Submitted URL: http://links.8020prosperity.co/u/click?_t=a2172dd9151d4f6e87ce401c7be573c6&_m=dadfc3bbebfa4a2cab33a12a2a882fd7&_e=U-oPoqGi6YlbJ...
Effective URL: https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be...
Submission: On February 13 via api from BE

Summary

This website contacted 32 IPs in 4 countries across 29 domains to perform 92 HTTP transactions. The main IP is 2606:4700::6811:3129, located in United States and belongs to CLOUDFLARENET, US. The main domain is wealth-wave.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 4th 2020. Valid for: a year.
This is the only time wealth-wave.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.206.166.46 14618 (AMAZON-AES)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 50.23.66.138 36351 (SOFTLAYER)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 34.120.5.10 15169 (GOOGLE)
1 12 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.36.235.171 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 88.221.60.75 16625 (AKAMAI-AS)
1 143.204.99.83 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 52.89.79.226 16509 (AMAZON-02)
1 142.250.186.130 15169 (GOOGLE)
37 192.229.220.49 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.225.80.113 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.224.193.121 16509 (AMAZON-02)
2 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 143.204.209.72 16509 (AMAZON-02)
1 151.139.128.11 20446 (HIGHWINDS3)
1 2600:9000:206... 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 143.204.209.120 16509 (AMAZON-02)
3 3.97.172.168 16509 (AMAZON-02)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 34.234.183.128 14618 (AMAZON-AES)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 3.88.95.40 14618 (AMAZON-AES)
2 2600:1901:0:d... 15169 (GOOGLE)
92 32
Domain Requested by
37 fast.vidalytics.com wealth-wave.com
fast.vidalytics.com
12 wealth-wave.com 1 redirects wealth-wave.com
4 fonts.gstatic.com fonts.googleapis.com
4 fonts.googleapis.com wealth-wave.com
3 track-v2.funnelytics.io cdn.funnelytics.io
2 licensing.bitmovin.com fast.vidalytics.com
2 www.facebook.com wealth-wave.com
2 connect.facebook.net wealth-wave.com
connect.facebook.net
2 b-code.liadm.com www.googletagmanager.com
2 api.segment.io cdn.segment.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 munchkin.marketo.net wealth-wave.com
munchkin.marketo.net
2 www.googletagmanager.com wealth-wave.com
1 rp4.liadm.com wealth-wave.com
1 rp.liadm.com 1 redirects
1 check.deadlinefunnel.com a.deadlinefunnel.com
1 vars.hotjar.com static.hotjar.com
1 www.google.de wealth-wave.com
1 www.google.com wealth-wave.com
1 www.clickcease.com wealth-wave.com
1 cdn.oribi.io wealth-wave.com
1 a.deadlinefunnel.com wealth-wave.com
1 cdn.funnelytics.io wealth-wave.com
1 script.hotjar.com static.hotjar.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 stats.g.doubleclick.net www.google-analytics.com
1 static.hotjar.com wealth-wave.com
1 www.googleadservices.com www.googletagmanager.com
1 cdn.segment.com wealth-wave.com
1 cdn-3.convertexperiments.com wealth-wave.com
1 www.wls92trk.com 1 redirects
1 verifiedsecure.org 1 redirects
1 www.clkmr.com 1 redirects
1 tap.8020research.com 1 redirects
1 links.8020prosperity.co 1 redirects
0 a.weissinc.com Failed wealth-wave.com
92 36

This site contains links to these domains. Also see Links.

Domain
vidalytics.com
cart.weissratings.com
www.weissratings.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-04 -
2021-08-04
a year crt.sh
*.convertexperiments.com
DigiCert SHA2 Secure Server CA
2020-03-19 -
2021-06-18
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
*.marketo.net
DigiCert SHA2 Secure Server CA
2020-03-14 -
2021-04-13
a year crt.sh
*.segment.com
DigiCert SHA2 Secure Server CA
2020-06-12 -
2021-07-27
a year crt.sh
www.googleadservices.com
GTS CA 1O1
2021-01-19 -
2021-04-13
3 months crt.sh
*.vidalytics.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-02 -
2022-03-05
a year crt.sh
*.gstatic.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
*.hotjar.com
Amazon
2020-12-25 -
2022-01-23
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
b-code.liadm.com
DigiCert Secure Site ECC CA-1
2020-06-23 -
2021-09-22
a year crt.sh
*.funnelytics.io
Amazon
2021-01-06 -
2022-02-03
a year crt.sh
a.deadlinefunnel.com
R3
2021-01-16 -
2021-04-16
3 months crt.sh
oribi.io
Amazon
2020-07-16 -
2021-08-16
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-12-22 -
2021-03-21
3 months crt.sh
www.google.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
www.google.de
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
dfimage.com
Amazon
2021-01-01 -
2022-01-29
a year crt.sh
*.liadm.com
Amazon
2020-03-31 -
2021-04-30
a year crt.sh
*.bitmovin.com
Go Daddy Secure Certificate Authority - G2
2020-06-02 -
2022-06-02
2 years crt.sh

This page contains 2 frames:

Primary Page: https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
Frame ID: B2C76CD3A5DF9872E678C17F7AF50BEB
Requests: 93 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 3633BF003A5A3870FA9856A859316C1F
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://links.8020prosperity.co/u/click?_t=a2172dd9151d4f6e87ce401c7be573c6&_m=dadfc3bbebfa4a2cab33a12a2a882... HTTP 303
    https://tap.8020research.com/wmegatrends01/09f84c4bbc983f94f94e7226cb598ebb/54/ HTTP 302
    https://www.clkmr.com/etpub/wmegatrends01/09f84c4bbc983f94f94e7226cb598ebb/54/ HTTP 302
    https://verifiedsecure.org/go?ehash=09f84c4bbc983f94f94e7226cb598ebb&product=1562&ar=54&cid= HTTP 302
    https://www.wls92trk.com/9W598/6JHXF/?sub1=3413763454102818745 HTTP 302
    https://wealth-wave.com/reports/WSC/stealth-attack/event?sc=EVERF&ec=FWSCAB02&transaction_id=b035c11... HTTP 301
    https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c1... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /react.*\.js/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i

Overall confidence: 100%
Detected patterns
  • script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

Overall confidence: 100%
Detected patterns
  • script /munchkin\.marketo\.net\/munchkin\.js/i

Overall confidence: 100%
Detected patterns
  • script /cdn\.segment\.com\/analytics\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

92
Requests

99 %
HTTPS

54 %
IPv6

29
Domains

36
Subdomains

32
IPs

4
Countries

15643 kB
Transfer

18681 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://links.8020prosperity.co/u/click?_t=a2172dd9151d4f6e87ce401c7be573c6&_m=dadfc3bbebfa4a2cab33a12a2a882fd7&_e=U-oPoqGi6YlbJ9qs2h0AVRqs3lqpeWS4tDojlp8ormWzdAOKmc8G3WgY6M4QOgfINm85n1ddlDhTFm8jKB0b8XysgBxtc4UZmpZk0uOA6M_sgo_lE35hF0V0FLnSouWKJ_7hxrj6rxryIzdJs__ykwgYDNvmZYqqcDuurpBlUITb72VxQCknhJWogUxR7Diw8x-2QaTWUBAgrmBENFoJs7Je-h91aQIhGHUpJtllXFpKTXPFbLayFF7i0iAw01uC2GcBkZ4EHaNiiuO3cgKuhvfVDAQzqJ2hbrO4WqMBvkUCZdoFX10Ae39PQavY04L7BHf1FbR4PsV7lKtzbGs2fA== HTTP 303
    https://tap.8020research.com/wmegatrends01/09f84c4bbc983f94f94e7226cb598ebb/54/ HTTP 302
    https://www.clkmr.com/etpub/wmegatrends01/09f84c4bbc983f94f94e7226cb598ebb/54/ HTTP 302
    https://verifiedsecure.org/go?ehash=09f84c4bbc983f94f94e7226cb598ebb&product=1562&ar=54&cid= HTTP 302
    https://www.wls92trk.com/9W598/6JHXF/?sub1=3413763454102818745 HTTP 302
    https://wealth-wave.com/reports/WSC/stealth-attack/event?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1 HTTP 301
    https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49
  • https://rp.liadm.com/j?tna=v2.0.1&aid=a-04cf&wpn=lc-bundle&pu=https%3A%2F%2Fwealth-wave.com%2Freports%2FWSC%2Fstealth-attack%2Fevent%2F%3Fsc%3DEVERF%26ec%3DFWSCAB02%26transaction_id%3Db035c112657242c6bddbd2a7be94bce1&duid=f9696ffbe0df--01eycx3bga2j01q9xc9s5z5y12&se=e30&dtstmp=1613193391976 HTTP 302
  • https://rp4.liadm.com/j?tna=v2.0.1&aid=a-04cf&wpn=lc-bundle&pu=https%3A%2F%2Fwealth-wave.com%2Freports%2FWSC%2Fstealth-attack%2Fevent%2F%3Fsc%3DEVERF%26ec%3DFWSCAB02%26transaction_id%3Db035c112657242c6bddbd2a7be94bce1&duid=f9696ffbe0df--01eycx3bga2j01q9xc9s5z5y12&se=e30&dtstmp=1613193391976&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true

92 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
wealth-wave.com/reports/WSC/stealth-attack/event/
Redirect Chain
  • http://links.8020prosperity.co/u/click?_t=a2172dd9151d4f6e87ce401c7be573c6&_m=dadfc3bbebfa4a2cab33a12a2a882fd7&_e=U-oPoqGi6YlbJ9qs2h0AVRqs3lqpeWS4tDojlp8ormWzdAOKmc8G3WgY6M4QOgfINm85n1ddlDhTFm8jKB0...
  • https://tap.8020research.com/wmegatrends01/09f84c4bbc983f94f94e7226cb598ebb/54/
  • https://www.clkmr.com/etpub/wmegatrends01/09f84c4bbc983f94f94e7226cb598ebb/54/
  • https://verifiedsecure.org/go?ehash=09f84c4bbc983f94f94e7226cb598ebb&product=1562&ar=54&cid=
  • https://www.wls92trk.com/9W598/6JHXF/?sub1=3413763454102818745
  • https://wealth-wave.com/reports/WSC/stealth-attack/event?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
  • https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
16 KB
5 KB
Document
General
Full URL
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.24
Resource Hash
a0e3acc116dabea8a32c2e00c073c937d32bd67314ecbb35b2a328788b15598f

Request headers

:method
GET
:authority
wealth-wave.com
:scheme
https
:path
/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=de515ca32749416b2e9f4da9153fd8a951613193390; __cflb=02DiuFRfDtCZNo13WaNWkbrzXbnKmgu9svtzcFe5iKG4U
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:31 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.2.24
set-cookie
SEGMENT_ID=1613193390-518913936%40anonymous.weissinc.com; expires=Sat, 17-Jul-2021 09:56:30 GMT; Max-Age=13322400; path=/
x-hslug
lamp-prod-web-1
cf-cache-status
DYNAMIC
cf-request-id
083b6ac24600001f557400f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
620c13e3ade21f55-FRA
content-encoding
gzip

Redirect headers

date
Sat, 13 Feb 2021 05:16:30 GMT
content-type
text/html
set-cookie
__cfduid=de515ca32749416b2e9f4da9153fd8a951613193390; expires=Mon, 15-Mar-21 05:16:30 GMT; path=/; domain=.wealth-wave.com; HttpOnly; SameSite=Lax; Secure __cflb=02DiuFRfDtCZNo13WaNWkbrzXbnKmgu9svtzcFe5iKG4U; SameSite=None; Secure; path=/; expires=Sun, 14-Feb-21 04:16:30 GMT; HttpOnly
location
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
x-hslug
lamp-prod-web-1
cf-cache-status
DYNAMIC
cf-request-id
083b6ac10d00001f5547a51000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
620c13e1ac121f55-FRA
10034341-10032397.js
cdn-3.convertexperiments.com/js/
191 KB
60 KB
Script
General
Full URL
https://cdn-3.convertexperiments.com/js/10034341-10032397.js
Requested by
Host: wealth-wave.com
URL: https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.235.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-235-171.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
67ddcda1e70229458c5601c069e781057dc00235fc0a5ab99767ecd8136c6396
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:31 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=186
strict-transport-security
max-age=15768000
content-length
60578
x-privacy-policy
You can find our privacy policy at https://www.convert.com/privacy-notice/
js
www.googletagmanager.com/gtag/
97 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-40785925-128
Requested by
Host: wealth-wave.com
URL: https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
787e5a258fb5cc645ae0349d82829f9582ee4eb1eb4fa43a7233fdc0e0beeb91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39102
x-xss-protection
0
last-modified
Sat, 13 Feb 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 13 Feb 2021 05:16:31 GMT
css
fonts.googleapis.com/
12 KB
1001 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Arimo:400,400i,700,700i|Oswald:400,700
Requested by
Host: wealth-wave.com
URL: https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e411de9ad8bd1aeb08432c19179af1a22b62d3be12b5e76232a71445afb39c03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 13 Feb 2021 04:11:45 GMT
server
ESF
date
Sat, 13 Feb 2021 05:16:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Feb 2021 05:16:31 GMT
main.css
wealth-wave.com/reports/assets/css/main/1.0.2/
203 KB
34 KB
Stylesheet
General
Full URL
https://wealth-wave.com/reports/assets/css/main/1.0.2/main.css?v=1511878093
Requested by
Host: wealth-wave.com
URL: https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a136bc8c30fe7edbdd9ae87fc4b370bf92fe50521bee079789ef99854248183

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:31 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Nov 2017 14:08:13 GMT
server
cloudflare
age
4238
etag
W/"5a1d6dcd-32b15"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-hslug
lamp-prod-web-1
content-type
text/css
cache-control
public, max-age=14400
cf-ray
620c13e6480d1f55-FRA
cf-request-id
083b6ac3e900001f553328e000000001
expires
Sat, 13 Feb 2021 09:16:31 GMT
custom.css
wealth-wave.com/reports/WSC/stealth-attack/event/assets/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://wealth-wave.com/reports/WSC/stealth-attack/event/assets/css/custom.css?v=1613193390
Requested by
Host: wealth-wave.com
URL: https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c17dad696db6523141200694c415e788f1933f3f16a53ac709710a6bf65562fa

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:31 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 20 Nov 2020 17:46:53 GMT
server
cloudflare
etag
W/"5fb8010d-145d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-hslug
lamp-prod-web-1
content-type
text/css
cache-control
public, max-age=14400
cf-ray
620c13e6480e1f55-FRA
cf-request-id
083b6ac3e900001f559e07a000000001
expires
Sat, 13 Feb 2021 09:16:31 GMT
jquery.min.js
wealth-wave.com/reports/assets/js/jquery/3.2.1/
85 KB
30 KB
Script
General
Full URL
https://wealth-wave.com/reports/assets/js/jquery/3.2.1/jquery.min.js
Requested by
Host: wealth-wave.com
URL: https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:31 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 15 Aug 2017 12:54:56 GMT
server
cloudflare
age
4238
etag
W/"5992ef20-15283"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-hslug
lamp-prod-web-3t
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
620c13e648101f55-FRA
cf-request-id
083b6ac3ea00001f553a377000000001
expires
Sat, 13 Feb 2021 09:16:31 GMT
landing-6.jpg
wealth-wave.com/reports/WSC/stealth-attack/assets/img/
86 KB
86 KB
Image
General
Full URL
https://wealth-wave.com/reports/WSC/stealth-attack/assets/img/landing-6.jpg
Requested by
Host: wealth-wave.com
URL: https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4472c736b87e95aee996c2be4846075a277c7ff8e26d97bb5037b523208303aa

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:31 GMT
cf-cache-status
HIT
age
4237
last-modified
Thu, 19 Nov 2020 21:04:14 GMT
content-length
88136
cf-request-id
083b6ac46b00001f5574022000000001
cf-bgj
h2pri
server
cloudflare
etag
"5fb6ddce-15848"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-hslug
lamp-prod-web-2
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
620c13e718b81f55-FRA
expires
Sat, 13 Feb 2021 09:16:31 GMT
sme
a.weissinc.com/
0
0

ouibounce.min.js
wealth-wave.com/reports/assets/js/ouibounce/0.0.12/
2 KB
921 B
Script
General
Full URL
https://wealth-wave.com/reports/assets/js/ouibounce/0.0.12/ouibounce.min.js?
Requested by
Host: wealth-wave.com
URL: https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b74c3b8c5f786bcc4aa29f55ca0b178a0e2b5fcc6da3057a121bececc1b572ea

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:31 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 14 Jun 2015 15:03:04 GMT
server
cloudflare
age
4237
etag
W/"557d97a8-658"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-hslug
lamp-prod-web-2
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
620c13e698521f55-FRA
cf-request-id
083b6ac42100001f552d3c4000000001
expires
Sat, 13 Feb 2021 09:16:31 GMT
exit-modal.js
wealth-wave.com/reports/assets/js/exit-modal/1.0.1/
2 KB
806 B
Script
General
Full URL
https://wealth-wave.com/reports/assets/js/exit-modal/1.0.1/exit-modal.js?1508185455
Requested by
Host: wealth-wave.com
URL: https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d28347070f9244b33fff98996f13c5d4addd34c92abf7b175022279162a37b17

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:31 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 16 Oct 2017 20:24:15 GMT
server
cloudflare
age
4237
etag
W/"59e5156f-706"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-hslug
lamp-prod-web-2
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
620c13e6c87a1f55-FRA
cf-request-id
083b6ac43f00001f558b37d000000001
expires
Sat, 13 Feb 2021 09:16:31 GMT
ua-parser.min.js
wealth-wave.com/reports/assets/js/ua-parser-js/0.7.17/
17 KB
6 KB
Script
General
Full URL
https://wealth-wave.com/reports/assets/js/ua-parser-js/0.7.17/ua-parser.min.js
Requested by
Host: wealth-wave.com
URL: https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:31 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 27 Oct 2017 15:03:41 GMT
server
cloudflare
age
4237
etag
W/"59f34acd-4298"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-hslug
lamp-prod-web-1
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
620c13e6d8891f55-FRA
cf-request-id
083b6ac44b00001f553cab2000000001
expires
Sat, 13 Feb 2021 09:16:31 GMT
segment-controls.js
wealth-wave.com/reports/assets/js/segment-controls/1.0.5/
17 KB
5 KB
Script
General
Full URL
https://wealth-wave.com/reports/assets/js/segment-controls/1.0.5/segment-controls.js?v=1510072575
Requested by
Host: wealth-wave.com
URL: https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2b976592e5c7de21b39535d220f2710f61c922228d513c387778f340bfa3869

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:31 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Nov 2017 16:36:15 GMT
server
cloudflare
age
4237
etag
W/"5a01e0ff-4354"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-hslug
lamp-prod-web-2
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
620c13e6f89b1f55-FRA
cf-request-id
083b6ac45b00001f557195f000000001
expires
Sat, 13 Feb 2021 09:16:31 GMT
munchkin.js
munchkin.marketo.net/
1 KB
1 KB
Script
General
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: wealth-wave.com
URL: https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-60-75.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 05:16:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Aug 2020 03:11:00 GMT
Server
AkamaiNetStorage
ETag
"a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
752
analytics.min.js
cdn.segment.com/analytics.js/v1/r78M9WFn2Nc33pHSecXPG6RfLadoQssD/
347 KB
63 KB
Script
General
Full URL
https://cdn.segment.com/analytics.js/v1/r78M9WFn2Nc33pHSecXPG6RfLadoQssD/analytics.min.js
Requested by
Host: wealth-wave.com
URL: https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.99.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-99-83.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
43e56a4c786c842f2a064ae55ed4a3462376b48a64fa6c7240fc243cbd2d2c4e

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
32Ll4WbqeqHRmnno08THoDIUEvqtO67U
content-encoding
gzip
etag
"75f423ada8120fc758e54700fff608c8"
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
64019
access-control-allow-origin
*
last-modified
Sat, 06 Feb 2021 01:21:13 GMT
server
AmazonS3
date
Sat, 13 Feb 2021 05:16:31 GMT
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control
public, max-age=120
accept-ranges
bytes
x-amz-cf-id
XGs6vKbuybbFgwqVEFTp9W0DwLDYvhnUsTRYDDaNJ7GfUQwhvNP5Gg==
gtm.js
www.googletagmanager.com/
271 KB
61 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T75JJZV
Requested by
Host: wealth-wave.com
URL: https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b39eab8d7bf6c2f600c4a84e1e2dfc7e6e9c6159f2aa2ec32ebc659021740955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62865
x-xss-protection
0
last-modified
Sat, 13 Feb 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 13 Feb 2021 05:16:31 GMT
analytics.js
www.google-analytics.com/
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-40785925-128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
6684
date
Sat, 13 Feb 2021 03:25:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Sat, 13 Feb 2021 05:25:07 GMT
munchkin.js
munchkin.marketo.net/159/
11 KB
6 KB
Script
General
Full URL
https://munchkin.marketo.net/159/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-60-75.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 05:16:31 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 May 2020 02:24:14 GMT
Server
AkamaiNetStorage
ETag
"79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
4810
Expires
Mon, 24 May 2021 05:16:31 GMT
p
api.segment.io/v1/
21 B
141 B
XHR
General
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/r78M9WFn2Nc33pHSecXPG6RfLadoQssD/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.89.79.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-89-79-226.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wealth-wave.com
date
Sat, 13 Feb 2021 05:16:31 GMT
content-length
21
vary
Origin
content-type
application/json
css
fonts.googleapis.com/
9 KB
882 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i&display=swap
Requested by
Host: wealth-wave.com
URL: https://wealth-wave.com/reports/WSC/stealth-attack/event/assets/css/custom.css?v=1613193390
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3dffc22e349582586e3275260bc906efa518814cf83b4b56832c958fe1faf88f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/assets/css/custom.css?v=1613193390
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 13 Feb 2021 03:38:17 GMT
server
ESF
date
Sat, 13 Feb 2021 05:16:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Feb 2021 05:16:31 GMT
css2
fonts.googleapis.com/
12 KB
772 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Lora:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700
Requested by
Host: wealth-wave.com
URL: https://wealth-wave.com/reports/WSC/stealth-attack/event/assets/css/custom.css?v=1613193390
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ddcdb67d7d2bac5512e5c13e8adfd4b85d7707f5072966ffaf9124806f6e5208
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/assets/css/custom.css?v=1613193390
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 13 Feb 2021 05:16:31 GMT
server
ESF
date
Sat, 13 Feb 2021 05:16:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Feb 2021 05:16:31 GMT
css2
fonts.googleapis.com/
377 B
327 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Patua+One
Requested by
Host: wealth-wave.com
URL: https://wealth-wave.com/reports/WSC/stealth-attack/event/assets/css/custom.css?v=1613193390
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
400c5ad281dc936a80818ccd24a0769f3e896d947ed1dc1f9ce6f5ca6e799bfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/assets/css/custom.css?v=1613193390
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 13 Feb 2021 05:14:48 GMT
server
ESF
date
Sat, 13 Feb 2021 05:16:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Feb 2021 05:16:31 GMT
conversion_async.js
www.googleadservices.com/pagead/
30 KB
12 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T75JJZV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
c70c76846a8e9bf632e225948393882141c6ddb3ebab4ce1be1aa5deda981de3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
12205
x-xss-protection
0
server
cafe
etag
14286597169266950975
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 13 Feb 2021 05:16:31 GMT
collect
www.google-analytics.com/j/
2 B
48 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=488851910&t=pageview&_s=1&dl=https%3A%2F%2Fwealth-wave.com%2Freports%2FWSC%2Fstealth-attack%2Fevent%2F%3Fsc%3DEVERF%26ec%3DFWSCAB02%26transaction_id%3Db035c112657242c6bddbd2a7be94bce1&ul=en-us&de=UTF-8&dt=Wealth%20Megatrends%20-%20Stealth%20Attack%20on%20America%20-%20Event&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=95362144&gjid=1191872702&cid=1380216067.1613193391&tid=UA-40785925-128&_gid=743876182.1613193391&_r=1&gtm=2ou230&z=257787919
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Feb 2021 05:16:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wealth-wave.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
loader.min.js
fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/
4 KB
1 KB
Script
General
Full URL
https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/loader.min.js
Requested by
Host: wealth-wave.com
URL: https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8A95) /
Resource Hash
4acf4fc977bff8255335721d932c10bef55073aba3e94f4dd090664ef7215de6

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:31 GMT
content-encoding
gzip
age
639045
x-guploader-uploadid
ABg5-UwHiUnyUw9MLzpzSZWwCiHtMsqcIj51aPFPwuAf3wApnDByTVKuOY_TfCELfD70G8xhBwUOTDuP70W6i87Xe5c
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1307
last-modified
Wed, 06 Jan 2021 19:43:15 GMT
server
ECAcc (ama/8A95)
etag
"0ae1a3f3b1760410c5871cbe71b96712"
vary
Accept-Encoding
x-goog-hash
crc32c=4ku0Sw==, md5=CuGj87F2BBDFhxy+cblnEg==
x-goog-generation
1609962195544260
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300, s-maxage=2592000
x-goog-stored-content-length
1307
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 15 Mar 2021 05:16:31 GMT
hero.jpg
wealth-wave.com/reports/WSC/stealth-attack/assets/img/
208 KB
209 KB
Image
General
Full URL
https://wealth-wave.com/reports/WSC/stealth-attack/assets/img/hero.jpg
Requested by
Host: wealth-wave.com
URL: https://wealth-wave.com/reports/WSC/stealth-attack/event/assets/css/custom.css?v=1613193390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fb0637c2e42082268edecf844c3d6f2b3e85ededafc3607cce76ea15517aed3

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/assets/css/custom.css?v=1613193390
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:31 GMT
cf-cache-status
HIT
age
4237
last-modified
Thu, 19 Nov 2020 21:03:53 GMT
content-length
213221
cf-request-id
083b6ac54a00001f55621d2000000001
cf-bgj
h2pri
server
cloudflare
etag
"5fb6ddb9-340e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-hslug
lamp-prod-web-2
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
620c13e87a251f55-FRA
expires
Sat, 13 Feb 2021 09:16:31 GMT
ZXuke1cDvLCKLDcimxB44_luFgxbuQ.woff2
fonts.gstatic.com/s/patuaone/v11/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/patuaone/v11/ZXuke1cDvLCKLDcimxB44_luFgxbuQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Patua+One
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebcd279982004c92648d0b7385b21ceeba0b2d3659bafe47317bfee7bd6a178b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://wealth-wave.com
Referer
https://fonts.googleapis.com/css2?family=Patua+One
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 18:31:01 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 05:44:27 GMT
server
sffe
age
297930
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12844
x-xss-protection
0
expires
Wed, 09 Feb 2022 18:31:01 GMT
fontawesome-webfont.woff2
wealth-wave.com/reports/assets/fonts/font-awesome/4.7.0/
75 KB
76 KB
Font
General
Full URL
https://wealth-wave.com/reports/assets/fonts/font-awesome/4.7.0/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: wealth-wave.com
URL: https://wealth-wave.com/reports/assets/css/main/1.0.2/main.css?v=1511878093
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin
https://wealth-wave.com
Referer
https://wealth-wave.com/reports/assets/css/main/1.0.2/main.css?v=1511878093
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:31 GMT
cf-cache-status
HIT
age
125
content-length
77160
cf-request-id
083b6ac54c00001f556ca43000000001
last-modified
Mon, 24 Oct 2016 21:33:21 GMT
server
cloudflare
etag
"580e7e21-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-hslug
lamp-prod-web-1
content-type
application/octet-stream
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
620c13e87a291f55-FRA
expires
Sat, 13 Feb 2021 09:16:31 GMT
0QIvMX1D_JOuMwr7I_FMl_E.woff2
fonts.gstatic.com/s/lora/v17/
35 KB
35 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lora/v17/0QIvMX1D_JOuMwr7I_FMl_E.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lora:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d70cd722981668fc5cc2087c373af7a3784c29f9bf39d21aadacf3589c93ec49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://wealth-wave.com
Referer
https://fonts.googleapis.com/css2?family=Lora:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Feb 2021 12:56:37 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 22:32:35 GMT
server
sffe
age
145194
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35364
x-xss-protection
0
expires
Fri, 11 Feb 2022 12:56:37 GMT
0QIhMX1D_JOuMw_LIftLtfOm8w.woff2
fonts.gstatic.com/s/lora/v17/
38 KB
38 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lora/v17/0QIhMX1D_JOuMw_LIftLtfOm8w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lora:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43dc749e34b2855c1d7bca70a37678105a1aaa2fc4d2507214d8d9a108ecd0aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://wealth-wave.com
Referer
https://fonts.googleapis.com/css2?family=Lora:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 01:40:28 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 22:32:44 GMT
server
sffe
age
12963
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38912
x-xss-protection
0
expires
Sun, 13 Feb 2022 01:40:28 GMT
hotjar-914516.js
static.hotjar.com/c/
3 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-914516.js?sv=6
Requested by
Host: wealth-wave.com
URL: https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-113.fra2.r.cloudfront.net
Software
/
Resource Hash
8c1e4e55ce6d151b9ae5e7201995b4fd73fd646bb485ba290d1c65b835404a55
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:15:36 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
55
etag
W/e4491c06f323c93f630f61073133a341
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
FRA2-C2
content-length
1575
via
1.1 d9bf8acc1da383db4531789bbb03ac07.cloudfront.net (CloudFront)
x-amz-cf-id
O9hXZPrn0Fmx3IZy9c1SHn8fZBm2DlewvMi9u_YcjOBX9DtcdHgCcw==
collect
stats.g.doubleclick.net/j/
1 B
67 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-40785925-128&cid=1380216067.1613193391&jid=95362144&gjid=1191872702&_gid=743876182.1613193391&_u=IEBAAUAAAAAAAC~&z=792667611
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 13 Feb 2021 05:16:31 GMT
content-type
text/plain
access-control-allow-origin
https://wealth-wave.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
api.segment.io/v1/
21 B
141 B
XHR
General
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/r78M9WFn2Nc33pHSecXPG6RfLadoQssD/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.89.79.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-89-79-226.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wealth-wave.com
date
Sat, 13 Feb 2021 05:16:31 GMT
content-length
21
vary
Origin
content-type
application/json
player.min.js
fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/
2 MB
429 KB
Script
General
Full URL
https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/loader.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B64) /
Resource Hash
574c857cc94c4865aee3802cce4e2e82be8d869c0e91bfa994f70e5cb150824f

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:31 GMT
content-encoding
gzip
age
639045
x-guploader-uploadid
ABg5-UwNILahkx58gN_Jwcx2WJIsph3H2WheWJPL53QiYrPvpyp2AyrZpZ88AHKStC6Jd-YBONtTDA1UC2jBI4onl0I
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
438929
last-modified
Wed, 06 Jan 2021 19:43:16 GMT
server
ECAcc (ama/8B64)
etag
"9484720f4096e47ba535540fefc42856"
vary
Accept-Encoding
x-goog-hash
crc32c=X8jcJQ==, md5=lIRyD0CW5HulNVQP78QoVg==
x-goog-generation
1609962196049792
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300, s-maxage=2592000
x-goog-stored-content-length
438929
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 15 Mar 2021 05:16:31 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/439890096/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/439890096/?random=1613193391579&cv=9&fst=1613193391579&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg230&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwealth-wave.com%2Freports%2FWSC%2Fstealth-attack%2Fevent%2F%3Fsc%3DEVERF%26ec%3DFWSCAB02%26transaction_id%3Db035c112657242c6bddbd2a7be94bce1&tiba=Wealth%20Megatrends%20-%20Stealth%20Attack%20on%20America%20-%20Event&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba4f925d9c8b93c1d7fe78a60ce3a1cd1ea22176f661c1084497ecef0975bf73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Feb 2021 05:16:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1101
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.47c8b2ab63e7e626e930.js
script.hotjar.com/
224 KB
59 KB
Script
General
Full URL
https://script.hotjar.com/modules.47c8b2ab63e7e626e930.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-914516.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-121.fra2.r.cloudfront.net
Software
/
Resource Hash
e37c5391c6766895508e0c5e48baeff94effd87d0292d02366b65c3d4e24b82a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Feb 2021 13:15:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
230467
x-cache
Hit from cloudfront
content-length
60061
access-control-allow-origin
*
last-modified
Wed, 10 Feb 2021 13:12:16 GMT
etag
"f183ae0127053a1a3e34413e0c039c19"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
Cv4BBpX2JDG9Kn1oWWEiafNqM_LutjTJEASwJIVR5bG-JgVpC7kiUg==
a-04cf.min.js
b-code.liadm.com/
25 KB
10 KB
Script
General
Full URL
https://b-code.liadm.com/a-04cf.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T75JJZV
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:244a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ff4d4f1216eb329c9069b37c326880dab15ce176e45d0260638564af7eb337cd

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:31 GMT
content-encoding
gzip
last-modified
Fri, 12 Feb 2021 14:46:07 GMT
etag
"ab4912d5df5276218690213e8b59db07"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=2619
accept-ranges
bytes
content-length
9832
track.js
cdn.funnelytics.io/
9 KB
3 KB
Script
General
Full URL
https://cdn.funnelytics.io/track.js
Requested by
Host: wealth-wave.com
URL: https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-72.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bda277a4ba0af74a71829d0503828c4f976d0c56187bf9dfb4f7c017d99179d2

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Feb 2021 20:13:05 GMT
content-encoding
gzip
last-modified
Tue, 08 Dec 2020 16:42:53 GMT
server
AmazonS3
age
32607
etag
W/"4ae1baef1263c1a5a4d1b46c51016daa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ab39b007ab81966ada6e7fb1536bf377.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
oSMOzKUCMlldqf_9P_pZCK3JJaIVuJ8UPgh1mEp7Z2TozegRLRBvtQ==
reactunified.bundle.js
a.deadlinefunnel.com/unified/
547 KB
179 KB
Script
General
Full URL
https://a.deadlinefunnel.com/unified/reactunified.bundle.js?userIdHash=eyJpdiI6ImRhSTRHbWF2NUNIdjhKQzZTalNja0E9PSIsInZhbHVlIjoiOXgxS1poK3YzVjNLZ1wvemorV2RxM0E9PSIsIm1hYyI6IjhjMWExNzBlZmJlNzAxNTU5NTgyMzJiOTU0NjcxZTFmMjliOWQ2NDNiZTg2ZGU2ZDMzNTZkOWM3YWIzNTg5ZGMifQ==&pageFromUrl=aHR0cHM6Ly93ZWFsdGgtd2F2ZS5jb20vcmVwb3J0cy9XU0Mvc3RlYWx0aC1hdHRhY2svZXZlbnQvP3NjPUVWRVJGJmVjPUZXU0NBQjAyJnRyYW5zYWN0aW9uX2lkPWIwMzVjMTEyNjU3MjQyYzZiZGRiZDJhN2JlOTRiY2Ux&parentPageFromUrl=
Requested by
Host: wealth-wave.com
URL: https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e59c6c8fccf540cb47e1f13b580831ddb5ffd9d505303aa6e540feae3962430

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:31 GMT
content-encoding
gzip
last-modified
Wed, 10 Feb 2021 12:27:09 GMT
server
AmazonS3
x-amz-request-id
9A49967BCABBF5F7
etag
"feb82ad4ce0c11e3f4f60a27eb7991d6"
x-hw
1613193391.cds008.lo4.hc,1613193391.cds214.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
183045
x-amz-id-2
vo3D9N6ijH+NwVNxja8WngywnbripXEjsvcN1lTd7+oNMwCentDK+LJtgBUfwbUl7ZsxmWeu/ww=
a-05a6.min.js
b-code.liadm.com/
25 KB
10 KB
Script
General
Full URL
https://b-code.liadm.com/a-05a6.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T75JJZV
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:244a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
05477582634f2e29679fbdedab55b1d53a83df6f2837a8e0f531ecea29fe7bc0

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:31 GMT
content-encoding
gzip
last-modified
Fri, 12 Feb 2021 14:48:05 GMT
etag
"a1445e5361f34b134526a29000472d25"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=2619
accept-ranges
bytes
content-length
9832
oribi.js
cdn.oribi.io/Xy0xNDk3MzAzNDg5/
3 B
290 B
Script
General
Full URL
https://cdn.oribi.io/Xy0xNDk3MzAzNDg5/oribi.js
Requested by
Host: wealth-wave.com
URL: https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:d800:13:c079:7880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:15:36 GMT
via
1.1 f358cf5f46d10c349187abd5e20e06cf.cloudfront.net (CloudFront)
age
55
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
cache-control
public, max-age=60
x-amz-cf-pop
FRA56-C1
content-length
3
x-amz-cf-id
gKagLJGtSco_zPIu14XkjO7Qep0oMB8_ncbjiUTM_1DZ4LQTchr_Lg==
x-application-context
application
stat.js
www.clickcease.com/monitor/
68 KB
23 KB
Script
General
Full URL
https://www.clickcease.com/monitor/stat.js
Requested by
Host: wealth-wave.com
URL: https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b327691cfbc4bbfd8b8a7f6ec49d5abfd01e44e8ded46a34330cbffc6f435b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
911564
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
strict-transport-security
max-age=31536000
vary
Accept-Encoding,User-Agent
cf-request-id
083b6ac5fb00001f25499d6000000001
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Feb 2021 16:02:47 GMT
server
cloudflare
x-frame-options
sameorigin
etag
W/"10e99-5ba5c9a00b4e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Lkb5GtaFpgwOweg7aI1cxtIBvFwUL8Z2NNpPvHf8oQ5s1AO%2Bgc%2F5FtyyjxEs4XRqF7kmzS790S3I63qHyLH%2FXRHg5ycC%2B%2FM2eoDiug3G1WnBGMkR1FruJIjSLd3DVZw%3D"}],"max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2678400
access-control-allow-credentials
true
cf-ray
620c13e999321f25-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,C$
expires
Thu, 04 Mar 2021 16:03:46 GMT
fbevents.js
connect.facebook.net/en_US/
91 KB
23 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: wealth-wave.com
URL: https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
rN6nvZQdnbMMkt2RQ+1Xe4zVDvWDqbQ7ebUVUe2jvgB/HCPrG/9xVdisW9f295NwMGSveg6IfsSn+5UPe4ErGA==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Sat, 13 Feb 2021 05:16:31 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/439890096/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/439890096/?random=1613193391579&cv=9&fst=1613192400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg230&sendb=1&frm=0&url=https%3A%2F%2Fwealth-wave.com%2Freports%2FWSC%2Fstealth-attack%2Fevent%2F%3Fsc%3DEVERF%26ec%3DFWSCAB02%26transaction_id%3Db035c112657242c6bddbd2a7be94bce1&tiba=Wealth%20Megatrends%20-%20Stealth%20Attack%20on%20America%20-%20Event&async=1&fmt=3&is_vtc=1&random=2924277307&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: wealth-wave.com
URL: https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Feb 2021 05:16:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/439890096/
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/439890096/?random=1613193391579&cv=9&fst=1613192400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg230&sendb=1&frm=0&url=https%3A%2F%2Fwealth-wave.com%2Freports%2FWSC%2Fstealth-attack%2Fevent%2F%3Fsc%3DEVERF%26ec%3DFWSCAB02%26transaction_id%3Db035c112657242c6bddbd2a7be94bce1&tiba=Wealth%20Megatrends%20-%20Stealth%20Attack%20on%20America%20-%20Event&async=1&fmt=3&is_vtc=1&random=2924277307&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: wealth-wave.com
URL: https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Feb 2021 05:16:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1362898270464553
connect.facebook.net/signals/config/
241 KB
69 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1362898270464553?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
463934824a44600d0f21ac69da4c8156e131da69a043932f80bf6934f4d2d894
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
70606
x-fb-rlafr
0
pragma
public
x-fb-debug
avjJJKiUiHMz2QrLIWYW9EXpISOEYFFiqTR80rjfm/UDcnujD763FVONkbJa/ZeERU5jAFKownhiyQG9N/iVzA==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 13 Feb 2021 05:16:31 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
905075492
expires
Sat, 01 Jan 2000 00:00:00 GMT
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 3633
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-914516.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-120.fra53.r.cloudfront.net
Software
/
Resource Hash
66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1

Response headers

content-type
text/html
content-length
851
date
Thu, 28 Jan 2021 06:33:45 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified
Wed, 27 Jan 2021 16:25:29 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
pVvIl6WwFLQfOi3qyYsAlxrY4CbjcfaBdtgjElMbOxXOZgzupZxLyw==
age
1377766
sessions
track-v2.funnelytics.io/
50 B
259 B
XHR
General
Full URL
https://track-v2.funnelytics.io/sessions
Requested by
Host: cdn.funnelytics.io
URL: https://cdn.funnelytics.io/track.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.97.172.168 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-97-172-168.ca-central-1.compute.amazonaws.com
Software
/
Resource Hash
67dec5889a6db4d3022dec2fc62a93a2654026bc7a5dd56ed86d56974adcf15d

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 13 Feb 2021 05:16:31 GMT
x-amzn-requestid
c0623796-4ea2-4cac-86fa-02bb20ce3388
x-amz-apigw-id
aqwLeF8n4osFjZg=
x-amzn-trace-id
Root=1-602760af-68fb04d9545455c866b201d3;Sampled=0
content-length
50
content-type
application/json
/
www.facebook.com/tr/
44 B
259 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1362898270464553&ev=PageView&dl=https%3A%2F%2Fwealth-wave.com%2Freports%2FWSC%2Fstealth-attack%2Fevent%2F%3Fsc%3DEVERF%26ec%3DFWSCAB02%26transaction_id%3Db035c112657242c6bddbd2a7be94bce1&rl=&if=false&ts=1613193391725&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1613193391723.305235824&it=1613193391640&coo=false&rqm=GET
Requested by
Host: wealth-wave.com
URL: https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 13 Feb 2021 05:16:31 GMT
/
check.deadlinefunnel.com/identify/
0
380 B
Script
General
Full URL
https://check.deadlinefunnel.com/identify/?callback=callDFJsonP&domain=https%3A%2F%2Fdeadlinefunnel.com&clientUrl=https%3A%2F%2Fwealth-wave.com%2Freports%2FWSC%2Fstealth-attack%2Fevent%2F%3Fsc%3DEVERF%26ec%3DFWSCAB02%26transaction_id%3Db035c112657242c6bddbd2a7be94bce1&debug=false&showCountdownNow=0&redisDomain=https%3A%2F%2Fcheck.deadlinefunnel.com&userIdHash=eyJpdiI6ImRhSTRHbWF2NUNIdjhKQzZTalNja0E9PSIsInZhbHVlIjoiOXgxS1poK3YzVjNLZ1wvemorV2RxM0E9PSIsIm1hYyI6IjhjMWExNzBlZmJlNzAxNTU5NTgyMzJiOTU0NjcxZTFmMjliOWQ2NDNiZTg2ZGU2ZDMzNTZkOWM3YWIzNTg5ZGMifQ&pageFromUrl=aHR0cHM6Ly93ZWFsdGgtd2F2ZS5jb20vcmVwb3J0cy9XU0Mvc3RlYWx0aC1hdHRhY2svZXZlbnQvP3NjPUVWRVJGJmVjPUZXU0NBQjAyJnRyYW5zYWN0aW9uX2lkPWIwMzVjMTEyNjU3MjQyYzZiZGRiZDJhN2JlOTRiY2Ux&parentPageFromUrl=&sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1&promocode=undefined
Requested by
Host: a.deadlinefunnel.com
URL: https://a.deadlinefunnel.com/unified/reactunified.bundle.js?userIdHash=eyJpdiI6ImRhSTRHbWF2NUNIdjhKQzZTalNja0E9PSIsInZhbHVlIjoiOXgxS1poK3YzVjNLZ1wvemorV2RxM0E9PSIsIm1hYyI6IjhjMWExNzBlZmJlNzAxNTU5NTgyMzJiOTU0NjcxZTFmMjliOWQ2NDNiZTg2ZGU2ZDMzNTZkOWM3YWIzNTg5ZGMifQ==&pageFromUrl=aHR0cHM6Ly93ZWFsdGgtd2F2ZS5jb20vcmVwb3J0cy9XU0Mvc3RlYWx0aC1hdHRhY2svZXZlbnQvP3NjPUVWRVJGJmVjPUZXU0NBQjAyJnRyYW5zYWN0aW9uX2lkPWIwMzVjMTEyNjU3MjQyYzZiZGRiZDJhN2JlOTRiY2Ux&parentPageFromUrl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.183.128 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-183-128.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:32 GMT
x-powered-by
Express
content-length
0
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?tna=v2.0.1&aid=a-04cf&wpn=lc-bundle&pu=https%3A%2F%2Fwealth-wave.com%2Freports%2FWSC%2Fstealth-attack%2Fevent%2F%3Fsc%3DEVERF%26ec%3DFWSCAB02%26transaction_id%3Db035c11265724...
  • https://rp4.liadm.com/j?tna=v2.0.1&aid=a-04cf&wpn=lc-bundle&pu=https%3A%2F%2Fwealth-wave.com%2Freports%2FWSC%2Fstealth-attack%2Fevent%2F%3Fsc%3DEVERF%26ec%3DFWSCAB02%26transaction_id%3Db035c1126572...
13 B
567 B
XHR
General
Full URL
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-04cf&wpn=lc-bundle&pu=https%3A%2F%2Fwealth-wave.com%2Freports%2FWSC%2Fstealth-attack%2Fevent%2F%3Fsc%3DEVERF%26ec%3DFWSCAB02%26transaction_id%3Db035c112657242c6bddbd2a7be94bce1&duid=f9696ffbe0df--01eycx3bga2j01q9xc9s5z5y12&se=e30&dtstmp=1613193391976&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
Requested by
Host: wealth-wave.com
URL: https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.88.95.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-88-95-40.compute-1.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wealth-wave.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:32 GMT
x-pixel-event-id
500c2456-b1fe-46e0-ab8b-d8f14a398c59
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
request-time
1
vary
Origin
content-length
13
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx/1.16.1
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
5f058ccbb1ee3cc0

Redirect headers

date
Sat, 13 Feb 2021 05:16:32 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx/1.16.1
vary
Origin
location
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-04cf&wpn=lc-bundle&pu=https%3A%2F%2Fwealth-wave.com%2Freports%2FWSC%2Fstealth-attack%2Fevent%2F%3Fsc%3DEVERF%26ec%3DFWSCAB02%26transaction_id%3Db035c112657242c6bddbd2a7be94bce1&duid=f9696ffbe0df--01eycx3bga2j01q9xc9s5z5y12&se=e30&dtstmp=1613193391976&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
x-frame-options
DENY
access-control-allow-origin
https://wealth-wave.com
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
07d883bba21657e3
request-time
0
content-length
0
x-content-type-options
nosniff
licensing
licensing.bitmovin.com/
114 B
174 B
XHR
General
Full URL
https://licensing.bitmovin.com/licensing
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:df23:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
3e92d4e9abdc6ca19769cde3a1e36897aab4fddca37da62252f35c6d1d0d3bfb

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 13 Feb 2021 05:16:32 GMT
via
1.1 google
alt-svc
clear
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length
114
steps
track-v2.funnelytics.io/
47 B
258 B
XHR
General
Full URL
https://track-v2.funnelytics.io/steps
Requested by
Host: cdn.funnelytics.io
URL: https://cdn.funnelytics.io/track.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.97.172.168 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-97-172-168.ca-central-1.compute.amazonaws.com
Software
/
Resource Hash
6cf310683c8ec0acaf870e7056e26bbad73f8306a9b9a19aa501b52029432a9c

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 13 Feb 2021 05:16:32 GMT
x-amzn-requestid
e1b29213-eb35-47e6-83b4-45744d89bb98
x-amz-apigw-id
aqwLhFGM4osFoJg=
x-amzn-trace-id
Root=1-602760b0-6ad0579d62f8cd5212dedcc8;Sampled=0
content-length
47
content-type
application/json
b3ba8e16-0105-47a5-b103-f3a162ee6e8c
track-v2.funnelytics.io/settings/
303 B
514 B
XHR
General
Full URL
https://track-v2.funnelytics.io/settings/b3ba8e16-0105-47a5-b103-f3a162ee6e8c
Requested by
Host: cdn.funnelytics.io
URL: https://cdn.funnelytics.io/track.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.97.172.168 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-97-172-168.ca-central-1.compute.amazonaws.com
Software
/
Resource Hash
790d1486ec008bf3af53b01fdad54f8c783eb272adc81de94620e8527a7e4247

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 13 Feb 2021 05:16:32 GMT
x-amzn-requestid
8c4648fe-f596-4d68-b270-69cd0181de27
x-amz-apigw-id
aqwLhEOd4osFeaw=
x-amzn-trace-id
Root=1-602760b0-3fd8b6e37531fca128c01fec;Sampled=0
content-length
303
content-type
application/json
stream.mpd
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/
2 KB
2 KB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/stream.mpd
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B65) /
Resource Hash
f7f182055ee984fa3fa291da5b1db2e0766e245befb823f5e7589ba6382584f0

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:32 GMT
age
5739785
x-guploader-uploadid
ABg5-UyW9o9gNSXgLu_IJqfXTKxaSyTdGyE2uj2s4ZeNV7De6_bqk6YGHMPzaVMnF_xuVC8RgPg6bwqgdequKas4fFw
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2234
last-modified
Tue, 08 Dec 2020 16:59:24 GMT
server
ECAcc (ama/8B65)
etag
"e2b082eb3893ece30226ebd2654f0ef9"
x-goog-hash
crc32c=OhS/lg==, md5=4rCC6ziT7OMCJuvSZU8O+Q==
content-type
application/dash+xml
access-control-allow-origin
*
x-goog-generation
1607446764711878
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
2234
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:32 GMT
truncated
/
696 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d33b513a2d7bb0566ee81ac58237df61de08808efd8b5a19112f9db12890337e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd6881e28029bc258fede98f58f7bf7ec74acd4242477cd625aa8a4d0a0d459d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://wealth-wave.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Feb 2021 16:25:01 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
391891
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Tue, 08 Feb 2022 16:25:01 GMT
init.mp4
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/
672 B
909 B
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/init.mp4
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B1D) /
Resource Hash
35538ba05d5163c8a9d55ca0f009dc5b022c113ec6ba98f82f6c0e7937e97396

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:32 GMT
age
5739784
x-guploader-uploadid
ABg5-UyjHLQiJvo7v9RyhNA7ohaEFvCrSyVBREsZVt41oskYCh8YkP-tx4aqL_N1fUuCWQXESGPM87Fa7VkAT9XVchM
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
672
last-modified
Tue, 08 Dec 2020 16:52:46 GMT
server
ECAcc (ama/8B1D)
etag
"5786dfac382dca6b151a5185e44a7c44"
x-goog-hash
crc32c=1H1sPQ==, md5=V4bfrDgtymsVGlGF5Ep8RA==
content-type
video/mp4
access-control-allow-origin
*
x-goog-generation
1607446366021009
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
672
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:32 GMT
init.mp4
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/
606 B
838 B
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/init.mp4
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B55) /
Resource Hash
41da0614685935d2b1b97c7751692666dd2cf6d54416ef1da52962a1844319ac

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:32 GMT
age
5739784
x-guploader-uploadid
ABg5-UxqeQnvP_k4ckWv3hsg39rPDfpZelCu5OiSjy3WekfAXNbruO0h-nBOfingRodIXK3g-ORH0wbfM1rXNNNK0ro
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
606
last-modified
Tue, 08 Dec 2020 16:52:40 GMT
server
ECAcc (ama/8B55)
etag
"af3d86596c83ba8ac236796a59f6d6dc"
x-goog-hash
crc32c=SpArIQ==, md5=rz2GWWyDuorCNnlqWfbW3A==
content-type
audio/mp4
access-control-allow-origin
*
x-goog-generation
1607446360340546
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
606
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:32 GMT
s_0.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/
906 KB
907 KB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/s_0.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8A97) /
Resource Hash
56174089814b7bd7ca28a89815511b52e6f7a892f1cb06f2ed2f9d3b95835346

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:32 GMT
age
5739784
x-guploader-uploadid
ABg5-UyT4-AASy6UeG7fJyhg02T5FclxOhrt8VOzUiFU8Rydx4Fq7JylZXMWBFXv7rCH2vSFWOT2Oik4cgmCs8GM2mo
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
928004
last-modified
Tue, 08 Dec 2020 16:52:46 GMT
server
ECAcc (ama/8A97)
etag
"5d1333de16e3b7d9eea157572ff522c4"
x-goog-hash
crc32c=gPBVSg==, md5=XRMz3hbjt9nuoVdXL/UixA==
content-type
video/mp4
access-control-allow-origin
*
x-goog-generation
1607446366210061
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
928004
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:32 GMT
s_0.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/
47 KB
47 KB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/s_0.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B31) /
Resource Hash
b370577a12e16a06e431acbfd1b5ef69288686d5b237f10229387eabf6605d47

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:32 GMT
age
5739784
x-guploader-uploadid
ABg5-Uwqfaoowt5ckk1-nty6qUAIRTj4BQef37iOwzSFgS3flavcm_BXHNgY4f8CHyet4gancNQwNcgXng7bb7fi0uM
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48112
last-modified
Tue, 08 Dec 2020 16:52:40 GMT
server
ECAcc (ama/8B31)
etag
"47dc61906e5ae60b1e166e3eec9dd3de"
x-goog-hash
crc32c=y0tZUQ==, md5=R9xhkG5a5gseFm4+7J3T3g==
content-type
audio/mp4
access-control-allow-origin
*
x-goog-generation
1607446360499742
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
48112
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:32 GMT
s_1.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/
47 KB
47 KB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/s_1.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AC3) /
Resource Hash
533854e0fd758d55ad27df731e9b5be6d6882921117c73e96469f5b559f417d0

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:32 GMT
age
5739784
x-guploader-uploadid
ABg5-UwwRZZQgAGgxuQL3zT1g1QXo9sAsfHkO5a8omMlDwa-SFqMmWAffovQk-XlzvDx6-0Y2bXezBlKABdM_gzRGuA
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47763
last-modified
Tue, 08 Dec 2020 16:52:40 GMT
server
ECAcc (ama/8AC3)
etag
"e7d96f78cefe4233709e74db5564d4d9"
x-goog-hash
crc32c=4kuwJw==, md5=59lveM7+QjNwnnTbVWTU2Q==
content-type
audio/mp4
access-control-allow-origin
*
x-goog-generation
1607446360487541
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
47763
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:32 GMT
impression
licensing.bitmovin.com/
0
41 B
XHR
General
Full URL
https://licensing.bitmovin.com/impression
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:df23:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 13 Feb 2021 05:16:32 GMT
via
1.1 google
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
clear
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
s_1.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/
638 KB
638 KB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/s_1.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B29) /
Resource Hash
70a3b4204142bc9e14c55bbfec954ad58142e2dbbf8281b77209673b23e09fd8

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:32 GMT
age
5739783
x-guploader-uploadid
ABg5-UwW-N35R8n8GIkvwhLOMkF7Hdu668ouF1o72hoPnoB616fBA12Uv-bzCs3DlhF7EHnuPRhWAttow1034DHzBgo
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
653277
last-modified
Tue, 08 Dec 2020 16:52:54 GMT
server
ECAcc (ama/8B29)
etag
"59069a72527adf419098f2e65062de95"
x-goog-hash
crc32c=4jIpWQ==, md5=WQaaclJ630GQmPLmUGLelQ==
content-type
video/mp4
access-control-allow-origin
*
x-goog-generation
1607446374887503
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
653277
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:32 GMT
s_2.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/
46 KB
47 KB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/s_2.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B09) /
Resource Hash
ae740566012f65634eb09aafbb1bf05c67c0572a4659dc62474b4e7ae0a36971

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:32 GMT
age
3559153
x-guploader-uploadid
ABg5-UymnpPEma2DKelbOQPXUbxD2mQaCVxuTlX7oyzocsERtpGda2jFIKedZm4bXOS_mvGcUHqkEYcgP3iCqbWWHK8
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47615
last-modified
Tue, 08 Dec 2020 16:52:40 GMT
server
ECAcc (ama/8B09)
etag
"33b5f65b4aa4cb7c3a22e05ea9492f4c"
x-goog-hash
crc32c=IrKvAA==, md5=M7X2W0qky3w6IuBeqUkvTA==
content-type
audio/mp4
access-control-allow-origin
*
x-goog-generation
1607446360648958
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
47615
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:32 GMT
s_2.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/
1 MB
1 MB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/s_2.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B6E) /
Resource Hash
2ed7f735850d319938f4515c4559b3bc16402821b8e92dabe420189c6fcf0430

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:32 GMT
age
5739783
x-guploader-uploadid
ABg5-UzgMgO8rA0JAnB7XAFho2wVKs06UFyHhOl7Lzq451vfm51Zu7UiQLIho_6EKrj_kaBiUVceLBEkuEwdqjoN-n0
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1075249
last-modified
Tue, 08 Dec 2020 16:53:01 GMT
server
ECAcc (ama/8B6E)
etag
"c12508d7e8cba8b6ffa1cb2f75b4978a"
x-goog-hash
crc32c=M2fWhQ==, md5=wSUI1+jLqLb/ocsvdbSXig==
content-type
video/mp4
access-control-allow-origin
*
x-goog-generation
1607446381303853
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
1075249
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:32 GMT
s_3.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/
46 KB
47 KB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/s_3.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B3E) /
Resource Hash
3165cc805f67b7bc03e144faa708ac90387a191908f43fb8bfe750cf0f51b6b2

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:32 GMT
age
5739782
x-guploader-uploadid
ABg5-Uyt00QdZvSenjnwkJwnEBLNXLdaaF2MsoQdryzJtcylcIyoyQHwQdNxRvGOmrpN7N4xmlCJ5w91MJJEaTo1YMmlwy-zmg
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47594
last-modified
Tue, 08 Dec 2020 16:52:40 GMT
server
ECAcc (ama/8B3E)
etag
"85e20e7738eea2cb1aec8544b732413a"
x-goog-hash
crc32c=iaTi1Q==, md5=heIOdzjuossa7IVEtzJBOg==
content-type
audio/mp4
access-control-allow-origin
*
x-goog-generation
1607446360793352
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
47594
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:32 GMT
s_3.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/
980 KB
980 KB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/s_3.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AFD) /
Resource Hash
e1ba3f771adce34cbe537c6633ba42e4a815a7c9bec2f8e1cbca9e32c6a2529e

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:33 GMT
age
5739783
x-guploader-uploadid
ABg5-UwY3ZLM4mBm2LmZKIgD1z7xInWzPzK_xAFxN0bMdEmyfmN2XvR1w7Eq84h5irDDJ7FWher1_nuSRzxXka5GbSk
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1003700
last-modified
Tue, 08 Dec 2020 16:53:04 GMT
server
ECAcc (ama/8AFD)
etag
"79e16e652b7c721257b3978ee0385d6f"
x-goog-hash
crc32c=/gp1SQ==, md5=eeFuZSt8chJXs5eO4Dhdbw==
content-type
video/mp4
access-control-allow-origin
*
x-goog-generation
1607446384197558
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
1003700
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:33 GMT
s_4.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/
47 KB
47 KB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/s_4.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AD7) /
Resource Hash
3171e09f3dec57ea03a6d7c3ebdf2d997458ad8cee4b4981376de806e19eba8f

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:33 GMT
age
5739783
x-guploader-uploadid
ABg5-Uz1tmb0ZAM4LLi2mfxj6Sk5I1cTFA_Q44FqW-tktICcjQZr8fnxVGskDYZcmsKlrPutk3zxfZM2kZHozg5y9ACZYwqcPw
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47685
last-modified
Tue, 08 Dec 2020 16:52:40 GMT
server
ECAcc (ama/8AD7)
etag
"0d615e5daf72fa069eec36bf654b29b6"
x-goog-hash
crc32c=hzvesQ==, md5=DWFeXa9y+gae7Da/ZUsptg==
content-type
audio/mp4
access-control-allow-origin
*
x-goog-generation
1607446360912108
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
47685
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:33 GMT
s_4.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/
1000 KB
1000 KB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/s_4.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B34) /
Resource Hash
afa9834eb78e02588005611cb10947fca701ae433a814aca402a0834d5dff773

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:33 GMT
age
5739782
x-guploader-uploadid
ABg5-UwCmVImPH9H16r3iLahbT4uZ8zaDAFdkgt52mpHlfM3FPFbtLtTdN1IabIwQ46aEeIiG88fM-MTsrHgfW_RCJ8
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1024264
last-modified
Tue, 08 Dec 2020 16:53:10 GMT
server
ECAcc (ama/8B34)
etag
"cba4217056e60a4fea61f35ce493a6f9"
x-goog-hash
crc32c=Rj8Mqg==, md5=y6QhcFbmCk/qYfNc5JOm+Q==
content-type
video/mp4
access-control-allow-origin
*
x-goog-generation
1607446390560062
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
1024264
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:33 GMT
/
www.facebook.com/tr/
44 B
147 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1362898270464553&ev=Microdata&dl=https%3A%2F%2Fwealth-wave.com%2Freports%2FWSC%2Fstealth-attack%2Fevent%2F%3Fsc%3DEVERF%26ec%3DFWSCAB02%26transaction_id%3Db035c112657242c6bddbd2a7be94bce1&rl=&if=false&ts=1613193393228&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Wealth%20Megatrends%20-%20Stealth%20Attack%20on%20America%20-%20Event%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1613193391723.305235824&it=1613193391640&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:33 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 13 Feb 2021 05:16:33 GMT
s_5.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/
46 KB
47 KB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/s_5.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AAC) /
Resource Hash
65ef38a2cb4a20769376e6f41d0aae0339e7472b82586050c9757a2e453820c3

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:33 GMT
age
5739782
x-guploader-uploadid
ABg5-UzMC2btdWgUfyD0PaV2YaC5p_BfpLiYajNaAsHw2c6_RcsxdN5Z_ezzGa2wHZPcDFyoJUa90Mk5s5dYvS6lhYI
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47494
last-modified
Tue, 08 Dec 2020 16:52:41 GMT
server
ECAcc (ama/8AAC)
etag
"28fb59fcd3ece746fee58f86e6f4d1eb"
x-goog-hash
crc32c=vFwQKw==, md5=KPtZ/NPs50b+5Y+G5vTR6w==
content-type
audio/mp4
access-control-allow-origin
*
x-goog-generation
1607446361063875
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
47494
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:33 GMT
s_5.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/
969 KB
969 KB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/s_5.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AE3) /
Resource Hash
7b0c679c1e4f4e869009b14dc62fa4f5fdc9c6e732a669c0a6b25328dcb527a7

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:33 GMT
age
3559150
x-guploader-uploadid
ABg5-UxAjwSvRJ0j3mlCbPJOtqjjT--ASE3w72tdyYXN8M7_nAPlPk-48TugFkXvAof1SIp5TN1ueK6VbCDcAXvWZmU
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
992090
last-modified
Tue, 08 Dec 2020 16:53:00 GMT
server
ECAcc (ama/8AE3)
etag
"28bb7c9717bac88a4d23b3fe7268b533"
x-goog-hash
crc32c=jrhC5w==, md5=KLt8lxe6yIpNI7P+cmi1Mw==
content-type
video/mp4
access-control-allow-origin
*
x-goog-generation
1607446380941625
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
992090
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:33 GMT
s_6.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/
46 KB
47 KB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/s_6.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AE1) /
Resource Hash
ade7b6f2c0851fdc66b2b85418fd13dbbdd4ccb64c6d94f65498ba0fb5588660

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:33 GMT
age
5739781
x-guploader-uploadid
ABg5-UwTtnSURsJFHHmQ2JTCYi6tzq9p0oKva3cJpHJ219owbHMdZygtkIBDJUKz9_LS5Us27swG95oTxaLDUINV2g
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47570
last-modified
Tue, 08 Dec 2020 16:52:41 GMT
server
ECAcc (ama/8AE1)
etag
"1724ca08703b7da9056298be86b0826a"
x-goog-hash
crc32c=MWlN9w==, md5=FyTKCHA7fakFYpi+hrCCag==
content-type
audio/mp4
access-control-allow-origin
*
x-goog-generation
1607446361243647
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
47570
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:33 GMT
s_6.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/
967 KB
967 KB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/s_6.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B3C) /
Resource Hash
8d78f1aaa7ec0f4662265870901b4bae547df666e3061b4b07c0d6b570646de1

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:33 GMT
age
5739781
x-guploader-uploadid
ABg5-Uw2V-eP5_Rd7pehFxmv-1FYoycBMfioFNAkgq2RivvOyiWmPeR2-KU8FU5Sv5eWQs7PKAfY6AfnZimK-odkV88
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
989986
last-modified
Tue, 08 Dec 2020 16:52:59 GMT
server
ECAcc (ama/8B3C)
etag
"27ce82a4b661851ee761ecddababcf14"
x-goog-hash
crc32c=sKjkDg==, md5=J86CpLZhhR7nYezdq6vPFA==
content-type
video/mp4
access-control-allow-origin
*
x-goog-generation
1607446379783171
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
989986
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:33 GMT
s_7.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/
47 KB
47 KB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/s_7.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B08) /
Resource Hash
d3c14c1ff8b64536c24b4114b8738c96eb2ef4b77b4494444ced707d8661ca1c

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:33 GMT
age
5739781
x-guploader-uploadid
ABg5-Uxicl7wG5TaEACVNvJOHMkoxiZwLtBMk8jlpJolItf9w8Z-oa6H4-EJFlmpWd_fOvf5t-cKKchsOyWcxpf8iSmMb6sGYA
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
last-modified
Tue, 08 Dec 2020 16:52:41 GMT
server
ECAcc (ama/8B08)
etag
"f14fd959fa03725f9bb9d3b5670b8129"
x-goog-hash
crc32c=PmwLkQ==, md5=8U/ZWfoDcl+budO1ZwuBKQ==
content-type
audio/mp4
access-control-allow-origin
*
x-goog-generation
1607446361435479
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
47725
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:33 GMT
s_7.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/
977 KB
978 KB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/s_7.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B3A) /
Resource Hash
90cddafb9a23b3fad0bd329dccd2b8c18bb40a5045cb209101689ee7ba3b63d9

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:33 GMT
age
5739780
x-guploader-uploadid
ABg5-UwouLwsmgB4JLtuqKXds8XIeQqbhXPjviaZGiFHVRpSFlRqKb2YeDUZHfCEQ4IpLDlmrg1nxHploenTzNFSbO4hEjKnuw
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1000753
last-modified
Tue, 08 Dec 2020 16:53:03 GMT
server
ECAcc (ama/8B3A)
etag
"f11ec64589fe4968080e6c178f89b626"
x-goog-hash
crc32c=zoxL9Q==, md5=8R7GRYn+SWgIDmwXj4m2Jg==
content-type
video/mp4
access-control-allow-origin
*
x-goog-generation
1607446383278744
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
1000753
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:33 GMT
s_8.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/
46 KB
47 KB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/s_8.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B6B) /
Resource Hash
7d0d9765a91bbee55f090e7dcc29d738dcdf9f3309fe8c7a1648773fef3e6c2a

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:33 GMT
age
5739780
x-guploader-uploadid
ABg5-UyEVPOgRTmiZvPQ5SPY7LtOMcOK75oTwLr1B7cxBNNShyJS2qzOweckVC2lbxpVg9v7Lyw7Depnt64V2h1LaQg
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47407
last-modified
Tue, 08 Dec 2020 16:52:41 GMT
server
ECAcc (ama/8B6B)
etag
"a244a3ebebe84e2d2872f9fbd8b04a48"
x-goog-hash
crc32c=d51B8Q==, md5=okSj6+voTi0ocvn72LBKSA==
content-type
audio/mp4
access-control-allow-origin
*
x-goog-generation
1607446361660048
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
47407
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:33 GMT
s_8.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/
966 KB
966 KB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/s_8.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8A8A) /
Resource Hash
d264dee695f310c2cd0870b637cdf5c4c73879e078c85cb2d34851e77766bfa0

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:33 GMT
age
5739780
x-guploader-uploadid
ABg5-UzMsJLfD1BcB4-KOeDGByejnRyOIFJGo4WOeRT1_b6TCr56d3P2uOB8qZfimeejG3lHMnD86eRZt6I4Vt9y658
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
989298
last-modified
Tue, 08 Dec 2020 16:52:58 GMT
server
ECAcc (ama/8A8A)
etag
"600c114de92baf608c383d0461e3fc99"
x-goog-hash
crc32c=Oes4rA==, md5=YAwRTekrr2CMOD0EYeP8mQ==
content-type
video/mp4
access-control-allow-origin
*
x-goog-generation
1607446378211983
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
989298
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:33 GMT
s_9.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/
47 KB
47 KB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/s_9.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8A9C) /
Resource Hash
f8406504376aed8c23fdc31e3c46d53a9f08b6bf94b8a5e416be57f94f6690e2

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:33 GMT
age
5739780
x-guploader-uploadid
ABg5-UyoBXkKf1OVvQKXyLvKN7pdMl6HsDao7amFQzI7P9HGmp82Jdp4HuHgghCtozz2aSo7_THnrPeAjNfUC7TmQnU
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47720
last-modified
Tue, 08 Dec 2020 16:52:41 GMT
server
ECAcc (ama/8A9C)
etag
"da9da127fa8314e37e233151beed9d4a"
x-goog-hash
crc32c=SNUwlg==, md5=2p2hJ/qDFON+IzFRvu2dSg==
content-type
audio/mp4
access-control-allow-origin
*
x-goog-generation
1607446361897420
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
47720
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:33 GMT
s_9.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/
1001 KB
1002 KB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/s_9.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B32) /
Resource Hash
cb4b46ea4a93ae3b38f54fba7672fcb31941e55277a069652fabc83acd6109db

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:33 GMT
age
5739779
x-guploader-uploadid
ABg5-Uzfu0OFaO30DsWCe9zAAWeL3P-M9z4dpBVf7U7pWwHqHj1HhKWn2t72KHd70jqROZPNYaT164ixiUlmQVEqsnvVj0678Q
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1025347
last-modified
Tue, 08 Dec 2020 16:52:58 GMT
server
ECAcc (ama/8B32)
etag
"6782db8587a24a3ac978d117c52cd456"
x-goog-hash
crc32c=gGsKVg==, md5=Z4LbhYeiSjrJeNEXxSzUVg==
content-type
video/mp4
access-control-allow-origin
*
x-goog-generation
1607446378763188
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
1025347
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:33 GMT
s_10.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/
46 KB
47 KB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/s_10.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B43) /
Resource Hash
3b939b10c0a248b557a8424d8815ececd4cb1bb2d56bf95c5f77036ac130dc1b

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:34 GMT
age
5739780
x-guploader-uploadid
ABg5-Ux4zMW9fRS92zLpTMy1xfGsmfnNVRNrCb0zCzb66sUHbzQyg0d8vJCLwWanlpbrCsGmT7GqSKLqPVkIbFK9dDQ
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47482
last-modified
Tue, 08 Dec 2020 16:52:42 GMT
server
ECAcc (ama/8B43)
etag
"d4ac4e2c4d516e99671873aa62ab20ed"
x-goog-hash
crc32c=6K8pTw==, md5=1KxOLE1RbplnGHOqYqsg7Q==
content-type
audio/mp4
access-control-allow-origin
*
x-goog-generation
1607446362118921
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
47482
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:34 GMT
s_10.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/
976 KB
976 KB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/s_10.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AC4) /
Resource Hash
1671f1d7d80c8103d3abce87805025b43ee08b65d9b80275762fad21767c16fb

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:34 GMT
age
5739780
x-guploader-uploadid
ABg5-UwXbSqJssqBeXW4VbhFnz16_gB8m5sXNMONtkLHstOcYaz57zMyN2QoDHuh6_GowcdBNGMRD7kBQUjVha6tK8U
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
999014
last-modified
Tue, 08 Dec 2020 16:52:59 GMT
server
ECAcc (ama/8AC4)
etag
"f2a353dae1f5da6469a3c05a558bd7f8"
x-goog-hash
crc32c=9tnvPw==, md5=8qNT2uH12mRpo8BaVYvX+A==
content-type
video/mp4
access-control-allow-origin
*
x-goog-generation
1607446379039696
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
999014
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:34 GMT
s_11.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/
47 KB
47 KB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/s_11.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8ADE) /
Resource Hash
5f47125a57c84a3b93cc44cc5c4d95bf43bd6efa87ef482637413b233406d6f2

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:37 GMT
age
3559149
x-guploader-uploadid
ABg5-Uw4GWSyJMOaN-pAjkmAW_nL_bctcCbf717gSGT7FdPFl8pksDhfyDa2klZnR9643uhhFPg5NO-sp6EiBUvaJPU
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47708
last-modified
Tue, 08 Dec 2020 16:52:42 GMT
server
ECAcc (ama/8ADE)
etag
"82db61092ccb892b3ccc0095af0e1684"
x-goog-hash
crc32c=0yeVaA==, md5=gtthCSzLiSs8zACVrw4WhA==
content-type
audio/mp4
access-control-allow-origin
*
x-goog-generation
1607446362298143
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
47708
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:37 GMT
s_11.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/
737 KB
738 KB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/s_11.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AA3) /
Resource Hash
9e8aaa18f875937f4cb10717feac0725378a488615cc72f996692c93276517dc

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:37 GMT
age
5739782
x-guploader-uploadid
ABg5-Uwc9tk6kqc99FRuz__3Ttwy-CpE1yjsg3K2ZAzmnnB042dFJCk2hm1UgEioG3pPBAskLAtLJGCejJFpsdTsk5k
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
755137
last-modified
Tue, 08 Dec 2020 16:52:54 GMT
server
ECAcc (ama/8AA3)
etag
"854df025722cc9ed67c3c1f36005da17"
x-goog-hash
crc32c=W6Vn2A==, md5=hU3wJXIsye1nw8HzYAXaFw==
content-type
video/mp4
access-control-allow-origin
*
x-goog-generation
1607446374778968
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
755137
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:37 GMT
s_12.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/
46 KB
47 KB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/s_12.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B6B) /
Resource Hash
306bde7703b03e782ce91d73937539065f54451ee91a5bfc6fa82e98c53f0c1b

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:40 GMT
age
5739784
x-guploader-uploadid
ABg5-UzKjLSkzHfiw6rKh6qCUT_2qUgS5ukp1acWNR9fC7Y_-xoLeBUJMPycpBiH7RQQisKAstD83FxDdRfzt897EQc
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47451
last-modified
Tue, 08 Dec 2020 16:52:42 GMT
server
ECAcc (ama/8B6B)
etag
"e5a8ded8405abcb0276f3f330343510d"
x-goog-hash
crc32c=1ZMXpQ==, md5=5aje2EBavLAnbz8zA0NRDQ==
content-type
audio/mp4
access-control-allow-origin
*
x-goog-generation
1607446362452432
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
47451
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:40 GMT
s_12.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/
253 KB
254 KB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/s_12.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8ACE) /
Resource Hash
fa359979d81e8d4a4624fbd683a5504300c4d840d0e55b55732d7d3d077c4ebc

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:40 GMT
age
3559151
x-guploader-uploadid
ABg5-UxGVrP5XLuxcKbDh5WdJY2dY4WFg5AzyV59AkSx3c5GkEfZdfANdOt84i2pjSaCOMsgqvu6LSi-8fPE6R1AwVE
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
259429
last-modified
Tue, 08 Dec 2020 16:52:58 GMT
server
ECAcc (ama/8ACE)
etag
"a6df6482108a42df265f990547f55582"
x-goog-hash
crc32c=ZNMamA==, md5=pt9kghCKQt8mX5kFR/VVgg==
content-type
video/mp4
access-control-allow-origin
*
x-goog-generation
1607446378555087
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
259429
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:40 GMT
s_13.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/
47 KB
47 KB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/s_13.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AC6) /
Resource Hash
55df9e664c8e0d3daa3f28ce500375a85a84bc2926bced0f4a787c18d4fa169d

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:45 GMT
age
5739784
x-guploader-uploadid
ABg5-Uz8Vk41zBweaS2YEWVDMEL6JOKu9srYKZZidhi-7ssB_Rf5QLbAj9VYx3K5nUBsZ8BafJpBKBEarO1pdWbZH81_orqRUA
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47660
last-modified
Tue, 08 Dec 2020 16:52:42 GMT
server
ECAcc (ama/8AC6)
etag
"3ac6561eb767ff3d1db70c7200f9b91b"
x-goog-hash
crc32c=lMFwdA==, md5=OsZWHrdn/z0dtwxyAPm5Gw==
content-type
audio/mp4
access-control-allow-origin
*
x-goog-generation
1607446362588875
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
47660
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:45 GMT
s_13.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/
250 KB
251 KB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/s_13.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AD6) /
Resource Hash
9ab1b56d6621ed961c7445528d5bbe62bd3fdd4ee390297d0b494f0bdb7ca0a4

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:45 GMT
age
5739784
x-guploader-uploadid
ABg5-UzZlgWbiZibOfPYcWpUVte5RtiM34P2c4Kjljb8UhL5t-r9gz_l3-eg4HfupYtS7Ig3GXcPSwpQ3Q9hwdNwZdcHkRTNTw
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
256290
last-modified
Tue, 08 Dec 2020 16:52:53 GMT
server
ECAcc (ama/8AD6)
etag
"7b833e02aebf95828d4bfc380e2959a4"
x-goog-hash
crc32c=t78wMA==, md5=e4M+Aq6/lYKNS/w4DilZpA==
content-type
video/mp4
access-control-allow-origin
*
x-goog-generation
1607446373347887
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
256290
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:45 GMT
s_14.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/
46 KB
47 KB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/s_14.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B58) /
Resource Hash
8c5e3a80e1a155a398c5dad85d8cff3d75c6f329a3178ffa7c227f6b916c3c6a

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:48 GMT
age
3559152
x-guploader-uploadid
ABg5-UyizWFpmS2N61JpH9C7fKUAwEWpdScqD8EZKYK268gUfzO_E3OYYEMtNoI97A6b0Vvimf3OrXT3v6VE7mqO-M8
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47408
last-modified
Tue, 08 Dec 2020 16:52:42 GMT
server
ECAcc (ama/8B58)
etag
"1d2651b4f52d75d9f681bc5af393f8b7"
x-goog-hash
crc32c=jOzpSg==, md5=HSZRtPUtddn2gbxa85P4tw==
content-type
audio/mp4
access-control-allow-origin
*
x-goog-generation
1607446362736798
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
47408
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:48 GMT
s_14.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/
240 KB
240 KB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/s_14.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8ACA) /
Resource Hash
88ce3eb773f34bb5eba4943527b71af4365607d6ba2ec8c39f63ff5421108144

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:49 GMT
age
5739520
x-guploader-uploadid
ABg5-UxboZABVDhRuSBBiKy9yHHsMrJN7ELlFmrJJ5n3AtOCM57TEYsqONVrguYyd_n4sTk-lpePXF6XRHpZMD6JYpc0W1xvDw
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245523
last-modified
Tue, 08 Dec 2020 16:52:53 GMT
server
ECAcc (ama/8ACA)
etag
"8e3e049712691ee9a2c5cf8522e04718"
x-goog-hash
crc32c=ACXTOA==, md5=jj4ElxJpHumixc+FIuBHGA==
content-type
video/mp4
access-control-allow-origin
*
x-goog-generation
1607446373407709
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
245523
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:49 GMT
s_15.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/
47 KB
47 KB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/audio/h264_96000/s_15.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B22) /
Resource Hash
1c495b20e7a572936c406e0ad52bbf4c2ca25b77a67ff3491aebed7d4d1cb6c7

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:53 GMT
age
5739523
x-guploader-uploadid
ABg5-UxbaJDfyhXkH-7NdATSaoShW6hGOQfySMCIQftXqXWcYyyaKGxglRTsl6gnJxrlHQ7MTCVH_zTE_OyaR7YY8Bw
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47939
last-modified
Tue, 08 Dec 2020 16:52:42 GMT
server
ECAcc (ama/8B22)
etag
"27a09a571d5b7ad88f65cadaed4844d1"
x-goog-hash
crc32c=B3hnEg==, md5=J6CaVx1betiPZcra7UhE0Q==
content-type
audio/mp4
access-control-allow-origin
*
x-goog-generation
1607446362892870
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
47939
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:53 GMT
s_15.m4s
fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/
1 MB
1 MB
XHR
General
Full URL
https://fast.vidalytics.com/video/n3R37kPn/g4zpLrcJDyXO4sOr/26893/20995/fmp4/video/1280x720_h264_2000000/s_15.m4s
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/n3R37kPn/0sxpXnjBoZTOpwvN/player.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8A8B) /
Resource Hash
04270893ad7a0135f84a05f8e42d7af861b33420ac78edb5145680f1bd6591df

Request headers

Referer
https://wealth-wave.com/reports/WSC/stealth-attack/event/?sc=EVERF&ec=FWSCAB02&transaction_id=b035c112657242c6bddbd2a7be94bce1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 05:16:53 GMT
age
3559153
x-guploader-uploadid
ABg5-UxqGmMaKKleSUFeC3uV8YD8cAWpG6a0uneokp-T_lcpB_4ZEgYPLzimIv04pF49s2UXHSF79PT2C51-5Re1DTQ
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1380294
last-modified
Tue, 08 Dec 2020 16:53:00 GMT
server
ECAcc (ama/8A8B)
etag
"6bd576028364bd8a5957d03765768b5f"
x-goog-hash
crc32c=Xo7Apg==, md5=a9V2AoNkvYpZV9A3ZXaLXw==
content-type
video/mp4
access-control-allow-origin
*
x-goog-generation
1607446380637443
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31104000
x-goog-stored-content-length
1380294
accept-ranges
bytes
expires
Tue, 08 Feb 2022 05:16:53 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
a.weissinc.com
URL
https://a.weissinc.com/sme?t=lp&v=01&dv=WRL&pd=WSC&ccode=&em=&sc=EVERF&ec=FWSCAB02

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| analytics object| dataLayer object| convert_temp undefined| loglyjson object| convertData function| $ function| jQuery object| matched function| REED_$ object| REED object| convert object| _conv_q object| _gaq function| ga object| _kmq string| secure object| mixpanel function| hj function| gtag object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin function| normalize function| postscribe object| gaplugins object| gaGlobal object| gaData object| Vidalytics object| VidalyticsL object| _vidalytics string| EMBED_CODE_ID string| EMBED_CODE_RETURNING_KEY number| TIME_TO_SHOW_THINGS_forCue1 string| HIDDEN_CONTENT_ID_forCue1 function| checkVideoTime_forCue1 function| showHiddenItem_forCue1 object| vidalyticsPlayerAPI function| initializePlayerAPI function| getPlayer function| onPlayerAPIAvailableCallback object| _hjSettings function| ouibounce object| _pageOptions function| UAParser object| _parms function| isTranscriptPage function| _getSite function| _getChannel function| _viewedPage function| _playerEvent function| _trackCTA function| _segmentPhpControls function| _playerBeat function| _playerUnload function| _signedUp function| _eventReg function| _phpAnalyticsTrack function| _analyticsPage function| _analyticsTrack function| scriptLoader string| _host string| _queryString string| _urlPath object| _channels object| parser object| _hmt object| _czc object| emosGlobalProperties object| _paq object| _wt1Q boolean| scrollbar string| _site object| userId string| anonymousId boolean| _signedUpEvent boolean| _eventRegEvent object| MunchkinTracker function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled function| SendUrlToDeadlineFunnel string| url string| parentUrlValue string| parentUrl object| ORIBI object| script string| target object| elem function| fbq function| _fbq object| LI object| __li__evt_bus object| liQ object| regeneratorRuntime object| ccConsole boolean| ccinstalled object| funnelytics object| cookies function| webpackJsonpbitmovin_player__name_ object| bitmovin object| webpackJsonpDf object| core function| setImmediate function| clearImmediate boolean| _babelPolyfill number| floatingBarMinimizedHeight number| floatingBarMaximizedHeight object| dfAppConfig boolean| inlineCountdownLoaded boolean| floatingBarLoaded boolean| isTeachable boolean| fullWidth object| dfPages function| callDFJsonP function| processJson function| dfProcessPeopleJson function| afterDeadline

16 Cookies

Domain/Path Name / Value
.wealth-wave.com/ Name: _hjFirstSeen
Value: 1
.wealth-wave.com/ Name: _lc2_fpi
Value: f9696ffbe0df--01eycx3bga2j01q9xc9s5z5y12
.wealth-wave.com/ Name: _fs
Value: c4398d7b-56e4-482e-9604-61421c27acf6
.wealth-wave.com/ Name: _gid
Value: GA1.2.743876182.1613193391
.wealth-wave.com/ Name: _ga
Value: GA1.2.1380216067.1613193391
.wealth-wave.com/ Name: _gcl_au
Value: 1.1.1287520922.1613193391
.wealth-wave.com/ Name: _gat_gtag_UA_40785925_128
Value: 1
.wealth-wave.com/ Name: ajs_anonymous_id
Value: %2283ce714e-e612-4f2c-9a0c-e339c87a597e%22
.wealth-wave.com/ Name: _conv_v
Value: vi%3A1*sc%3A1*cs%3A1613193391*fs%3A1613193391*pv%3A1
wealth-wave.com/ Name: SEGMENT_ID
Value: 1613193390-518913936%40anonymous.weissinc.com
.wealth-wave.com/ Name: _hjid
Value: 79ff54cc-5255-4860-b944-067931784d36
.wealth-wave.com/ Name: _conv_s
Value: si%3A1*sh%3A1613193391149-0.5817023711711675*pv%3A1
.wealth-wave.com/ Name: _fbp
Value: fb.1.1613193391723.305235824
.wealth-wave.com/ Name: _li_dcdm_c
Value: .wealth-wave.com
wealth-wave.com/ Name: __cflb
Value: 02DiuFRfDtCZNo13WaNWkbrzXbnKmgu9svtzcFe5iKG4U
.wealth-wave.com/ Name: __cfduid
Value: de515ca32749416b2e9f4da9153fd8a951613193390

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.deadlinefunnel.com
a.weissinc.com
api.segment.io
b-code.liadm.com
cdn-3.convertexperiments.com
cdn.funnelytics.io
cdn.oribi.io
cdn.segment.com
check.deadlinefunnel.com
connect.facebook.net
fast.vidalytics.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
licensing.bitmovin.com
links.8020prosperity.co
munchkin.marketo.net
rp.liadm.com
rp4.liadm.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
tap.8020research.com
track-v2.funnelytics.io
vars.hotjar.com
verifiedsecure.org
wealth-wave.com
www.clickcease.com
www.clkmr.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.wls92trk.com
a.weissinc.com
13.224.193.121
13.225.80.113
142.250.186.130
143.204.209.120
143.204.209.72
143.204.99.83
151.139.128.11
192.229.220.49
23.36.235.171
2600:1901:0:df23::
2600:1f18:730:b150:e012:d004:2b3d:e4f0
2600:9000:206f:d800:13:c079:7880:93a1
2606:4700:20::681a:c3b
2606:4700:20::ac43:4bf8
2606:4700:3034::6815:3a4c
2606:4700::6811:3129
2a00:1450:4001:800::2008
2a00:1450:4001:800::200e
2a00:1450:4001:809::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::2003
2a00:1450:4001:829::200a
2a00:1450:400c:c00::9a
2a02:26f0:7100::687e:244a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.88.95.40
3.97.172.168
34.120.5.10
34.234.183.128
50.23.66.138
52.206.166.46
52.89.79.226
88.221.60.75
04270893ad7a0135f84a05f8e42d7af861b33420ac78edb5145680f1bd6591df
05477582634f2e29679fbdedab55b1d53a83df6f2837a8e0f531ecea29fe7bc0
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1671f1d7d80c8103d3abce87805025b43ee08b65d9b80275762fad21767c16fb
1c495b20e7a572936c406e0ad52bbf4c2ca25b77a67ff3491aebed7d4d1cb6c7
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ed7f735850d319938f4515c4559b3bc16402821b8e92dabe420189c6fcf0430
306bde7703b03e782ce91d73937539065f54451ee91a5bfc6fa82e98c53f0c1b
3165cc805f67b7bc03e144faa708ac90387a191908f43fb8bfe750cf0f51b6b2
3171e09f3dec57ea03a6d7c3ebdf2d997458ad8cee4b4981376de806e19eba8f
35538ba05d5163c8a9d55ca0f009dc5b022c113ec6ba98f82f6c0e7937e97396
3b939b10c0a248b557a8424d8815ececd4cb1bb2d56bf95c5f77036ac130dc1b
3dffc22e349582586e3275260bc906efa518814cf83b4b56832c958fe1faf88f
3e59c6c8fccf540cb47e1f13b580831ddb5ffd9d505303aa6e540feae3962430
3e92d4e9abdc6ca19769cde3a1e36897aab4fddca37da62252f35c6d1d0d3bfb
3fb0637c2e42082268edecf844c3d6f2b3e85ededafc3607cce76ea15517aed3
400c5ad281dc936a80818ccd24a0769f3e896d947ed1dc1f9ce6f5ca6e799bfa
41da0614685935d2b1b97c7751692666dd2cf6d54416ef1da52962a1844319ac
43dc749e34b2855c1d7bca70a37678105a1aaa2fc4d2507214d8d9a108ecd0aa
43e56a4c786c842f2a064ae55ed4a3462376b48a64fa6c7240fc243cbd2d2c4e
4472c736b87e95aee996c2be4846075a277c7ff8e26d97bb5037b523208303aa
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
463934824a44600d0f21ac69da4c8156e131da69a043932f80bf6934f4d2d894
4acf4fc977bff8255335721d932c10bef55073aba3e94f4dd090664ef7215de6
533854e0fd758d55ad27df731e9b5be6d6882921117c73e96469f5b559f417d0
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
55df9e664c8e0d3daa3f28ce500375a85a84bc2926bced0f4a787c18d4fa169d
56174089814b7bd7ca28a89815511b52e6f7a892f1cb06f2ed2f9d3b95835346
574c857cc94c4865aee3802cce4e2e82be8d869c0e91bfa994f70e5cb150824f
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
5f47125a57c84a3b93cc44cc5c4d95bf43bd6efa87ef482637413b233406d6f2
65ef38a2cb4a20769376e6f41d0aae0339e7472b82586050c9757a2e453820c3
66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39
67ddcda1e70229458c5601c069e781057dc00235fc0a5ab99767ecd8136c6396
67dec5889a6db4d3022dec2fc62a93a2654026bc7a5dd56ed86d56974adcf15d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cf310683c8ec0acaf870e7056e26bbad73f8306a9b9a19aa501b52029432a9c
70a3b4204142bc9e14c55bbfec954ad58142e2dbbf8281b77209673b23e09fd8
787e5a258fb5cc645ae0349d82829f9582ee4eb1eb4fa43a7233fdc0e0beeb91
790d1486ec008bf3af53b01fdad54f8c783eb272adc81de94620e8527a7e4247
7a136bc8c30fe7edbdd9ae87fc4b370bf92fe50521bee079789ef99854248183
7b0c679c1e4f4e869009b14dc62fa4f5fdc9c6e732a669c0a6b25328dcb527a7
7d0d9765a91bbee55f090e7dcc29d738dcdf9f3309fe8c7a1648773fef3e6c2a
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88ce3eb773f34bb5eba4943527b71af4365607d6ba2ec8c39f63ff5421108144
8b327691cfbc4bbfd8b8a7f6ec49d5abfd01e44e8ded46a34330cbffc6f435b5
8c1e4e55ce6d151b9ae5e7201995b4fd73fd646bb485ba290d1c65b835404a55
8c5e3a80e1a155a398c5dad85d8cff3d75c6f329a3178ffa7c227f6b916c3c6a
8d78f1aaa7ec0f4662265870901b4bae547df666e3061b4b07c0d6b570646de1
90cddafb9a23b3fad0bd329dccd2b8c18bb40a5045cb209101689ee7ba3b63d9
9ab1b56d6621ed961c7445528d5bbe62bd3fdd4ee390297d0b494f0bdb7ca0a4
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9e8aaa18f875937f4cb10717feac0725378a488615cc72f996692c93276517dc
a0e3acc116dabea8a32c2e00c073c937d32bd67314ecbb35b2a328788b15598f
ade7b6f2c0851fdc66b2b85418fd13dbbdd4ccb64c6d94f65498ba0fb5588660
ae740566012f65634eb09aafbb1bf05c67c0572a4659dc62474b4e7ae0a36971
afa9834eb78e02588005611cb10947fca701ae433a814aca402a0834d5dff773
b370577a12e16a06e431acbfd1b5ef69288686d5b237f10229387eabf6605d47
b39eab8d7bf6c2f600c4a84e1e2dfc7e6e9c6159f2aa2ec32ebc659021740955
b74c3b8c5f786bcc4aa29f55ca0b178a0e2b5fcc6da3057a121bececc1b572ea
ba4f925d9c8b93c1d7fe78a60ce3a1cd1ea22176f661c1084497ecef0975bf73
bda277a4ba0af74a71829d0503828c4f976d0c56187bf9dfb4f7c017d99179d2
c17dad696db6523141200694c415e788f1933f3f16a53ac709710a6bf65562fa
c2b976592e5c7de21b39535d220f2710f61c922228d513c387778f340bfa3869
c70c76846a8e9bf632e225948393882141c6ddb3ebab4ce1be1aa5deda981de3
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb4b46ea4a93ae3b38f54fba7672fcb31941e55277a069652fabc83acd6109db
cd6881e28029bc258fede98f58f7bf7ec74acd4242477cd625aa8a4d0a0d459d
d264dee695f310c2cd0870b637cdf5c4c73879e078c85cb2d34851e77766bfa0
d28347070f9244b33fff98996f13c5d4addd34c92abf7b175022279162a37b17
d33b513a2d7bb0566ee81ac58237df61de08808efd8b5a19112f9db12890337e
d3c14c1ff8b64536c24b4114b8738c96eb2ef4b77b4494444ced707d8661ca1c
d70cd722981668fc5cc2087c373af7a3784c29f9bf39d21aadacf3589c93ec49
ddcdb67d7d2bac5512e5c13e8adfd4b85d7707f5072966ffaf9124806f6e5208
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1ba3f771adce34cbe537c6633ba42e4a815a7c9bec2f8e1cbca9e32c6a2529e
e37c5391c6766895508e0c5e48baeff94effd87d0292d02366b65c3d4e24b82a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e411de9ad8bd1aeb08432c19179af1a22b62d3be12b5e76232a71445afb39c03
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ebcd279982004c92648d0b7385b21ceeba0b2d3659bafe47317bfee7bd6a178b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f7f182055ee984fa3fa291da5b1db2e0766e245befb823f5e7589ba6382584f0
f8406504376aed8c23fdc31e3c46d53a9f08b6bf94b8a5e416be57f94f6690e2
fa359979d81e8d4a4624fbd683a5504300c4d840d0e55b55732d7d3d077c4ebc
ff4d4f1216eb329c9069b37c326880dab15ce176e45d0260638564af7eb337cd