sample' 'none'; object-src 'none'; media-src blob: *; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAX5oeKWKJhMfrNV8m72NA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: F79F977EE26549D591A16D1529456D2A Ref B: OSL30EDGE0522 Ref C: 2023-04-18T20:09:30Z
date: Tue, 18 Apr 2023 20:09:30 GMT
content-length: 0
X-Firefox-Spdy: h2
www.usbfund.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
200 OK 90 kB URL GET HTTP/3 www.usbfund.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type ASCII text, with very long lines (65447)
Hash 17738318d61d394f1de8890d589afaec
f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 17 Dec 2022 14:44:25 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hU9a68tkCRlyv9jEqBOjmtEMBrKwOKXQCGLzy67MAWwrAJ0ETciyvdxnN8Q3Wtm47rclQosT3EYosV%2B8ppWl8jBe1bNtVMf8eD%2BRgz%2Bc0iPKbl0SuWXV4T4uapjLHskqSVY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b9f8ba7482db4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/plugins/gravityforms/css/browsers.min.css
200 OK 7.3 kB URL GET HTTP/3 www.usbfund.com/wp-content/plugins/gravityforms/css/browsers.min.css
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type ASCII text, with very long lines (7333), with no line terminators
Hash 7c93668d52449d2bbfaeef7722f005f3
e0263c83f3e654803fa95036d410139dddc53f6a
b99dad0ffd567e9aed6cdad571817c7c18194ff768e933c9ca486da1fa8dbd44
GET /wp-content/plugins/gravityforms/css/browsers.min.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2019 00:22:25 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jFL41fhZQLdzsxJ6YlVGpKZ63UWwHMK3c8tISHHeVRdFPTKvtrnDnBgGy7Ywxqx%2Bkmc36Xepwfbzafl33wuo4uqdh7FBOrHatL%2BrZTRqJ%2BnMlxCsxwnydzX4q7im4PSRTqQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b9f8ba788d3b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
koi-3qnetrwct6.marketingautomation.services/koi?rf=&hn=www.usbfund.com&lg=en-US&sr=1280x1024&cd=24&vr=2.4.0&se=1681848701814&ac=KOI-41FUPAF63M&ts=1681848702&pt=0&pl=0&loc=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418&tp=page&ti=US%20Business%20Funding%20-%20Equipment%20Financing%20and%20Working%20Capital%20Loans
200 OK 126 B URL GET HTTP/3 koi-3qnetrwct6.marketingautomation.services/koi?rf=&hn=www.usbfund.com&lg=en-US&sr=1280x1024&cd=24&vr=2.4.0&se=1681848701814&ac=KOI-41FUPAF63M&ts=1681848702&pt=0&pl=0&loc=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418&tp=page&ti=US%20Business%20Funding%20-%20Equipment%20Financing%20and%20Working%20Capital%20Loans
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGlobalSign nv-sa
Subject*.marketingautomation.services
FingerprintB7:49:65:C5:92:42:69:3D:A0:BB:F8:6B:B1:7D:06:FF:FF:16:AC:36
ValidityFri, 03 Jun 2022 16:56:02 GMT - Wed, 05 Jul 2023 16:56:01 GMT
File type ASCII text, with no line terminators
Hash 745a74ef9958e8ed06b205c2b6bca6e2
75f08e339bf5a60792ebd270a69a248af42f2588
db665f28d607ace81b2e2b6e80d15f7fa79f21253b455725821dc56214935ded
GET /koi?rf=&hn=www.usbfund.com&lg=en-US&sr=1280x1024&cd=24&vr=2.4.0&se=1681848701814&ac=KOI-41FUPAF63M&ts=1681848702&pt=0&pl=0&loc=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418&tp=page&ti=US%20Business%20Funding%20-%20Equipment%20Financing%20and%20Working%20Capital%20Loans HTTP/1.1
Host: koi-3qnetrwct6.marketingautomation.services
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: koi-3qnetrwct6.marketingautomation.services
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
server: openresty
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: application/javascript
vary: Accept-Encoding
pod-hostname: koi-84c7cc466f-4djtp
p3p: CP='This is not a P3P policy! See https://www.constantcontact.com/legal/privacy-notice/ for more info.'
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Tue, 18 Apr 2023 20:09:27 GMT
cache-control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0
pragma: no-cache
set-cookie: koitk=202304%7C643ef8f73059825d2d4130f7; expires=Fri, 15-Apr-2033 20:09:27 GMT; Max-Age=315360000; path=/; domain=.marketingautomation.services; secure; SameSite=None
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
um.simpli.fi/ad_advisor
302 Found 0 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ad_advisor HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: openresty
date: Tue, 18 Apr 2023 20:09:31 GMT
content-type: text/html
content-length: 142
location: https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=A2A63DF18AA44288B4060A7DDE157631
set-cookie: suid=A2A63DF18AA44288B4060A7DDE157631; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; SameSite=none; Secure;
suid_legacy=A2A63DF18AA44288B4060A7DDE157631; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; Secure;
expires: Mon, 17 Apr 2023 20:09:31 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
omnisnippet1.com/forms/main.js?v=2023-04-18T20
200 OK 60 kB URL GET HTTP/2 omnisnippet1.com/forms/main.js?v=2023-04-18T20
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint34:DC:78:A8:0D:39:3D:C9:A7:9C:B8:55:F1:27:B3:01:7A:95:E5:BB
ValidityMon, 30 Jan 2023 00:00:00 GMT - Mon, 29 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (59965)
Hash 9460612555615625c454d556166c92c2
d89f1628c7d7f0621397c134c049a3daf4efd812
ebd0fbb0a44ac1c3c8bca2198205e1131c54c7e7297eb0a89d08f99946a0b4f6
GET /forms/main.js?v=2023-04-18T20 HTTP/1.1
Host: omnisnippet1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 18 Apr 2023 20:09:29 GMT
content-type: application/javascript
last-modified: Mon, 17 Apr 2023 12:05:19 GMT
etag: W/"643d35ff-ea5e"
expires: Tue, 18 Apr 2023 19:13:55 GMT
cache-control: max-age=3600
x-envoy-upstream-service-time: 1
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 3407
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7b9f8bb5d8b90b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
sync.bfmio.com/sync?pid=141&uid=AD0F340CE75441DC8BD0568AD2E16983
204 0 B URL GET HTTP/1.1 sync.bfmio.com/sync?pid=141&uid=AD0F340CE75441DC8BD0568AD2E16983
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerAmazon
Subject*.bfmio.com
Fingerprint4F:72:43:4D:33:48:2E:A1:41:92:F0:35:4B:61:93:87:41:7D:8A:FC
ValidityFri, 17 Mar 2023 00:00:00 GMT - Sun, 14 Apr 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?pid=141&uid=AD0F340CE75441DC8BD0568AD2E16983 HTTP/1.1
Host: sync.bfmio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204
Date: Tue, 18 Apr 2023 20:09:31 GMT
Set-Cookie: __141_cid=AD0F340CE75441DC8BD0568AD2E16983; Domain=.bfmio.com; Expires=Wed, 17-Apr-2024 20:09:32 GMT; Path=/
__io_cid=cba0cb11208cff093e1a897bfbf6d16eed57130f; Domain=.bfmio.com; Expires=Wed, 17-Apr-2024 20:09:32 GMT; Path=/
Connection: keep-alive
www.usbfund.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
200 OK 11 kB URL GET HTTP/3 www.usbfund.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 11 Oct 2021 18:27:21 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U9FixIPudJj0T0OtciJRNu3%2B99BScNNigFCB3MGwIbIbtuk2IHVFBD85D4FX6aj4Vyv1udt8em3UhdqYhSHwKjgkq5CPzg4dw%2BUzr2ofzH4V9lVY9nK8STLcW4KzsTms5jc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b9f8ba74826b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
200 OK 19 kB URL GET HTTP/3 www.usbfund.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Cookie: _gcl_au=1.1.402517861.1681848702; __ss=1681848701814; __ss_referrer=https%3A//www.usbfund.com/%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 17 Aug 2022 11:46:13 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2R86w5VemxaKFblNzFjw%2BS4fzYkEccTankhcsSNbB6H4FXV%2FQgFGPC8N7T6s6bntBOkOdIsUJhjAOuMtgwaS6HlBRfy4JZPbK3SUFZpz5lzpCFhBJ1Vz2FxUgJ1Ue3HmtlY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b9f8bab4fa0b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.usbfund.com/wp-content/themes/usb/js/plugins.js
200 OK 81 kB URL GET HTTP/3 www.usbfund.com/wp-content/themes/usb/js/plugins.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type HTML document, ASCII text, with very long lines (17791), with CRLF line terminators
Hash bfaeba156e7335456a0a079c2ebc4e54
08a7e1d38d2a0772caf660b897f5a27cc310058a
dea3dfdd01f0f244d07e494f7f6447896b06a42c9ccab081c2b0ea612bb2b9ec
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/usb/js/plugins.js HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2019 00:35:52 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BFY1KJIZDX1sKleRKtXmsOJqB2Kb%2FFtDVMDwdN59JjXvql9I0Y0ygBEthOyGxxuBDZmG94514LatKhhMiiLtOMIhrHgti7TYcS50OMU3324%2B1pD5xLKV4%2BIvWZ94nHXGGm0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b9f8ba788dfb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
js.hs-scripts.com/5627136.js?integration=WordPress&ver=9.2.12
200 OK 974 B URL GET HTTP/2 js.hs-scripts.com/5627136.js?integration=WordPress&ver=9.2.12
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint3B:C3:26:E0:5D:54:86:D1:67:A5:88:07:3D:EB:45:86:E2:4A:4F:5F
ValidityFri, 03 Jun 2022 00:00:00 GMT - Fri, 02 Jun 2023 23:59:59 GMT
File type ASCII text, with very long lines (1019), with no line terminators
Hash 9181e66b36135baa7bd9761917d45ff6
66cae6e4102f6434fd2185b5b25b3988cdfd4532
2452d285e2e653c4a331fea358cb09780c6706788cdc405a0282ff2dc4254468
GET /5627136.js?integration=WordPress&ver=9.2.12 HTTP/1.1
Host: js.hs-scripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: application/javascript;charset=utf-8
x-trace: 2BF56CC881DFDF815A724CA80E86CE943F4B0595F0000000000000000000
cache-control: public, max-age=60
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 44234360-0a03-4bab-b789-a21e5a1ce1ae
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-origin: https://www.usbfund.com
last-modified: Mon, 17 Apr 2023 16:26:23 GMT
cf-cache-status: EXPIRED
expires: Tue, 18 Apr 2023 20:10:27 GMT
server: cloudflare
cf-ray: 7b9f8ba91f591bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
511-lvj-854.mktoresp.com/webevents/visitWebPage?_mchNc=1681848704049&_mchCn=&_mchId=511-LVJ-854&_mchTk=_mch-usbfund.com-1681848704048-55240&_mchHo=www.usbfund.com&_mchPo=&_mchRu=%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=utm_source%3Dbayengage__-__utm_medium%3Dcampaign-email__-__utm_campaign%3Dsales-0418
200 OK 43 B URL POST HTTP/1.0 511-lvj-854.mktoresp.com/webevents/visitWebPage?_mchNc=1681848704049&_mchCn=&_mchId=511-LVJ-854&_mchTk=_mch-usbfund.com-1681848704048-55240&_mchHo=www.usbfund.com&_mchPo=&_mchRu=%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=utm_source%3Dbayengage__-__utm_medium%3Dcampaign-email__-__utm_campaign%3Dsales-0418
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.mktoresp.com
FingerprintF1:86:A2:64:22:99:41:B0:05:EB:2D:2F:A2:B9:2F:73:23:38:C8:30
ValidityWed, 05 Oct 2022 00:00:00 GMT - Sun, 05 Nov 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 7e1a751d6f8efada000e3df3aac35514
4c73d56e1221bcee6aca2e954b71b9d6216de36e
cbbd42bb1d88693e6805bd9d676840424af5ecf3e13d874fd06e6b57d53d8d40
POST /webevents/visitWebPage?_mchNc=1681848704049&_mchCn=&_mchId=511-LVJ-854&_mchTk=_mch-usbfund.com-1681848704048-55240&_mchHo=www.usbfund.com&_mchPo=&_mchRu=%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=utm_source%3Dbayengage__-__utm_medium%3Dcampaign-email__-__utm_campaign%3Dsales-0418 HTTP/1.1
Host: 511-lvj-854.mktoresp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.0 200 OK
Server: BigIP
Connection: Keep-Alive
Content-Length: 43
widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=57559cd10000ff00058effd9
200 OK 15 kB URL GET HTTP/2 widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=57559cd10000ff00058effd9
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintED:01:2E:50:4C:98:9B:F1:34:D7:8C:1E:93:45:E6:05:00:3C:47:86
ValidityThu, 02 Feb 2023 00:00:00 GMT - Sat, 02 Mar 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13396)
Hash a14ca16dcf08b1eb1de1175abdcd3cda
da20904985aa00a1c013374b861fc4c1469ac057
71cd0f30593ec11e666de6f9e0073737e3f29f0fdcd393dc92d0238c77a703de
GET /trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=57559cd10000ff00058effd9 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 3451
date: Tue, 18 Apr 2023 03:26:04 GMT
last-modified: Tue, 21 Mar 2023 10:45:41 GMT
etag: "ec8997a01685f3d46f7e65c853a558f4"
x-amz-server-side-encryption: AES256
cache-control: max-age=86400
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: T8zCWtG7qFRRifpqmo35bsOtx0N3zOA4q_SfRkSjIc2tBy7u1ZZKuA==
age: 60208
X-Firefox-Spdy: h2
js.hs-scripts.com/5627136.js
200 OK 974 B URL GET HTTP/2 js.hs-scripts.com/5627136.js
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint3B:C3:26:E0:5D:54:86:D1:67:A5:88:07:3D:EB:45:86:E2:4A:4F:5F
ValidityFri, 03 Jun 2022 00:00:00 GMT - Fri, 02 Jun 2023 23:59:59 GMT
File type ASCII text, with very long lines (1019), with no line terminators
Hash 9181e66b36135baa7bd9761917d45ff6
66cae6e4102f6434fd2185b5b25b3988cdfd4532
2452d285e2e653c4a331fea358cb09780c6706788cdc405a0282ff2dc4254468
GET /5627136.js HTTP/1.1
Host: js.hs-scripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: application/javascript;charset=utf-8
x-trace: 2B0B222803313412AA8DC935749387002B657A1AED000000000000000000
cache-control: public, max-age=60
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 452fec10-1c95-4aa2-8a11-4bff9b812e19
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-origin: https://www.usbfund.com
last-modified: Mon, 17 Apr 2023 16:26:23 GMT
cf-cache-status: EXPIRED
expires: Tue, 18 Apr 2023 20:10:27 GMT
server: cloudflare
cf-ray: 7b9f8ba91f561bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
prism.app-us1.com/?a=224499963&u=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418
200 OK 248 B URL GET HTTP/2 prism.app-us1.com/?a=224499963&u=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerLet's Encrypt
Subjectprism.app-us1.com
Fingerprint77:E9:1B:05:38:39:0E:7D:64:F1:A1:67:46:1D:7B:97:89:65:72:17
ValidityFri, 31 Mar 2023 15:06:08 GMT - Thu, 29 Jun 2023 15:06:07 GMT
File type ASCII text, with no line terminators
Hash ca5096c307205d1b747797d9735c0db9
d9d8da1fb2e5dce92935c3fc67e15ac630eec5a1
ab77aaa595aca7ed3307947d5e8cb7ecb8afbccaf14df44b816364e058e89d8a
GET /?a=224499963&u=https%3A%2F%2Fwww.usbfund.com%2F%3Futm_source%3Dbayengage%26utm_medium%3Dcampaign-email%26utm_campaign%3Dsales-0418 HTTP/1.1
Host: prism.app-us1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 18 Apr 2023 20:09:29 GMT
content-type: application/javascript
cache-control: no-cache, private
set-cookie: prism_224499963=90ab9ec9-fa75-4ee8-86b5-1e4d94223522; expires=Thu, 18 May 2023 20:09:29 GMT; Max-Age=2592000; path=/; secure; httponly; samesite=none
x-envoy-upstream-service-time: 51
x-powered-by: PHP/8.1.17
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7b9f8bb42a75b4f4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/css/forms.min.css
200 OK 3.3 kB URL GET HTTP/3 www.usbfund.com/wp-content/plugins/AffiliateWP-master/assets/css/forms.min.css
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerGoogle Trust Services LLC
Subjectusbfund.com
FingerprintAB:E6:A7:3D:EC:D8:F9:09:CB:27:2D:BA:32:20:C9:B5:01:27:3B:0F
ValidityFri, 14 Apr 2023 16:18:40 GMT - Thu, 13 Jul 2023 16:18:39 GMT
File type ASCII text, with very long lines (3302), with no line terminators
Hash 4aecc8ebf1881f8c69b3946867ea0624
6272610602f7ae12b5826dfdbd4cfbdd5a9b3950
86d3e623cc9956d622c3ddfe0a836e3675241801e21381c81d47fba04ed1bd41
GET /wp-content/plugins/AffiliateWP-master/assets/css/forms.min.css HTTP/1.1
Host: www.usbfund.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 18 Apr 2023 20:09:27 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 28 Sep 2019 00:24:30 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbbOV2BKvvJNiuR0GJAgAqFBHQkk%2BQ5MN138vTe%2BdgEb3RVhMd4vfkYkO8bQu%2F8q0csblrxOm4eoOc%2FRG2wa0E1U5vOBDb3M%2BqbYrQVI3wTDxLr74iPLJBhXSIpGQyd9BzY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b9f8ba73802b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
simplifi.partners.tremorhub.com/sync?UISF=076E26F1C0C94A1AA4B0C5871DD76E0A
200 OK 43 B URL GET HTTP/2 simplifi.partners.tremorhub.com/sync?UISF=076E26F1C0C94A1AA4B0C5871DD76E0A
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerAmazon
Subject*.tremorhub.com
Fingerprint7C:E5:19:4C:66:2B:05:92:BD:19:F8:B8:A5:D7:48:5B:36:BC:26:AE
ValidityWed, 22 Feb 2023 00:00:00 GMT - Sat, 23 Mar 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /sync?UISF=076E26F1C0C94A1AA4B0C5871DD76E0A HTTP/1.1
Host: simplifi.partners.tremorhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.usbfund.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 18 Apr 2023 20:09:32 GMT
content-type: image/gif
server: nginx
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
process.iconnode.com/google-ads/
200 OK 0 B URL POST HTTP/2 process.iconnode.com/google-ads/
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerAmazon
Subject*.iconnode.com
Fingerprint2A:FB:28:30:52:32:14:03:84:5D:DF:C4:71:E9:EB:81:7F:A6:1A:60
ValidityMon, 27 Feb 2023 00:00:00 GMT - Tue, 22 Aug 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /google-ads/ HTTP/1.1
Host: process.iconnode.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Origin: https://www.usbfund.com
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/2 200 OK
date: Tue, 18 Apr 2023 20:09:28 GMT
content-type: text/html; charset=UTF-8
content-length: 0
server: Apache/2.4.56 () OpenSSL/1.0.2k-fips PHP/7.4.33
x-powered-by: PHP/7.4.33
access-control-allow-origin: https://www.usbfund.com
access-control-allow-credentials: true
access-control-max-age: 86400
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=57559cd10000ff00058effd9
200 OK 15 kB URL GET HTTP/2 widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=57559cd10000ff00058effd9
IP
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintED:01:2E:50:4C:98:9B:F1:34:D7:8C:1E:93:45:E6:05:00:3C:47:86
ValidityThu, 02 Feb 2023 00:00:00 GMT - Sat, 02 Mar 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13396)
Hash a14ca16dcf08b1eb1de1175abdcd3cda
da20904985aa00a1c013374b861fc4c1469ac057
71cd0f30593ec11e666de6f9e0073737e3f29f0fdcd393dc92d0238c77a703de
GET /trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=57559cd10000ff00058effd9 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 3451
date: Tue, 18 Apr 2023 03:26:04 GMT
last-modified: Tue, 21 Mar 2023 10:45:41 GMT
etag: "ec8997a01685f3d46f7e65c853a558f4"
x-amz-server-side-encryption: AES256
cache-control: max-age=86400
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DQPxxQhCHSnCmEnLTWdISDfwLDaOEWHl10LoPDWHK25_MPP5gNK0NA==
age: 60205
X-Firefox-Spdy: h2
um.simpli.fi/dtnx
302 Found 43 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://www.usbfund.com/?utm_source=bayengage&utm_medium=campaign-email&utm_campaign=sales-0418
Certificate IssuerDigiCert Inc
Subject*.simpli.fi
Fingerprint27:96:8F:87:F1:70:21:73:0D:FA:F2:50:90:1F:FD:EC:80:59:7E:7A
ValidityMon, 07 Nov 2022 00:00:00 GMT - Fri, 08 Dec 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dtnx HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.usbfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: openresty
date: Tue, 18 Apr 2023 20:09:31 GMT
content-type: text/html
content-length: 142
location: https://fei.pro-market.net/engine?du=24;csync=DBAC5F74E6574053961B951BF382EC27;mimetype=img;
set-cookie: suid=DBAC5F74E6574053961B951BF382EC27; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; SameSite=none; Secure;
suid_legacy=DBAC5F74E6574053961B951BF382EC27; Path=/; domain=simpli.fi; Expires=Thu, 18-Apr-24 20:09:31 GMT; Secure;
expires: Mon, 17 Apr 2023 20:09:31 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
34.102.239.211
34.90.79.92
213.19.162.80
104.18.16.174
54.194.98.250
188.114.96.1
88.221.99.189
37.252.171.149
23.38.201.22
0.0.0.0