Loading ...

Play interactive tourEdit tour

Windows Analysis Report https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS

Overview

General Information

Sample URL:https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS
Analysis ID:496632
Infos:

Most interesting Screenshot:

Detection

Score:56
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 4496 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS' MD5: C139654B5C1438A95B321BB01AD63EF6)
    • chrome.exe (PID: 2880 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1568,10413176972612372754,17733355027513486838,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1700 /prefetch:8 MD5: C139654B5C1438A95B321BB01AD63EF6)
    • chrome.exe (PID: 6520 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1568,10413176972612372754,17733355027513486838,131072 --lang=en-US --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=5448 /prefetch:8 MD5: C139654B5C1438A95B321BB01AD63EF6)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Jbx Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

barindex
Antivirus / Scanner detection for submitted sampleShow sources
Source: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFASSlashNext: detection malicious, Label: Fake Login Page type: Phishing & Social Engineering
Antivirus detection for URL or domainShow sources
Source: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALSlashNext: Label: Fake Login Page type: Phishing & Social Engineering
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdicJump to behavior
Source: unknownHTTPS traffic detected: 142.250.181.243:443 -> 192.168.2.5:49822 version: TLS 1.2
Source: unknownDNS traffic detected: queries for: clients2.google.com
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49926 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49932 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49875 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49878 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49859
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49858
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49857
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49856
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49855
Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49854
Source: unknownNetwork traffic detected: HTTP traffic on port 49866 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49858 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49855 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49848
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49847
Source: unknownNetwork traffic detected: HTTP traffic on port 49886 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49845
Source: unknownNetwork traffic detected: HTTP traffic on port 49869 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49844
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49843
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49842
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49840
Source: unknownNetwork traffic detected: HTTP traffic on port 49844 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49873 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49831 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49836
Source: unknownNetwork traffic detected: HTTP traffic on port 49921 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49833
Source: unknownNetwork traffic detected: HTTP traffic on port 49887 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49832
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49831
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49830
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
Source: unknownNetwork traffic detected: HTTP traffic on port 49927 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
Source: unknownNetwork traffic detected: HTTP traffic on port 49822 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
Source: unknownNetwork traffic detected: HTTP traffic on port 49870 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49856 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49895 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49884 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49822
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 49842 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
Source: unknownNetwork traffic detected: HTTP traffic on port 49922 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
Source: unknownNetwork traffic detected: HTTP traffic on port 49859 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49836 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49871 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49833 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49810 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49845 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49936
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49868 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49812
Source: unknownNetwork traffic detected: HTTP traffic on port 49885 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49932
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49810
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49895
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49919 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49936 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49876 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49809
Source: unknownNetwork traffic detected: HTTP traffic on port 49830 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49927
Source: unknownNetwork traffic detected: HTTP traffic on port 49848 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49926
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49802
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49923
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49922
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49921
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49887
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49920
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49886
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49885
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49884
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49840 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49880
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49857 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49877 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49854 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49914 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49908 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49919
Source: unknownNetwork traffic detected: HTTP traffic on port 49809 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49914
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49878
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49877
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49876
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49875
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49874
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49873
Source: unknownNetwork traffic detected: HTTP traffic on port 49923 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49872
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49843 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49871
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49870
Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49874 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49880 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49832 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49908
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49920 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 49846 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49903
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49869
Source: unknownNetwork traffic detected: HTTP traffic on port 49903 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49868
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49867
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49866
Source: global trafficHTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmieda,pkedcjkdefgpdelpbcmbmeomcjbeemfmX-Goog-Update-Updater: chromecrx-85.0.4183.121Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /player/-MlBAbCDFlZF2wdRtFAS HTTP/1.1Host: www.beautiful.aiConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITAL HTTP/1.1Host: www.beautiful.aiConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /js/platform.js HTTP/1.1Host: apis.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /3.22.1/raven.min.js HTTP/1.1Host: cdn.ravenjs.comConnection: keep-aliveOrigin: https://www.beautiful.aiUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /gtm.js?id=GTM-58F6WMG HTTP/1.1Host: www.googletagmanager.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /libs/amplitude-4.2.1-min.gz.js HTTP/1.1Host: cdn.amplitude.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /analytics.js HTTP/1.1Host: www.google-analytics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ajax/libs/snowplow/2.12.0/sp.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /3981149012.js HTTP/1.1Host: container.pepperjam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /onsite/js/klaviyo.js?company_id=K6p8VK HTTP/1.1Host: static.klaviyo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /pagead/viewthroughconversion/821974632/?random=1633401052560&cv=9&fst=1633401052560&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=-420&u_java=false&u_nplug=1&u_nmime=2&gtm=2wg9r0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.beautiful.ai%2Fplayer%2F-MlBAbCDFlZF2wdRtFAS%2FPACIFICA-CAPITAL&tiba=PACIFICA%20CAPITAL&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /pagead/1p-user-list/821974632/?random=1633401052560&cv=9&fst=1633399200000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=-420&u_java=false&u_nplug=1&u_nmime=2&gtm=2wg9r0&sendb=1&frm=0&url=https%3A%2F%2Fwww.beautiful.ai%2Fplayer%2F-MlBAbCDFlZF2wdRtFAS%2FPACIFICA-CAPITAL&tiba=PACIFICA%20CAPITAL&async=1&fmt=3&is_vtc=1&random=412510621&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=tBDbGsitcF8FJuo8MRvm5KeUFlIr2UkqMeIPelXAIB5FcHmrTZFzgeAXMe8BKIIboX_E_pWoGaghLK7A1xk1gpC_ZO17buBwpJ5bSWBsPApfxp-INbaUGRghKe_X2OrleW9l39Ocp_oIgt7hNeZz5XtIMm1inb-OGU3-IcozioY
Source: global trafficHTTP traffic detected: GET /pagead/1p-user-list/821974632/?random=1633401052560&cv=9&fst=1633399200000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_his=1&u_tz=-420&u_java=false&u_nplug=1&u_nmime=2&gtm=2wg9r0&sendb=1&frm=0&url=https%3A%2F%2Fwww.beautiful.ai%2Fplayer%2F-MlBAbCDFlZF2wdRtFAS%2FPACIFICA-CAPITAL&tiba=PACIFICA%20CAPITAL&async=1&fmt=3&is_vtc=1&random=412510621&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1Host: www.google.co.ukConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /v1/socket/websocket?vsn=2.0.0 HTTP/1.1Host: api.appcues.netConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Upgrade: websocketOrigin: https://www.beautiful.aiSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: lkWDMtKV+c+UFXiHNa18Pg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global trafficHTTP traffic detected: GET /onsite/js/fender_analytics.4eb90b7eb77269e0eabe.js HTTP/1.1Host: static.klaviyo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /onsite/js/sharedUtils.16d936f15fdc35eb7f71.js HTTP/1.1Host: static.klaviyo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /onsite/js/static.c4d2f19c4ccf5eadd61e.js HTTP/1.1Host: static.klaviyo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /onsite/js/sentry.957bb8d322d8fad44127.js HTTP/1.1Host: static.klaviyo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /onsite/js/vendors~signup_forms~signup_forms_new.1f7c0a0a0d55a9be1252.js HTTP/1.1Host: static.klaviyo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /onsite/js/signup_forms~signup_forms_new.deeb9788d5e666b8675b.js HTTP/1.1Host: static.klaviyo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /onsite/js/signup_forms_new.f7eee781a32f9b6b2707.js HTTP/1.1Host: static.klaviyo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /v1/socket/websocket?vsn=2.0.0 HTTP/1.1Host: api.appcues.netConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Upgrade: websocketOrigin: https://www.beautiful.aiSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: pLeQzRoAAH50Sn6Z9mc54Q==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global trafficHTTP traffic detected: GET /custom-fonts/api/v1/company-fonts/onsite?company_id=K6p8VK HTTP/1.1Host: fast.a.klaviyo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Origin: https://www.beautiful.aiSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /.ws?v=5 HTTP/1.1Host: beautifulslides.firebaseio.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Upgrade: websocketOrigin: https://www.beautiful.aiSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: JwuQQC74h+EP0q4Ar5jvoA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global trafficHTTP traffic detected: GET /forms/api/v5/K6p8VK/full-forms HTTP/1.1Host: static-forms.klaviyo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Origin: https://www.beautiful.aiSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /collect?v=2&fmt=js&pid=1567932&time=1633401053789&url=https%3A%2F%2Fwww.beautiful.ai%2Fplayer%2F-MlBAbCDFlZF2wdRtFAS%2FPACIFICA-CAPITAL HTTP/1.1Host: px.ads.linkedin.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /player-context/-MlBAbCDFlZF2wdRtFAS?fallback=false HTTP/1.1Host: www.beautiful.aiConnection: keep-aliveAccept: application/jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gcl_au=1.1.1657141619.1633401052; _ga=GA1.2.536481822.1633401053; _gid=GA1.2.113522302.1633401053; amplitude_id_ed02298983bba719fc6d04ba57538584beautiful.ai=eyJkZXZpY2VJZCI6Ijk0MDYwNzM5LWZiNTItNDI5My04OTlmLWY2NWY2YjI1ZjVkYVIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTYzMzQwMTA1MzAxMiwibGFzdEV2ZW50VGltZSI6MTYzMzQwMTA1MzAxNSwiZXZlbnRJZCI6MSwiaWRlbnRpZnlJZCI6MCwic2VxdWVuY2VOdW1iZXIiOjF9; _uetsid=42f06ba0258411ec82d041ec686b1eb8; _uetvid=42f0a310258411eca05c5f91238a0787; _sp_id.8277=39d49ba2-6487-4e78-8f3b-30135ba16938.1633401053.1.1633401053.1633401053.0b5afacb-9d7b-4f98-81be-e40ff44e229b; _sp_ses.8277=*; _gat_UA-101168380-1=1; logged-in=false; G_ENABLED_IDPS=google; __kla_id=eyIkcmVmZXJyZXIiOnsidHMiOjE2MzM0MDEwNTQsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vd3d3LmJlYXV0aWZ1bC5haS9wbGF5ZXIvLU1sQkFiQ0RGbFpGMndkUnRGQVMvUEFDSUZJQ0EtQ0FQSVRBTCJ9LCIkbGFzdF9yZWZlcnJlciI6eyJ0cyI6MTYzMzQwMTA1NCwidmFsdWUiOiIiLCJmaXJzdF9wYWdlIjoiaHR0cHM6Ly93d3cuYmVhdXRpZnVsLmFpL3BsYXllci8tTWxCQWJDREZsWkYyd2RSdEZBUy9QQUNJRklDQS1DQVBJVEFMIn19
Source: global trafficHTTP traffic detected: GET /v1/socket/websocket?vsn=2.0.0 HTTP/1.1Host: api.appcues.netConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Upgrade: websocketOrigin: https://www.beautiful.aiSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: Pm2HRs1+X4L316Aco6NwDQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global trafficHTTP traffic detected: GET /collect?v=2&fmt=js&pid=1567932&time=1633401053789&url=https%3A%2F%2Fwww.beautiful.ai%2Fplayer%2F-MlBAbCDFlZF2wdRtFAS%2FPACIFICA-CAPITAL&cookiesTest=true HTTP/1.1Host: px.ads.linkedin.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: li_sugr=36186d4a-bdc0-462a-88f5-5db2f28fb98e; lang=v=2&lang=en-us; bcookie="v=2&9a81c894-135f-4a41-85af-2be5e797c92b"; lidc="b=VGST04:s=V:r=V:a=V:p=V:g=2472:u=1:x=1:i=1633368655:t=1633455055:v=2:sig=AQGwY4gcp1TeBOp2zQprFjf0HX9Urmqv"
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.beautiful.ai
Source: global trafficHTTP traffic detected: GET /v1/socket/websocket?vsn=2.0.0 HTTP/1.1Host: api.appcues.netConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Upgrade: websocketOrigin: https://www.beautiful.aiSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: p7vjtOp1FLSp3ShA5drHuQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global trafficHTTP traffic detected: GET /collect?v=2&fmt=js&pid=1567932&time=1633401053789&url=https%3A%2F%2Fwww.beautiful.ai%2Fplayer%2F-MlBAbCDFlZF2wdRtFAS%2FPACIFICA-CAPITAL&cookiesTest=true&liSync=true HTTP/1.1Host: px.ads.linkedin.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: li_sugr=36186d4a-bdc0-462a-88f5-5db2f28fb98e; lang=v=2&lang=en-us; bcookie="v=2&9a81c894-135f-4a41-85af-2be5e797c92b"; lidc="b=VGST04:s=V:r=V:a=V:p=V:g=2472:u=1:x=1:i=1633368655:t=1633455055:v=2:sig=AQGwY4gcp1TeBOp2zQprFjf0HX9Urmqv"; UserMatchHistory=AQIVbGizKPupkgAAAXxMW8oME5-khdDSq_qZ8xAtircyElwRcbRrO3O8u_I_GGBTBa_ykQ6TCKvQtg; AnalyticsSyncHistory=AQKBGvF8v5EuRAAAAXxMW8oMlv10egzPqvZaxQY1wVvS2YAmHc5UPt7TQ-CDhzYBLxTw_XV4wrCslTyXNcUt1g; lang=v=2&lang=en-us
Source: global trafficHTTP traffic detected: GET /d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=36186d4a-bdc0-462a-88f5-5db2f28fb98e HTTP/1.1Host: p.adsymptotic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /v1/socket/websocket?vsn=2.0.0 HTTP/1.1Host: api.appcues.netConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Upgrade: websocketOrigin: https://www.beautiful.aiSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: q5pH4EqxYpplSiJi4IH1hQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.beautiful.aiConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gcl_au=1.1.1657141619.1633401052; _ga=GA1.2.536481822.1633401053; _gid=GA1.2.113522302.1633401053; amplitude_id_ed02298983bba719fc6d04ba57538584beautiful.ai=eyJkZXZpY2VJZCI6Ijk0MDYwNzM5LWZiNTItNDI5My04OTlmLWY2NWY2YjI1ZjVkYVIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTYzMzQwMTA1MzAxMiwibGFzdEV2ZW50VGltZSI6MTYzMzQwMTA1MzAxNSwiZXZlbnRJZCI6MSwiaWRlbnRpZnlJZCI6MCwic2VxdWVuY2VOdW1iZXIiOjF9; _uetsid=42f06ba0258411ec82d041ec686b1eb8; _uetvid=42f0a310258411eca05c5f91238a0787; _sp_id.8277=39d49ba2-6487-4e78-8f3b-30135ba16938.1633401053.1.1633401053.1633401053.0b5afacb-9d7b-4f98-81be-e40ff44e229b; _sp_ses.8277=*; _gat_UA-101168380-1=1; logged-in=false; G_ENABLED_IDPS=google; __kla_id=eyIkcmVmZXJyZXIiOnsidHMiOjE2MzM0MDEwNTQsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vd3d3LmJlYXV0aWZ1bC5haS9wbGF5ZXIvLU1sQkFiQ0RGbFpGMndkUnRGQVMvUEFDSUZJQ0EtQ0FQSVRBTCJ9LCIkbGFzdF9yZWZlcnJlciI6eyJ0cyI6MTYzMzQwMTA1NCwidmFsdWUiOiIiLCJmaXJzdF9wYWdlIjoiaHR0cHM6Ly93d3cuYmVhdXRpZnVsLmFpL3BsYXllci8tTWxCQWJDREZsWkYyd2RSdEZBUy9QQUNJRklDQS1DQVBJVEFMIn19
Source: global trafficHTTP traffic detected: GET /.lp?start=t&ser=44712203&cb=1&v=5&p=1:696419881849:web:fd3511efc0acebec8955a8 HTTP/1.1Host: beautifulslides.firebaseio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /.lp?dframe=t&id=507201&pw=Tw92B6Kd2P&ns=beautifulslides HTTP/1.1Host: s-usc1c-nss-320.firebaseio.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /.lp?id=507201&pw=Tw92B6Kd2P&ser=8818682&ns=beautifulslides HTTP/1.1Host: s-usc1c-nss-320.firebaseio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /.lp?id=507201&pw=Tw92B6Kd2P&ser=8818683&ns=beautifulslides&seg0=0&ts0=1&d0=eyJ0IjoiZCIsImQiOnsiciI6MSwiYSI6InMiLCJiIjp7ImMiOnsic2RrLmpzLjgtNi03IjoxfX19fQ.. HTTP/1.1Host: s-usc1c-nss-320.firebaseio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /.ws?v=5&s=aekSgfPnoHD8DB65JfcOHhMBvjOh0rqt&ns=beautifulslides HTTP/1.1Host: s-usc1c-nss-320.firebaseio.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Upgrade: websocketOrigin: https://www.beautiful.aiSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: JWvIrJnLZ+JmiqtnerRjqw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global trafficHTTP traffic detected: GET /v1/socket/websocket?vsn=2.0.0 HTTP/1.1Host: api.appcues.netConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Upgrade: websocketOrigin: https://www.beautiful.aiSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: a/Eha9RB6w9Jcci5u5j2HQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global trafficHTTP traffic detected: GET /.lp?id=507201&pw=Tw92B6Kd2P&ser=8818684&ns=beautifulslides&seg0=1&ts0=1&d0=eyJ0IjoiZCIsImQiOnsiciI6MiwiYSI6InEiLCJiIjp7InAiOiIvcHJlc2VudGF0aW9ucy8tTWxCQU5IMTBNaTExYklIYm95ZiIsImgiOiIifX19 HTTP/1.1Host: s-usc1c-nss-320.firebaseio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /.lp?id=507201&pw=Tw92B6Kd2P&ser=8818685&ns=beautifulslides HTTP/1.1Host: s-usc1c-nss-320.firebaseio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /v1/socket/websocket?vsn=2.0.0 HTTP/1.1Host: api.appcues.netConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Upgrade: websocketOrigin: https://www.beautiful.aiSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: +Ui4FE4ecB276nWbo6O7RA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global trafficHTTP traffic detected: GET /.lp?id=507201&pw=Tw92B6Kd2P&ser=8818686&ns=beautifulslides HTTP/1.1Host: s-usc1c-nss-320.firebaseio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /.lp?id=507201&pw=Tw92B6Kd2P&ser=8818687&ns=beautifulslides&seg0=2&ts0=1&d0=eyJ0IjoiZCIsImQiOnsiciI6MywiYSI6InEiLCJiIjp7InAiOiIvc2xpZGVzLy1NbEJBTkhqTFZJUzh1MGNySFVRL3ByZXNlbnRhdGlvbklkIiwiaCI6IiJ9fX0. HTTP/1.1Host: s-usc1c-nss-320.firebaseio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /v1/socket/websocket?vsn=2.0.0 HTTP/1.1Host: api.appcues.netConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Upgrade: websocketOrigin: https://www.beautiful.aiSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: QBIV4YMkBNWUcYA/7K2GrQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global trafficHTTP traffic detected: GET /.lp?id=507201&pw=Tw92B6Kd2P&ser=8818688&ns=beautifulslides&seg0=3&ts0=1&d0=eyJ0IjoiZCIsImQiOnsiciI6NCwiYSI6InEiLCJiIjp7InAiOiIvc2xpZGVzLy1NbEJBTkhqTFZJUzh1MGNySFVRL3RodW1ibmFpbHMiLCJoIjoiIn19fQ..&seg1=4&ts1=1&d1=eyJ0IjoiZCIsImQiOnsiciI6NSwiYSI6InEiLCJiIjp7InAiOiIvc2xpZGVzLy1NbEJBTkhqTFZJUzh1MGNySFVRL2NyZWF0ZWRBdCIsImgiOiIifX19&seg2=5&ts2=1&d2=eyJ0IjoiZCIsImQiOnsiciI6NiwiYSI6InEiLCJiIjp7InAiOiIvc2xpZGVzLy1NbEJBTkhqTFZJUzh1MGNySFVRL21vZGlmaWVkQXQiLCJoIjoiIn19fQ..&seg3=6&ts3=1&d3=eyJ0IjoiZCIsImQiOnsiciI6NywiYSI6InEiLCJiIjp7InAiOiIvc2xpZGVzLy1NbEJBTkhqTFZJUzh1MGNySFVRL3NsaWRlTm90ZXMiLCJoIjoiIn19fQ..&seg4=7&ts4=1&d4=eyJ0IjoiZCIsImQiOnsiciI6OCwiYSI6InEiLCJiIjp7InAiOiIvc2xpZGVzLy1NbEJBTkhqTFZJUzh1MGNySFVRL2lzU2tpcHBlZCIsImgiOiIifX19&seg5=8&ts5=1&d5=eyJ0IjoiZCIsImQiOnsiciI6OSwiYSI6InEiLCJiIjp7InAiOiIvc2xpZGVzLy1NbEJBTkhqTFZJUzh1MGNySFVRL2xpYnJhcnlJdGVtSWQiLCJoIjoiIn19fQ..&seg6=9&ts6=1&d6=eyJ0IjoiZCIsImQiOnsiciI6MTAsImEiOiJxIiwiYiI6eyJwIjoiL3NsaWRlcy8tTWxCQU5IakxWSVM4dTBjckhVUS9pc0dhbGxlcnlTbGlkZSIsImgiOiIifX19&seg7=10&ts7=1&d7=eyJ0IjoiZCIsImQiOnsiciI6MTEsImEiOiJxIiwiYiI6eyJwIjoiL3NsaWRlcy8tTWxCQU5IakxWSVM4dTBjckhVUS9hc3NpZ25lZFVzZXIiLCJoIjoiIn19fQ..&seg8=11&ts8=1&d8=eyJ0IjoiZCIsImQiOnsiciI6MTIsImEiOiJxIiwiYiI6eyJwIjoiL3NsaWRlcy8tTWxCQU5IakxWSVM4dTBjckhVUS9hc3NpZ25lZFBlbmRpbmdVc2VyIiwiaCI6IiJ9fX0.&seg9=12&ts9=1&d9=eyJ0IjoiZCIsImQiOnsiciI6MTMsImEiOiJxIiwiYiI6eyJwIjoiL3NsaWRlcy8tTWxCQU5IakxWSVM4dTBjckhVUS9wZW5kaW5nVXNlckFzc2lnbmVkQnkiLCJoIjoiIn19fQ..&seg10=13&ts10=1&d10=eyJ0IjoiZCIsImQiOnsiciI6MTQsImEiOiJxIiwiYiI6eyJwIjoiL3NsaWRlcy8tTWxCQU5IakxWSVM4dTBjckhVUS9zbmFwIiwiaCI6IiJ9fX0. HTTP/1.1Host: s-usc1c-nss-320.firebaseio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /.lp?id=507201&pw=Tw92B6Kd2P&ser=8818689&ns=beautifulslides HTTP/1.1Host: s-usc1c-nss-320.firebaseio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /.lp?id=507201&pw=Tw92B6Kd2P&ser=8818690&ns=beautifulslides&seg0=14&ts0=1&d0=eyJ0IjoiZCIsImQiOnsiciI6MTUsImEiOiJuIiwiYiI6eyJwIjoiL3NsaWRlcy8tTWxCQU5IakxWSVM4dTBjckhVUS9zbmFwIn19fQ.. HTTP/1.1Host: s-usc1c-nss-320.firebaseio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /.lp?id=507201&pw=Tw92B6Kd2P&ser=8818691&ns=beautifulslides&seg0=15&ts0=1&d0=eyJ0IjoiZCIsImQiOnsiciI6MTYsImEiOiJxIiwiYiI6eyJwIjoiL3NsaWRlcy8tTWxCQU5IakxWSVM4dTBjckhVUS9jbWRzIiwicSI6eyJzcCI6IjAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMCIsImkiOiIua2V5In0sInQiOjEsImgiOiIifX19 HTTP/1.1Host: s-usc1c-nss-320.firebaseio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /.lp?id=507201&pw=Tw92B6Kd2P&ser=8818692&ns=beautifulslides HTTP/1.1Host: s-usc1c-nss-320.firebaseio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /v1/socket/websocket?vsn=2.0.0 HTTP/1.1Host: api.appcues.netConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Upgrade: websocketOrigin: https://www.beautiful.aiSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: hMzaWAfamcf31iuOTYlkGA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global trafficHTTP traffic detected: GET /.lp?id=507201&pw=Tw92B6Kd2P&ser=8818693&ns=beautifulslides&seg0=16&ts0=1&d0=eyJ0IjoiZCIsImQiOnsiciI6MTcsImEiOiJxIiwiYiI6eyJwIjoiL3NsaWRlcy8tTWxCQU5IakxWSVM4dTBjckhVUS9zbmFwIiwiaCI6IiJ9fX0. HTTP/1.1Host: s-usc1c-nss-320.firebaseio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /.lp?start=t&ser=88871775&cb=2&v=5&p=1:696419881849:web:fd3511efc0acebec8955a8 HTTP/1.1Host: beautifulslides-2.firebaseio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /.lp?id=507201&pw=Tw92B6Kd2P&ser=8818694&ns=beautifulslides HTTP/1.1Host: s-usc1c-nss-320.firebaseio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /.ws?v=5&s=XpU2nnk4LeigHcH7wRLCCm01eeXRtFpU&ns=beautifulslides-2 HTTP/1.1Host: s-usc1c-nss-373.firebaseio.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Upgrade: websocketOrigin: https://www.beautiful.aiSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: LrvtuVIS13qj5rIk+00pag==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global trafficHTTP traffic detected: GET /.lp?dframe=t&id=4718479&pw=hSTsjiXcqq&ns=beautifulslides-2 HTTP/1.1Host: s-usc1c-nss-373.firebaseio.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /.lp?id=4718479&pw=hSTsjiXcqq&ser=66872842&ns=beautifulslides-2 HTTP/1.1Host: s-usc1c-nss-373.firebaseio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /.lp?id=4718479&pw=hSTsjiXcqq&ser=66872843&ns=beautifulslides-2&seg0=0&ts0=1&d0=eyJ0IjoiZCIsImQiOnsiciI6MSwiYSI6InMiLCJiIjp7ImMiOnsic2RrLmpzLjgtNi03IjoxfX19fQ.. HTTP/1.1Host: s-usc1c-nss-373.firebaseio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /.lp?id=507201&pw=Tw92B6Kd2P&ser=8818695&ns=beautifulslides HTTP/1.1Host: s-usc1c-nss-320.firebaseio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /.lp?id=4718479&pw=hSTsjiXcqq&ser=66872844&ns=beautifulslides-2&seg0=1&ts0=1&d0=eyJ0IjoiZCIsImQiOnsiciI6MiwiYSI6InEiLCJiIjp7InAiOiIvYXNzZXRzL2NiYTAzNWE0NmZhYTFkYjgwNGRiOWQ2MTJjZWM2NzVlZWRmYWFiMWY3Y2FkYzVmM2FjNmZhOTVlY2UwNDljY2YtSSIsImgiOiIifX19 HTTP/1.1Host: s-usc1c-nss-373.firebaseio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /.lp?id=4718479&pw=hSTsjiXcqq&ser=66872845&ns=beautifulslides-2&seg0=2&ts0=1&d0=eyJ0IjoiZCIsImQiOnsiciI6MywiYSI6Im4iLCJiIjp7InAiOiIvYXNzZXRzL2NiYTAzNWE0NmZhYTFkYjgwNGRiOWQ2MTJjZWM2NzVlZWRmYWFiMWY3Y2FkYzVmM2FjNmZhOTVlY2UwNDljY2YtSSJ9fX0. HTTP/1.1Host: s-usc1c-nss-373.firebaseio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /.lp?id=4718479&pw=hSTsjiXcqq&ser=66872846&ns=beautifulslides-2&seg0=3&ts0=1&d0=eyJ0IjoiZCIsImQiOnsiciI6NCwiYSI6InEiLCJiIjp7InAiOiIvYXNzZXRzL2NiYTAzNWE0NmZhYTFkYjgwNGRiOWQ2MTJjZWM2NzVlZWRmYWFiMWY3Y2FkYzVmM2FjNmZhOTVlY2UwNDljY2YtSSIsImgiOiIifX19 HTTP/1.1Host: s-usc1c-nss-373.firebaseio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /api/assets/cba035a46faa1db804db9d612cec675eedfaab1f7cadc5f3ac6fa95ece049ccf-I HTTP/1.1Host: www.beautiful.aiConnection: keep-aliveAccept: application/jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Content-Type: application/jsonSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gcl_au=1.1.1657141619.1633401052; _ga=GA1.2.536481822.1633401053; _gid=GA1.2.113522302.1633401053; amplitude_id_ed02298983bba719fc6d04ba57538584beautiful.ai=eyJkZXZpY2VJZCI6Ijk0MDYwNzM5LWZiNTItNDI5My04OTlmLWY2NWY2YjI1ZjVkYVIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTYzMzQwMTA1MzAxMiwibGFzdEV2ZW50VGltZSI6MTYzMzQwMTA1MzAxNSwiZXZlbnRJZCI6MSwiaWRlbnRpZnlJZCI6MCwic2VxdWVuY2VOdW1iZXIiOjF9; _uetsid=42f06ba0258411ec82d041ec686b1eb8; _uetvid=42f0a310258411eca05c5f91238a0787; _sp_id.8277=39d49ba2-6487-4e78-8f3b-30135ba16938.1633401053.1.1633401053.1633401053.0b5afacb-9d7b-4f98-81be-e40ff44e229b; _sp_ses.8277=*; _gat_UA-101168380-1=1; logged-in=false; G_ENABLED_IDPS=google; __kla_id=eyIkcmVmZXJyZXIiOnsidHMiOjE2MzM0MDEwNTQsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vd3d3LmJlYXV0aWZ1bC5haS9wbGF5ZXIvLU1sQkFiQ0RGbFpGMndkUnRGQVMvUEFDSUZJQ0EtQ0FQSVRBTCJ9LCIkbGFzdF9yZWZlcnJlciI6eyJ0cyI6MTYzMzQwMTA1NCwidmFsdWUiOiIiLCJmaXJzdF9wYWdlIjoiaHR0cHM6Ly93d3cuYmVhdXRpZnVsLmFpL3BsYXllci8tTWxCQWJDREZsWkYyd2RSdEZBUy9QQUNJRklDQS1DQVBJVEFMIn19
Source: global trafficHTTP traffic detected: GET /.lp?id=4718479&pw=hSTsjiXcqq&ser=66872847&ns=beautifulslides-2 HTTP/1.1Host: s-usc1c-nss-373.firebaseio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /v1/socket/websocket?vsn=2.0.0 HTTP/1.1Host: api.appcues.netConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Upgrade: websocketOrigin: https://www.beautiful.aiSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: m/hj7a09ihh4CBwIHmIDtA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global trafficHTTP traffic detected: GET /.lp?id=4718479&pw=hSTsjiXcqq&ser=66872848&ns=beautifulslides-2 HTTP/1.1Host: s-usc1c-nss-373.firebaseio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1Host: fonts.gstatic.comConnection: keep-aliveOrigin: https://www.beautiful.aiUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600?display=swapAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /s/materialicons/v107/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1Host: fonts.gstatic.comConnection: keep-aliveOrigin: https://www.beautiful.aiUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.googleapis.com/icon?family=Material+IconsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 HTTP/1.1Host: fonts.gstatic.comConnection: keep-aliveOrigin: https://www.beautiful.aiUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600?display=swapAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /v1/socket/websocket?vsn=2.0.0 HTTP/1.1Host: api.appcues.netConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Upgrade: websocketOrigin: https://www.beautiful.aiSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: cgP1S+B3EkCENXmwqZ+R5g==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global trafficHTTP traffic detected: GET /v1/socket/websocket?vsn=2.0.0 HTTP/1.1Host: api.appcues.netConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Upgrade: websocketOrigin: https://www.beautiful.aiSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: j/kE/VHyEe13KPi/8X89bg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global trafficHTTP traffic detected: GET /crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /v1/socket/websocket?vsn=2.0.0 HTTP/1.1Host: api.appcues.netConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Upgrade: websocketOrigin: https://www.beautiful.aiSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: cwr3tbQByG1bGF4CFv2gXA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global trafficHTTP traffic detected: GET /.lp?id=507201&pw=Tw92B6Kd2P&ser=8818696&ns=beautifulslides HTTP/1.1Host: s-usc1c-nss-320.firebaseio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /.lp?id=4718479&pw=hSTsjiXcqq&ser=66872849&ns=beautifulslides-2 HTTP/1.1Host: s-usc1c-nss-373.firebaseio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /v1/socket/websocket?vsn=2.0.0 HTTP/1.1Host: api.appcues.netConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Upgrade: websocketOrigin: https://www.beautiful.aiSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: K7ZLfaaocpRmcF/pat6hDA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global trafficHTTP traffic detected: GET /v1/socket/websocket?vsn=2.0.0 HTTP/1.1Host: api.appcues.netConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Upgrade: websocketOrigin: https://www.beautiful.aiSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: SUK1Ue7uWul4baZp9YpdvQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global trafficHTTP traffic detected: GET /v1/socket/websocket?vsn=2.0.0 HTTP/1.1Host: api.appcues.netConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Upgrade: websocketOrigin: https://www.beautiful.aiSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: viM5iNP3ZpxVViHSPz+kdg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global trafficHTTP traffic detected: GET /.lp?id=507201&pw=Tw92B6Kd2P&ser=8818697&ns=beautifulslides HTTP/1.1Host: s-usc1c-nss-320.firebaseio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /.lp?id=4718479&pw=hSTsjiXcqq&ser=66872850&ns=beautifulslides-2 HTTP/1.1Host: s-usc1c-nss-373.firebaseio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /v1/socket/websocket?vsn=2.0.0 HTTP/1.1Host: api.appcues.netConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Upgrade: websocketOrigin: https://www.beautiful.aiSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: qib3rElGaYPPACp7mifPGA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: Cookies.1.drString found in binary or memory: .www.linkedin.combscookie/ equals www.linkedin.com (Linkedin)
Source: Cookies.1.drString found in binary or memory: .www.linkedin.combscookie//e equals www.linkedin.com (Linkedin)
Source: Reporting and NEL.1.drString found in binary or memory: https://a.nel.cloudflare.com/report/v3?s=mBmlv04ePpapfK%2FwbuykLaXSYbvqyaYxAcQgXv9bON2uL%2FRe2RC%2Bm
Source: 000003.log4.0.drString found in binary or memory: https://accounts.google.com
Source: a091979c5da720e6_0.0.dr, 000003.log0.0.drString found in binary or memory: https://accounts.google.com/
Source: Current Session.0.drString found in binary or memory: https://accounts.google.com/o/oauth2/iframe#origin=https%3A%2F%2Fwww.beautiful.ai&rpcToken=754846925
Source: a9c823d4cf41b984_0.0.drString found in binary or memory: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1H72S1T0U322RQPOKVG&lib=ttq
Source: 079cd64deb058e8c_0.0.drString found in binary or memory: https://analytics.tiktok.com/i18n/pixel/identify.js
Source: manifest.json0.0.dr, 6999e9ac-ffde-4bf1-a90c-0fb949702cb8.tmp.1.drString found in binary or memory: https://apis.google.com
Source: c16b472ba3a017d8_0.0.drString found in binary or memory: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.2lM46t9-YIo.O/m=auth2/rt=j/sv=1/d=1/e
Source: 503557e38cd62ec0_0.0.drString found in binary or memory: https://apis.google.com/js/platform.js
Source: 0db9fe4412f9ad6e_0.0.dr, 4bfa04e376709f0e_0.0.dr, ae9be8ce1bee9d57_0.0.dr, c070c7bd1716fa67_0.0.drString found in binary or memory: https://beautiful.ai/
Source: 4e12cc37e8033ff8_0.0.drString found in binary or memory: https://beautiful.ai/%
Source: a5ed4581ff62e77d_0.0.drString found in binary or memory: https://beautiful.ai/&
Source: ad172686c73ad2ef_0.0.drString found in binary or memory: https://beautiful.ai/1X
Source: 523f60e824b15bf2_0.0.drString found in binary or memory: https://beautiful.ai/?X
Source: 7ba8d8922906948b_0.0.drString found in binary or memory: https://beautiful.ai/I
Source: 3fd254c0d13f8f0b_0.0.drString found in binary or memory: https://beautiful.ai/J
Source: 81e3c2ca9e4de48a_0.0.drString found in binary or memory: https://beautiful.ai/R
Source: a9c823d4cf41b984_0.0.drString found in binary or memory: https://beautiful.ai/q4
Source: 4bfa04e376709f0e_0.0.drString found in binary or memory: https://cdn.amplitude.com/libs/amplitude-4.2.1-min.gz.js
Source: 0096cdf7661c81a7_0.0.drString found in binary or memory: https://cdn.ravenjs.com/3.22.1/raven.min.js
Source: db75f7e421b19943_0.0.drString found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/snowplow/2.12.0/sp.js
Source: 6999e9ac-ffde-4bf1-a90c-0fb949702cb8.tmp.1.drString found in binary or memory: https://clients2.google.com
Source: manifest.json0.0.drString found in binary or memory: https://clients2.google.com/service/update2/crx
Source: 6999e9ac-ffde-4bf1-a90c-0fb949702cb8.tmp.1.drString found in binary or memory: https://clients2.googleusercontent.com
Source: 24ba085c084ee7bb_0.0.drString found in binary or memory: https://container.pepperjam.com/3981149012.js
Source: manifest.json0.0.drString found in binary or memory: https://content.googleapis.com
Source: Reporting and NEL.1.drString found in binary or memory: https://csp.withgoogle.com/csp/report-to/apps-themes
Source: Reporting and NEL.1.drString found in binary or memory: https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU
Source: Reporting and NEL.1.drString found in binary or memory: https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access
Source: Reporting and NEL.1.drString found in binary or memory: https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access_
Source: Reporting and NEL.1.drString found in binary or memory: https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access
Source: 053e44e0-3a70-4450-8ff4-f1db5b854a6e.tmp.1.dr, 6999e9ac-ffde-4bf1-a90c-0fb949702cb8.tmp.1.drString found in binary or memory: https://dns.google
Source: bc65ec7680f06dbe_0.0.drString found in binary or memory: https://fast.appcues.com/84430.js
Source: e814584e8c336c4c_0.0.drString found in binary or memory: https://fast.appcues.com/generic/main/4.31.30/appcues.main.86669839fbee1b1c78f20b7d496bd3b9de3a2901.
Source: manifest.json0.0.drString found in binary or memory: https://feedback.googleusercontent.com
Source: 6999e9ac-ffde-4bf1-a90c-0fb949702cb8.tmp.1.drString found in binary or memory: https://fonts.googleapis.com
Source: manifest.json0.0.drString found in binary or memory: https://fonts.googleapis.com;
Source: 6999e9ac-ffde-4bf1-a90c-0fb949702cb8.tmp.1.drString found in binary or memory: https://fonts.gstatic.com
Source: manifest.json0.0.drString found in binary or memory: https://fonts.gstatic.com;
Source: 77aec0611042714c_0.0.drString found in binary or memory: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/821974632/?random=1633401052560&cv=
Source: manifest.json0.0.drString found in binary or memory: https://hangouts.google.com/
Source: 6999e9ac-ffde-4bf1-a90c-0fb949702cb8.tmp.1.drString found in binary or memory: https://ogs.google.com
Source: manifest.json.0.drString found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: Current Session.0.drString found in binary or memory: https://s-usc1c-nss-320.firebaseio.com/.lp?dframe=t&id=507201&pw=Tw92B6Kd2P&ns=beautifulslides
Source: ad172686c73ad2ef_0.0.drString found in binary or memory: https://s-usc1c-nss-320.firebaseio.com/.lp?id=507201&pw=Tw92B6Kd2P&ser=8818684&ns=beautifulslides&se
Source: 0db9fe4412f9ad6e_0.0.drString found in binary or memory: https://s-usc1c-nss-320.firebaseio.com/.lp?id=507201&pw=Tw92B6Kd2P&ser=8818689&ns=beautifulslides
Source: ff2b5b8d7e3165b8_0.0.drString found in binary or memory: https://s-usc1c-nss-320.firebaseio.com/.lp?id=507201&pw=Tw92B6Kd2P&ser=8818692&ns=beautifulslides
Source: 7ae047df02bb77d8_0.0.drString found in binary or memory: https://s-usc1c-nss-320.firebaseio.com/.lp?id=507201&pw=Tw92B6Kd2P&ser=8818693&ns=beautifulslides&se
Source: Current Session.0.drString found in binary or memory: https://s-usc1c-nss-373.firebaseio.com/.lp?dframe=t&id=4718479&pw=hSTsjiXcqq&ns=beautifulslides-2
Source: manifest.json.0.drString found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: ae9be8ce1bee9d57_0.0.drString found in binary or memory: https://snap.licdn.com/li.lms-analytics/insight.min.js
Source: 6999e9ac-ffde-4bf1-a90c-0fb949702cb8.tmp.1.drString found in binary or memory: https://ssl.gstatic.com
Source: a091979c5da720e6_0.0.drString found in binary or memory: https://ssl.gstatic.com/accounts/o/314319633-idpiframe.js
Source: 85ce915cd4487d8f_0.0.drString found in binary or memory: https://static.klaviyo.com/onsite/js/fender_analytics.4eb90b7eb77269e0eabe.js
Source: f03bbfe98af2b28b_0.0.drString found in binary or memory: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=K6p8VK
Source: c28c21dbfa227893_0.0.drString found in binary or memory: https://static.klaviyo.com/onsite/js/sentry.957bb8d322d8fad44127.js
Source: 21071fb3e9d58bda_0.0.drString found in binary or memory: https://static.klaviyo.com/onsite/js/sharedUtils.16d936f15fdc35eb7f71.js
Source: 950f691aedf137f2_0.0.drString found in binary or memory: https://static.klaviyo.com/onsite/js/signup_forms_new.f7eee781a32f9b6b2707.js
Source: f000a28888435038_0.0.drString found in binary or memory: https://static.klaviyo.com/onsite/js/signup_forms~signup_forms_new.deeb9788d5e666b8675b.js
Source: a5ed4581ff62e77d_0.0.drString found in binary or memory: https://static.klaviyo.com/onsite/js/static.c4d2f19c4ccf5eadd61e.js
Source: d01b38e3035bd98b_0.0.drString found in binary or memory: https://static.klaviyo.com/onsite/js/vendors~signup_forms~signup_forms_new.1f7c0a0a0d55a9be1252.js
Source: 0626c6381bbca626_0.0.drString found in binary or memory: https://storage.googleapis.com/firebase-beautifulslides-static-assets/bundle/263.c6648644237a0705701
Source: 7784d2b8da784728_0.0.drString found in binary or memory: https://storage.googleapis.com/firebase-beautifulslides-static-assets/bundle/38.7e3f5670758d4393f3bd
Source: a0843f876e2fc55f_0.0.drString found in binary or memory: https://storage.googleapis.com/firebase-beautifulslides-static-assets/bundle/383.84617326f167e9e2904
Source: 3fd254c0d13f8f0b_0.0.drString found in binary or memory: https://storage.googleapis.com/firebase-beautifulslides-static-assets/bundle/642.a9ccc6f8bfaea06ce4f
Source: c6451a2eac4161fe_0.0.drString found in binary or memory: https://storage.googleapis.com/firebase-beautifulslides-static-assets/bundle/764.909e7b3ef0795a15fcd
Source: 7ba8d8922906948b_0.0.drString found in binary or memory: https://storage.googleapis.com/firebase-beautifulslides-static-assets/bundle/864.c8617674c6acbf39d97
Source: 09eda6d6fec0a7d1_0.0.drString found in binary or memory: https://storage.googleapis.com/firebase-beautifulslides-static-assets/bundle/901.976e4345574159268be
Source: c070c7bd1716fa67_0.0.drString found in binary or memory: https://storage.googleapis.com/firebase-beautifulslides-static-assets/bundle/app.96011c96f6b002e465e
Source: 20f53529baaee67d_0.0.drString found in binary or memory: https://storage.googleapis.com/firebase-beautifulslides-static-assets/bundle/vendor.js
Source: messages.json41.0.drString found in binary or memory: https://support.google.com/chromecast/answer/2998456
Source: messages.json41.0.drString found in binary or memory: https://support.google.com/chromecast/troubleshooter/2995236
Source: ee273b90c75003e3_0.0.drString found in binary or memory: https://tagassistant.google.com/
Source: 000003.log4.0.drString found in binary or memory: https://www.beautiful.ai
Source: QuotaManager.0.dr, 000003.log0.0.drString found in binary or memory: https://www.beautiful.ai/
Source: Favicons.0.drString found in binary or memory: https://www.beautiful.ai/favicon.ico
Source: Current Session.0.dr, Favicons.0.drString found in binary or memory: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS
Source: Current Session.0.drString found in binary or memory: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITAL
Source: History Provider Cache.0.drString found in binary or memory: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITAL2
Source: Favicons.0.drString found in binary or memory: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITAL8
Source: History.0.drString found in binary or memory: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALBeautiful.ai
Source: History-journal.0.drString found in binary or memory: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS/PACIFICA-CAPITALPACIFICA
Source: History Provider Cache.0.drString found in binary or memory: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS2
Source: History.0.drString found in binary or memory: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFASBeautiful.ai
Source: History-journal.0.drString found in binary or memory: https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFASPACIFICA
Source: 000003.log0.0.drString found in binary or memory: https://www.beautiful.ai::696419881849-694l606hnkcsqehqulodi1m2i10uklr1.apps.googleusercontent.com$
Source: Current Session.0.drString found in binary or memory: https://www.beautiful.aih
Source: 4e12cc37e8033ff8_0.0.drString found in binary or memory: https://www.google-analytics.com/analytics.js
Source: ee273b90c75003e3_0.0.drString found in binary or memory: https://www.google-analytics.com/analytics.jsaD
Source: ee273b90c75003e3_0.0.drString found in binary or memory: https://www.google-analytics.com/debug/bootstrap
Source: ee273b90c75003e3_0.0.drString found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: c8ff7523d83cfbb8_0.0.drString found in binary or memory: https://www.google-analytics.com/gtm/js?id=GTM-TML4TBS&t=gtm8&cid=536481822.1633401053
Source: manifest.json0.0.dr, 6999e9ac-ffde-4bf1-a90c-0fb949702cb8.tmp.1.drString found in binary or memory: https://www.google.com
Source: manifest.json.0.drString found in binary or memory: https://www.google.com/
Source: manifest.json0.0.drString found in binary or memory: https://www.google.com;
Source: 4c1a9f65a415767e_0.0.drString found in binary or memory: https://www.googleadservices.com/pagead/conversion_async.js
Source: 6999e9ac-ffde-4bf1-a90c-0fb949702cb8.tmp.1.drString found in binary or memory: https://www.googleapis.com
Source: manifest.json.0.drString found in binary or memory: https://www.googleapis.com/
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
Source: manifest.json.0.drString found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: manifest.json.0.drString found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/clouddevices
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/hangouts
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/meetings
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
Source: manifest.json.0.drString found in binary or memory: https://www.googleapis.com/auth/sierra
Source: manifest.json.0.drString found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: manifest.json0.0.drString found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: ee273b90c75003e3_0.0.drString found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: 523f60e824b15bf2_0.0.drString found in binary or memory: https://www.googletagmanager.com/gtm.js?id=GTM-58F6WMG
Source: 6999e9ac-ffde-4bf1-a90c-0fb949702cb8.tmp.1.drString found in binary or memory: https://www.gstatic.com
Source: manifest.json0.0.drString found in binary or memory: https://www.gstatic.com;
Source: unknownHTTP traffic detected: POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1Host: accounts.google.comConnection: keep-aliveContent-Length: 1Origin: https://www.google.comContent-Type: application/x-www-form-urlencodedSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: unknownHTTPS traffic detected: 142.250.181.243:443 -> 192.168.2.5:49822 version: TLS 1.2
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Local\Temp\e43d7c15-9c8a-4db2-bcd5-74ea2b098472.tmpJump to behavior
Source: classification engineClassification label: mal56.win@32/243@31/26
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'https://www.beautiful.ai/player/-MlBAbCDFlZF2wdRtFAS'
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1568,10413176972612372754,17733355027513486838,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1700 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1568,10413176972612372754,17733355027513486838,131072 --lang=en-US --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=5448 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Fi