fiat.betaplanes.com/a/FR4UDS/login.php
107.180.88.128301 Moved Permanently 254 B URL HTTP/1.1 fiat.betaplanes.com/a/FR4UDS/login.php
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 467c7de24afc37373d512e03cacd3026
3d671ef8f23919f0b7428a64e958ec2110f30460
567b6ad42d5d899703730986deb267394224b15b2018a17348f719e3a47853a4
Analyzer Verdict Alert fortinet Phishing
GET /a/FR4UDS/login.php HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 29 Jan 2023 11:08:47 GMT
Server: Apache
Location: https://fiat.betaplanes.com/a/FR4UDS/login.php
Content-Length: 254
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14499
Expires: Sun, 29 Jan 2023 15:10:26 GMT
Date: Sun, 29 Jan 2023 11:08:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14487
Expires: Sun, 29 Jan 2023 15:10:14 GMT
Date: Sun, 29 Jan 2023 11:08:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 10:35:37 GMT
content-type: application/json
age: 1990
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16020
Expires: Sun, 29 Jan 2023 15:35:47 GMT
Date: Sun, 29 Jan 2023 11:08:47 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: svDsTxMprfT9B/LyHGqP+/jpLXg17/VjNXv2Y4ODW+8cEfd8heOjMhrc2dSh6gzwPND91SiG+ps=
x-amz-request-id: 73DSE86QNJWHY6AD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 10:50:17 GMT
age: 1110
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 11:08:47 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 10:49:04 GMT
age: 1184
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12842
Expires: Sun, 29 Jan 2023 14:42:50 GMT
Date: Sun, 29 Jan 2023 11:08:48 GMT
Connection: keep-alive
fiat.betaplanes.com/a/FR4UDS/login.php
107.180.88.128302 Found 20 B URL HTTP/1.1 fiat.betaplanes.com/a/FR4UDS/login.php
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
Analyzer Verdict Alert fortinet Phishing
GET /a/FR4UDS/login.php HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Date: Sun, 29 Jan 2023 11:08:48 GMT
Server: Apache
Vary: Accept-Encoding,Cookie
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://fiat.betaplanes.com/wp-json/>; rel="https://api.w.org/"
X-Redirect-By: WordPress
Content-Encoding: gzip
Location: https://fiat.betaplanes.com
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
35.160.141.134101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.141.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6L/J6i8g01U+v7bpECEmaA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: LPHK76t7qmxEI0NryEfqps6Zbn8=
fiat.betaplanes.com/
107.180.88.128200 OK 22 kB IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1898), with CRLF, LF line terminators
Hash bd7ad016f892bb4e433f29b572e1a8c6
e63f341efc5a536cae8948fd17233c71d3bf6c2e
189af36f185fb3ff3cf8727ad178e2b17b60aa8b2b6fe304618a693a319b9318
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:48 GMT
Server: Apache
Vary: Accept-Encoding,Cookie
Cache-Control: max-age=3, must-revalidate
Content-Encoding: gzip
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:08:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:08:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:08:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:08:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=AW-852661004
142.250.74.168200 OK 70 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-852661004
IP 142.250.74.168:0
File type ASCII text, with very long lines (12453)
Hash 4fe7b6939923170e238805d6aa9db3ca
7b89f806862b46fa19180c98715ffba85d3b8d51
231ad0be9ce559265494cef6e61a7fc273c0855276f0a6fe9074bca29641f26b
GET /gtag/js?id=AW-852661004 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 11:08:49 GMT
expires: Sun, 29 Jan 2023 11:08:49 GMT
cache-control: private, max-age=900
last-modified: Sun, 29 Jan 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 69861
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-90818801-3
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-90818801-3
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 7d45c53e5469a2af205d3d9a5a77e0b5
7f1b0a5c901aedae5955dd3db4489d86d7cceb88
76cfb3e384ddec032eb9b373b6631d4011fc4e774e9fd8f16daef80840b98c2c
GET /gtag/js?id=UA-90818801-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 11:08:49 GMT
expires: Sun, 29 Jan 2023 11:08:49 GMT
cache-control: private, max-age=900
last-modified: Sun, 29 Jan 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44013
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-126018779-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-126018779-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 64677af1dc109079f26d7ec2693227ab
badd15923f2b30af78d95389484ab7160dee2f38
b3148c3dc27badeb380e8328903c1c99d510826d62ce2958039cc0fdadfa62d2
GET /gtag/js?id=UA-126018779-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 11:08:49 GMT
expires: Sun, 29 Jan 2023 11:08:49 GMT
cache-control: private, max-age=900
last-modified: Sun, 29 Jan 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44095
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:08:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fiat.betaplanes.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.6
107.180.88.128200 OK 81 kB URL HTTP/1.1 fiat.betaplanes.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.6
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (33376)
Hash 43c4bc05b5e3b0a6684a7c3a52e63590
ed6d95d525a710a82e8b8583e9ba7bce3b2a4722
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.8.6 HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:49 GMT
Server: Apache
Last-Modified: Mon, 27 Sep 2021 18:38:07 GMT
Accept-Ranges: bytes
Content-Length: 80574
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
fiat.betaplanes.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2
107.180.88.128200 OK 2.6 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 76e12144b6be9bc0a17dd880c5566156
c57db768b452aea923a2b083162e9e6ffb98d2f8
070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2 HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:49 GMT
Server: Apache
Last-Modified: Mon, 27 Sep 2021 18:38:47 GMT
Accept-Ranges: bytes
Content-Length: 2640
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
fiat.betaplanes.com/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=5.8.6
107.180.88.128200 OK 316 B URL HTTP/1.1 fiat.betaplanes.com/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=5.8.6
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with CRLF, CR line terminators
Hash 9730086eefb28d971b315173f579b3b0
a9845ea261aef600305f310c15d83232ee33460d
9c0647c53dde19cd56b2dfd0626db41f3db20c92984e1e6a4d469c19e4823adf
GET /wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=5.8.6 HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:49 GMT
Server: Apache
Last-Modified: Mon, 27 Sep 2021 18:36:17 GMT
Accept-Ranges: bytes
Content-Length: 316
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 86352d15c37831cf9bf1e41325029224
ac8b28bcc1e6dd026e1f62d1ef8b9f80a42eee21
154f5f5e116df41f5d3bd414c671138b2afc198071529a0f3573109277566cd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:08:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:08:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fiat.betaplanes.com/wp-content/themes/uncode-child/style.css
107.180.88.128200 OK 1.6 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/themes/uncode-child/style.css
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 7d4a328abb6b94ac1dbb05d6a2e9a4e2
fb151dc5e9b496742ee13bd73779ad595c340b5e
890bfca8eac02996d9a6fa7116cf2845e1e5a46e97621a4645917405c7779686
GET /wp-content/themes/uncode-child/style.css HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:49 GMT
Server: Apache
Last-Modified: Fri, 24 May 2019 21:11:37 GMT
Accept-Ranges: bytes
Content-Length: 1575
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.google.com/recaptcha/api.js?render=6Lc-mM0UAAAAAPsy7oCXQJgodwKi9lUD2AmfddKY&ver=3.0
142.250.74.164200 OK 586 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Lc-mM0UAAAAAPsy7oCXQJgodwKi9lUD2AmfddKY&ver=3.0
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash e7e36be376a779d0fbe23caa1e651176
c956fb2e02b9c8aaac950fa3cf79caf39c60c3f2
f874375550e10dc08bdc3c8bc0a8e053a25c7b1d3ad191721b2a9a76af7e8d5f
GET /recaptcha/api.js?render=6Lc-mM0UAAAAAPsy7oCXQJgodwKi9lUD2AmfddKY&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 29 Jan 2023 11:08:49 GMT
date: Sun, 29 Jan 2023 11:08:49 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 586
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:08:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fiat.betaplanes.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8
107.180.88.128200 OK 40 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (5178), with CRLF line terminators
Hash 3562402588e3bd6410012cf058d1948c
16685faf56b7ab684f50cd6876e4b2ac2c102545
23a57aed407545bd964231bcb511674996bdd28a4f2a57ca66bca72de0bf3d2d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8 HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:49 GMT
Server: Apache
Last-Modified: Wed, 25 Jul 2018 17:22:05 GMT
Accept-Ranges: bytes
Content-Length: 39750
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
fiat.betaplanes.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
107.180.88.128200 OK 90 kB URL HTTP/1.1 fiat.betaplanes.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65447)
Hash 02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:49 GMT
Server: Apache
Last-Modified: Mon, 27 Sep 2021 18:38:07 GMT
Accept-Ranges: bytes
Content-Length: 89521
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
fiat.betaplanes.com/wp-content/uploads/pum/pum-site-styles.css?generated=1632767809&ver=1.16.2
107.180.88.128200 OK 18 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/pum/pum-site-styles.css?generated=1632767809&ver=1.16.2
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (7400), with CRLF, LF line terminators
Hash 25bd7d6b6e0c719ab40d317f98355a19
0ead25d728a6bf36d84cea80d6e84adccb0a7e38
75c60707923d2c8b78f0fe7a70ba000a885f58e581afe0a9a821441b677841c1
GET /wp-content/uploads/pum/pum-site-styles.css?generated=1632767809&ver=1.16.2 HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:49 GMT
Server: Apache
Last-Modified: Mon, 27 Sep 2021 18:36:49 GMT
Accept-Ranges: bytes
Content-Length: 17550
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
fiat.betaplanes.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
107.180.88.128200 OK 11 kB URL HTTP/1.1 fiat.betaplanes.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:49 GMT
Server: Apache
Last-Modified: Mon, 27 Sep 2021 18:38:07 GMT
Accept-Ranges: bytes
Content-Length: 11224
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
fiat.betaplanes.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8
107.180.88.128200 OK 111 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (27287), with CRLF line terminators
Size 111 kB (110564 bytes)
Hash 67a9644e880e7a471d49c73bb7621932
2ac89b145da02402ce1877c580850e08076c5109
a1dff8b0c66227748951c4ff891f146f49c5a382ac8e3d6e3c2e9cf8aa560dc8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8 HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:49 GMT
Server: Apache
Last-Modified: Wed, 25 Jul 2018 17:22:05 GMT
Accept-Ranges: bytes
Content-Length: 110564
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
fiat.betaplanes.com/wp-content/themes/uncode/library/css/uncode-icons.css
107.180.88.128200 OK 58 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/themes/uncode/library/css/uncode-icons.css
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (57632)
Hash 09da341a9999f30f028f8a64f8282590
534a1fda5b31f19586248f2af1800ef86f90a6ad
5f5815cc91ab1c8db04a151659faf7602ade561448d3bfc888651df54c838ca6
GET /wp-content/themes/uncode/library/css/uncode-icons.css HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:49 GMT
Server: Apache
Last-Modified: Wed, 27 Jun 2018 12:04:34 GMT
Accept-Ranges: bytes
Content-Length: 57633
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
fiat.betaplanes.com/wp-content/themes/uncode-child/js/child.js
107.180.88.128200 OK 1.4 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/themes/uncode-child/js/child.js
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 25d15c32eddcb4d7b6417de8d3bf781a
7483071e0aa6b20ca771ff4d585ef6fafdb1130d
a3ef40b833f8acbcb7f0311641426777a7e6a5f2e182b849b8c857dab85f47bf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/uncode-child/js/child.js HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:49 GMT
Server: Apache
Last-Modified: Fri, 08 Feb 2019 17:57:46 GMT
Accept-Ranges: bytes
Content-Length: 1441
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
fiat.betaplanes.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8
107.180.88.128200 OK 65 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (64614), with CRLF line terminators
Hash e1223af8dbcd0552f6f6dc540431451e
c01d6134f72ae04cb327a86918f3e88a63684e90
27ead7f47a3fb4d1e7cbef0c68e28bde7ea18923cf41d8ca82ba13584eebc710
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8 HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:49 GMT
Server: Apache
Last-Modified: Wed, 25 Jul 2018 17:22:05 GMT
Accept-Ranges: bytes
Content-Length: 64949
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
fiat.betaplanes.com/wp-content/themes/uncode/library/js/min/init.min.js
107.180.88.128200 OK 59 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/themes/uncode/library/js/min/init.min.js
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (32040)
Hash 44a7241a58fdd0e28eceeae96f57f72e
ea62d6cbc21fe288099fab89498e927c7e7348e4
505a4faf6ad6871c9ea3a95297ba4760ebaa5a43ebb08f1517cd7bd37d2a84c3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/uncode/library/js/min/init.min.js HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:49 GMT
Server: Apache
Last-Modified: Mon, 23 Jul 2018 19:40:24 GMT
Accept-Ranges: bytes
Content-Length: 58781
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
fiat.betaplanes.com/wp-content/themes/uncode/library/css/style-custom.css
107.180.88.128200 OK 203 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/themes/uncode/library/css/style-custom.css
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type assembler source, ASCII text, with very long lines (459)
Size 203 kB (202757 bytes)
Hash 890049d1fef271f6dd71aa07e2af19ee
88ddf9ea29fe666036a8a915b8513c487707b095
617879cc1ffdbde88dbeacd03e0050fca6a2aa5ead57f9cf8d2b3f9e5a8bf3e9
GET /wp-content/themes/uncode/library/css/style-custom.css HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:49 GMT
Server: Apache
Last-Modified: Tue, 17 Dec 2019 19:21:10 GMT
Accept-Ranges: bytes
Content-Length: 202757
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
fiat.betaplanes.com/wp-content/themes/uncode/library/css/style.css
107.180.88.128200 OK 437 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/themes/uncode/library/css/style.css
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Size 437 kB (437070 bytes)
Hash 60f234edba7d9b3e8d4e68cf2d6b5d21
6da0a3136b01edf3d1dd866ded0d0f81f268429f
c6898055e5d76085fc8d77a2b429afcfa19acb06ce811db1c1d9ee8ff8a97a41
GET /wp-content/themes/uncode/library/css/style.css HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:49 GMT
Server: Apache
Last-Modified: Mon, 23 Jul 2018 19:40:24 GMT
Accept-Ranges: bytes
Content-Length: 437070
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
fiat.betaplanes.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.6
107.180.88.128200 OK 18 kB URL HTTP/1.1 fiat.betaplanes.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.6
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (15224)
Hash 116c86c56f8db0bb63f15ceda50fdc98
75e308982ecf7cd43644b8b426e6aa1a0b0fbe26
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.8.6 HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:49 GMT
Server: Apache
Last-Modified: Mon, 27 Sep 2021 18:38:07 GMT
Accept-Ranges: bytes
Content-Length: 18181
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
fiat.betaplanes.com/wp-includes/js/underscore.min.js?ver=1.13.1
107.180.88.128200 OK 19 kB URL HTTP/1.1 fiat.betaplanes.com/wp-includes/js/underscore.min.js?ver=1.13.1
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (19041)
Hash 3d4eded8f539eacea148e8fc2e5eeba9
69256a9300408c05fc3fbeca2ee16b99bf49c573
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/underscore.min.js?ver=1.13.1 HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:49 GMT
Server: Apache
Last-Modified: Mon, 27 Sep 2021 18:38:07 GMT
Accept-Ranges: bytes
Content-Length: 19076
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
fiat.betaplanes.com/wp-content/plugins/uncode-daves-wordpress-live-search/js/daves-wordpress-live-search.js?ver=5.8.6
107.180.88.128200 OK 12 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/plugins/uncode-daves-wordpress-live-search/js/daves-wordpress-live-search.js?ver=5.8.6
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash b60c96ac978e5b845d11af7882e83e03
4bc33f78ee16d6d8673ac1ce5334df20ac358b96
25eec942a7566afcd7715f0872c9f6525b51bc13776b027c12c2d9565b73dce3
GET /wp-content/plugins/uncode-daves-wordpress-live-search/js/daves-wordpress-live-search.js?ver=5.8.6 HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:49 GMT
Server: Apache
Last-Modified: Mon, 30 Jul 2018 17:38:55 GMT
Accept-Ranges: bytes
Content-Length: 11648
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
fiat.betaplanes.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
107.180.88.128200 OK 6.4 kB URL HTTP/1.1 fiat.betaplanes.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (6406), with no line terminators
Hash 8fe2803a01c9fa77cb1a2618c3552dce
2230dd8f0604e4328e7c2a3f9437a6bf2986f592
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7 HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:49 GMT
Server: Apache
Last-Modified: Mon, 27 Sep 2021 18:38:07 GMT
Accept-Ranges: bytes
Content-Length: 6406
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
fiat.betaplanes.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
107.180.88.128200 OK 16 kB URL HTTP/1.1 fiat.betaplanes.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (16323)
Hash 38400d9c6ba7d41239fccfaa9f523558
fe9a1548961441ce82e5399444f2be5408d2644c
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:49 GMT
Server: Apache
Last-Modified: Mon, 27 Sep 2021 18:38:07 GMT
Accept-Ranges: bytes
Content-Length: 16470
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
fiat.betaplanes.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2
107.180.88.128200 OK 13 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (12987), with no line terminators
Hash 6ad9165b167d54947b37f4b9de75ab39
4c02f66fd8c26141450e310d6786f50f99913dd4
eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2 HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:49 GMT
Server: Apache
Last-Modified: Mon, 27 Sep 2021 18:38:47 GMT
Accept-Ranges: bytes
Content-Length: 12987
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
fiat.betaplanes.com/wp-content/plugins/uncode-core/i-recommend-this/js/dot_irecommendthis.js?ver=3.0.0
107.180.88.128200 OK 538 B URL HTTP/1.1 fiat.betaplanes.com/wp-content/plugins/uncode-core/i-recommend-this/js/dot_irecommendthis.js?ver=3.0.0
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 96bcafac1f13624019f970289d457054
6a241452f2965bd7995c20beafa1df43a374f064
f80d04c4f0d12a3ec408e0ce91d237867f62e1450baa5b814c4b88f4a852efb3
GET /wp-content/plugins/uncode-core/i-recommend-this/js/dot_irecommendthis.js?ver=3.0.0 HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:49 GMT
Server: Apache
Last-Modified: Wed, 25 Jul 2018 17:22:02 GMT
Accept-Ranges: bytes
Content-Length: 538
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
fiat.betaplanes.com/wp-content/plugins/wpcf7-redirect/build/js/wpcf7-redirect-frontend-script.js?ver=1.1
107.180.88.128200 OK 8.2 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/plugins/wpcf7-redirect/build/js/wpcf7-redirect-frontend-script.js?ver=1.1
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash efc005d543649397f40de5ee26412332
8f8d892be0d3807f62aa4b8a86cf4269b68e1911
c4f1a413e47f90162ead328b5fe465ece8c0e32a1625bce9598d76c420a92f32
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wpcf7-redirect/build/js/wpcf7-redirect-frontend-script.js?ver=1.1 HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:49 GMT
Server: Apache
Last-Modified: Mon, 27 Sep 2021 18:36:17 GMT
Accept-Ranges: bytes
Content-Length: 8164
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
fiat.betaplanes.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.8.6
107.180.88.128200 OK 1.2 kB URL HTTP/1.1 fiat.betaplanes.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.8.6
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1193), with no line terminators
Hash f34f415aa56ed900eecf3f212adb57e2
352dfeec21817198c07ab11705b53d813420cea3
7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.8.6 HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 05:44:34 GMT
Accept-Ranges: bytes
Content-Length: 1193
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
fiat.betaplanes.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.8.6
107.180.88.128200 OK 906 B URL HTTP/1.1 fiat.betaplanes.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.8.6
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document, ASCII text, with very long lines (906), with no line terminators
Hash 2c6d3b562a48e0df5474999dd47e58fb
945220e990eb176c14e53cc663fb01e04e31b59f
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.8.6 HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Mon, 27 Sep 2021 18:38:07 GMT
Accept-Ranges: bytes
Content-Length: 906
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:08:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fiat.betaplanes.com/wp-content/themes/uncode/library/js/min/plugins.min.js
107.180.88.128200 OK 369 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/themes/uncode/library/js/min/plugins.min.js
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document, ASCII text, with very long lines (33515)
Size 369 kB (368775 bytes)
Hash 9e2edbb992b0d3851c4183f51059a024
1089c3c1fd23f8ab1481ecaf106b1de4691604df
51494486924d0d562b817392e763f34c5865bcd5fc8cfe457811070b243c0cdb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/uncode/library/js/min/plugins.min.js HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Thu, 19 Jul 2018 18:44:22 GMT
Accept-Ranges: bytes
Content-Length: 368775
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:08:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5274
Expires: Sun, 29 Jan 2023 12:36:44 GMT
Date: Sun, 29 Jan 2023 11:08:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5274
Expires: Sun, 29 Jan 2023 12:36:44 GMT
Date: Sun, 29 Jan 2023 11:08:50 GMT
Connection: keep-alive
fiat.betaplanes.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
107.180.88.128200 OK 21 kB URL HTTP/1.1 fiat.betaplanes.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (7973)
Hash 49fa677b9cd7ddf221dc06537b35e10f
7485f3f99c3c1a57197f2b099f3f8d68b8609d06
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.12.1 HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Mon, 27 Sep 2021 18:38:07 GMT
Accept-Ranges: bytes
Content-Length: 20787
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fiat.betaplanes.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 07:08:09 GMT
expires: Sat, 27 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 187241
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
216.58.207.227200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 35904, version 1.0\012- data
Hash c26b97e7f5bb7a34d190703522d75e16
69d9e5aea0544dbaf9b78c1b65139c03eceece8f
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
GET /s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fiat.betaplanes.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 07:32:21 GMT
expires: Mon, 29 Jan 2024 07:32:21 GMT
cache-control: public, max-age=31536000
age: 12989
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fiat.betaplanes.com/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1632767809&ver=1.16.2
107.180.88.128200 OK 70 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1632767809&ver=1.16.2
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (65398)
Hash d06ec16fb1b264cf04f0e90dc80ec33d
081ae815ddee22f1a6c92fed0c67334fd7616556
d7a5688c5c82538781bb66b68cdb36dfa17e4b4f1e9d52b2ab9bc7f0a5e616b1
GET /wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1632767809&ver=1.16.2 HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Mon, 27 Sep 2021 18:36:49 GMT
Accept-Ranges: bytes
Content-Length: 69500
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
fiat.betaplanes.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4.2
107.180.88.128200 OK 1.8 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4.2
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1849), with no line terminators
Hash bdca36ab07e77f468ef12716f7b78b9c
8c80cbe19b54685ac8a392ada33ffb6554d26326
ccdcf774bd0fc2383fb9d2b780148d17b2ceb3dbc355db13cc17edfdc1f511f3
GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4.2 HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Mon, 27 Sep 2021 18:38:48 GMT
Accept-Ranges: bytes
Content-Length: 1849
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
fiat.betaplanes.com/wp-content/themes/uncode/library/js/min/app.min.js
107.180.88.128200 OK 90 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/themes/uncode/library/js/min/app.min.js
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (32027)
Hash 26640ba8645dadd4a5a7092911692606
c66fc6a2bc8e2dcd8cf83d1b15b11c038ff7e08c
79cf6f8fc6f5294a85d2a10e30b3fc3173f2d80608558587af3d96b81ca1a696
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/uncode/library/js/min/app.min.js HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Mon, 23 Jul 2018 19:40:24 GMT
Accept-Ranges: bytes
Content-Length: 89494
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 20:46:16 GMT
age: 51754
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fiat.betaplanes.com/wp-includes/js/wp-embed.min.js?ver=5.8.6
107.180.88.128200 OK 1.4 kB URL HTTP/1.1 fiat.betaplanes.com/wp-includes/js/wp-embed.min.js?ver=5.8.6
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1391)
Hash 905225d5711b559d3092387d5ffbedbd
6f6c39075263bafb9e8c10f1b34a1a0f7ee03c9d
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
GET /wp-includes/js/wp-embed.min.js?ver=5.8.6 HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Mon, 27 Sep 2021 18:38:07 GMT
Accept-Ranges: bytes
Content-Length: 1426
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cfa685-1688-424d-b352-82b8ce19495a.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cfa685-1688-424d-b352-82b8ce19495a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cbbc57c4e469baec1bda006407877cc
e988f007b1f9ec2327e7817f38cf56202096aeae
5237a8a8a7aa1fe59548582abf726fe77ad9e1fad8535bb5f88519dc6e779a86
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cfa685-1688-424d-b352-82b8ce19495a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6158
x-amzn-requestid: f6073f30-9a9c-4674-8ca9-a43e1982ab44
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLzV7FHtoAMFRGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce328c-08806a615c478d443f76119f;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:09:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5AeWdtII3LLgHysTJsa4Kn5-SSmF0rkM0uYXZwtpBC0p60eJ_VSjBw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 15:00:59 GMT
age: 72471
etag: "e988f007b1f9ec2327e7817f38cf56202096aeae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8ddbb22-9894-4103-ab67-a72323ff97b2.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8ddbb22-9894-4103-ab67-a72323ff97b2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24a6f6affe931c41bfac1968026893dc
983e91c705e8f6d9ad3992d6905ebf5916095300
20ef8c4ff7035b897473712b6a2f614b0a551fb91c20314c3a3a19e09087ca0d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8ddbb22-9894-4103-ab67-a72323ff97b2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4539
x-amzn-requestid: 285ab725-3832-48f2-aa7a-99ecb6a3a533
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLyd5FDxoAMFrlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce3125-48c7a43e61f1ed6605e80668;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:03:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: MkNcd-rngDqmKfBLCE32_Hafu3DVNVs3wCrQm9KYjiRycX3q_FJijw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 04:37:21 GMT
age: 23489
etag: "983e91c705e8f6d9ad3992d6905ebf5916095300"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43c4a8e963936a8064dbd2bd3c67b905
8508727c97127c98b886833af28b3470306216c2
070c29fe7c0a227029483d675eac863904ab6b291467acdf62167f4845699c21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8652
x-amzn-requestid: 21c734f0-cd73-4691-812e-7cd3908f8f89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRbH4HtPIAMFUGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d07232-291e20fb41c53db7664d04b2;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 00:05:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: j2zDtHz3pZLHJKG3-PaITyUzHOQBEELzuDIt7sbB8X_B10OxG394tg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 06:49:29 GMT
age: 15561
etag: "8508727c97127c98b886833af28b3470306216c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10a6491e2c1dfde68c7cd7297e70700f
d0f195319825a6d3e5e50ad15b2fcab27cb65896
4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11470
x-amzn-requestid: 62d61967-9380-4ca9-b11a-531425dbd2ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIf6WFgAIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce042-6d9fe51029094b7f37c0a648;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUIvvkZQ028ey3klplI-x9oZFugon5HsAWT-SN2GQo5hBeBJWqoMAg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 04:01:15 GMT
age: 25655
etag: "d0f195319825a6d3e5e50ad15b2fcab27cb65896"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fiat.betaplanes.com/wp-content/uploads/2018/07/icono-mail-1.png
107.180.88.128200 OK 2.1 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2018/07/icono-mail-1.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash b706befb2f32e2383a4bcccce9105528
f3f4e5dfb6f8aa885080ba0318ea95feda955678
aac2ebb948ddbd75e61f8358d913f88fc0f9ffc50a382b02741f6960fc8a8759
GET /wp-content/uploads/2018/07/icono-mail-1.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Tue, 17 Dec 2019 19:33:28 GMT
Accept-Ranges: bytes
Content-Length: 2057
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:08:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fiat.betaplanes.com/wp-content/uploads/2021/07/fiat-3.png
107.180.88.128200 OK 3.5 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2021/07/fiat-3.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 400 x 260, 8-bit colormap, non-interlaced\012- data
Hash df718004efadf7ea9e1f0dc0533e7870
5b1b29a134a083480b47f06e46b0e9cc26abc9d4
369dcd430fb418c67c7283ba36c7611b88505c66809629cf1da112b67f6941d8
GET /wp-content/uploads/2021/07/fiat-3.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Mon, 26 Jul 2021 19:00:09 GMT
Accept-Ranges: bytes
Content-Length: 3534
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png
fiat.betaplanes.com/wp-content/uploads/2022/04/Pulse.png
107.180.88.128200 OK 91 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2022/04/Pulse.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 1000 x 670, 8-bit colormap, non-interlaced\012- data
Hash d84d1770a895fbd5af04f7f5c67319c2
5f95377c73e259ffd8de0b9021660f9bbe37a4d3
bf13d825ac86494018988f56c6dbada9be29731fa543c28aed848aeb733f5c0d
GET /wp-content/uploads/2022/04/Pulse.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Fri, 08 Apr 2022 14:38:55 GMT
Accept-Ranges: bytes
Content-Length: 91107
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
fiat.betaplanes.com/wp-content/uploads/2022/12/Pulse-gris-1.png
107.180.88.128200 OK 90 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2022/12/Pulse-gris-1.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 1000 x 670, 8-bit colormap, non-interlaced\012- data
Hash dd56582869a08ef9547ffb8e91b86202
5cf5055c77e6512d9a1b47fbdf1d78ad937f8cfe
fed4dc7c991e68b90e19eafd56ede0086d91304b91e0c3103d13b3994e747984
GET /wp-content/uploads/2022/12/Pulse-gris-1.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Tue, 13 Dec 2022 16:09:18 GMT
Accept-Ranges: bytes
Content-Length: 90235
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
fiat.betaplanes.com/wp-content/uploads/2022/08/Cronos-MY23.png
107.180.88.128200 OK 100 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2022/08/Cronos-MY23.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 1000 x 670, 8-bit colormap, non-interlaced\012- data
Hash f1b9d8e5fca2b23ea678a5c410362c77
bc65d61b9a1e5f5a77c7a30a5d871fafa8ac62e6
f650da490979037d9e394a9eb5d938aabcde5b5f61a4498043b97f422a657460
GET /wp-content/uploads/2022/08/Cronos-MY23.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:46:25 GMT
Accept-Ranges: bytes
Content-Length: 99630
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
fiat.betaplanes.com/wp-content/uploads/2022/08/Cronos-rojo-MY23.png
107.180.88.128200 OK 86 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2022/08/Cronos-rojo-MY23.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 1000 x 670, 8-bit colormap, non-interlaced\012- data
Hash 38655bacc6b792fa56bb16ef613b6aa7
34c47059106c48dcccd31a1b546a3cef238a469f
6b32b5438e865120cf083ed407731e228ae31d047fa11b6294ab82ed454fbf6e
GET /wp-content/uploads/2022/08/Cronos-rojo-MY23.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 14:13:47 GMT
Accept-Ranges: bytes
Content-Length: 86309
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png
fiat.betaplanes.com/wp-content/uploads/2022/04/Pulse-2.png
107.180.88.128200 OK 455 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2022/04/Pulse-2.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 1611 x 1515, 8-bit colormap, non-interlaced\012- data
Size 455 kB (454620 bytes)
Hash 26afd096bd49a41e0622637b728c45ff
fc611d154f210839a5d7b535a53e1e789ad24adb
363e7f56b2a835ea0a2f65885635db1f49ba1ac3836b1b1b4283f07be084abc1
GET /wp-content/uploads/2022/04/Pulse-2.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Tue, 26 Apr 2022 12:51:03 GMT
Accept-Ranges: bytes
Content-Length: 454620
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
fiat.betaplanes.com/wp-content/uploads/2021/07/Mobi-1.png
107.180.88.128200 OK 75 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2021/07/Mobi-1.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 1000 x 670, 8-bit colormap, non-interlaced\012- data
Hash bf5af701f0c992742d5285f94c19893b
8e4980f75e6b6d419a998ab120a2606fc578ab4c
654c851ef95c58bacb79a83cd241a7a32ba92cbf2e93d7c80be1af3db5043b82
GET /wp-content/uploads/2021/07/Mobi-1.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Mon, 26 Jul 2021 18:42:16 GMT
Accept-Ranges: bytes
Content-Length: 75139
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
fiat.betaplanes.com/wp-content/uploads/2021/07/Strasa.png
107.180.88.128200 OK 106 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2021/07/Strasa.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 1000 x 670, 8-bit colormap, non-interlaced\012- data
Size 106 kB (106380 bytes)
Hash 66b44315c2cd92e31f91c422e3deee45
cf0f5101599edcb37c816a67efd7ed5513a720a2
6bb846f3b13f388922dfbe42246d34cf5d378d0cd18cf1583551783d68a41208
GET /wp-content/uploads/2021/07/Strasa.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Mon, 26 Jul 2021 18:42:06 GMT
Accept-Ranges: bytes
Content-Length: 106380
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b882e003c701af087a372e3e37d2cc1c
25fa29dfe84f9bcc9f54f09920a172f8161b89ba
5925313965a4daf433d93c7296b8d56ff02d99359bf909a654b118a859c04928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5925313965A4DAF433D93C7296B8D56FF02D99359BF909A654B118A859C04928"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15162
Expires: Sun, 29 Jan 2023 15:21:32 GMT
Date: Sun, 29 Jan 2023 11:08:50 GMT
Connection: keep-alive
fiat.betaplanes.com/wp-content/uploads/2021/09/Toro-3.png
107.180.88.128200 OK 81 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2021/09/Toro-3.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 1000 x 670, 8-bit colormap, non-interlaced\012- data
Hash d3d5f6c50082e50d8bf7ad6c1ac9cac4
790c4e717519e2fc3e4048e3777c23eaa1164e04
d4d6a665db564d8f1c68317592ea788f3474af2ddba8bc4727681f1868c25363
GET /wp-content/uploads/2021/09/Toro-3.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Fri, 24 Sep 2021 19:31:14 GMT
Accept-Ranges: bytes
Content-Length: 80820
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
fiat.betaplanes.com/wp-content/uploads/2021/07/Fiorino-1.png
107.180.88.128200 OK 94 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2021/07/Fiorino-1.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 1000 x 670, 8-bit colormap, non-interlaced\012- data
Hash 21fb932dc236145e5f30d36bcaaad693
639b4e61df0c812d675cd83939eb19c61974b1ed
2677a52c60befbabf9b8591707ad076fcc555c57abbcf8c99dadae8fce6ea4eb
GET /wp-content/uploads/2021/07/Fiorino-1.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Mon, 26 Jul 2021 18:42:19 GMT
Accept-Ranges: bytes
Content-Length: 93929
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
fiat.betaplanes.com/wp-content/uploads/2021/07/texto2-1.png
107.180.88.128200 OK 6.1 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2021/07/texto2-1.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 1366 x 151, 8-bit colormap, non-interlaced\012- data
Hash a593aae621ec9112aca4833d09893f10
ff36cb052664f77a2edf2745380a47d7c42c8d37
ccd76a856114c7e18b745bebbc6a646fa527e8385909ada3da47a96358b87edc
GET /wp-content/uploads/2021/07/texto2-1.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Mon, 26 Jul 2021 14:53:36 GMT
Accept-Ranges: bytes
Content-Length: 6100
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/png
fiat.betaplanes.com/wp-content/uploads/2021/07/Fondo-1.png
107.180.88.128200 OK 241 B URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2021/07/Fondo-1.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 2000 x 500, 1-bit colormap, non-interlaced\012- data
Hash fb81a0710bef7983138b3b63bd67d0bc
a3c4fd755ceed75ca1d0c040c76efec758ff0b0c
56156f4210a7ecd17dcd8eb78adf9997847f59c0a9cd92e9280638b10ce81c5d
GET /wp-content/uploads/2021/07/Fondo-1.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Fri, 23 Jul 2021 15:06:53 GMT
Accept-Ranges: bytes
Content-Length: 241
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
fonts.googleapis.com/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CNunito%3A200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=vietnamese%2Clatin%2Clatin-ext&ver=1.0.0
142.250.74.106200 OK 3.7 kB URL HTTP/2 fonts.googleapis.com/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CNunito%3A200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=vietnamese%2Clatin%2Clatin-ext&ver=1.0.0
IP 142.250.74.106:0
Hash 1607ba2ca95a0dc7aeb41f866390785f
55a33c2d9a6b0a15ac6b6dffbc98f8a5d5e9d919
d382768f38315c3e2ee027b37ceaadd5f16b55fb3fe73f33563f8aff84680569
GET /css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CNunito%3A200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=vietnamese%2Clatin%2Clatin-ext&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 11:08:49 GMT
date: Sun, 29 Jan 2023 11:08:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fiat.betaplanes.com/wp-content/uploads/2018/09/Sin-t%C3%ADtulo-4-1.png
107.180.88.128200 OK 35 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2018/09/Sin-t%C3%ADtulo-4-1.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 470 x 312, 8-bit colormap, non-interlaced\012- data
Hash 4208d740f844ec32916d806a64811e0e
ccc7027a8f738fa0278dc15be0ab7cba0d319f4a
98751dd5e1c5fd59e1ee370e6a739dee80bde7b0279c88607c7c0b897873c457
GET /wp-content/uploads/2018/09/Sin-t%C3%ADtulo-4-1.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Mon, 26 Jul 2021 15:14:00 GMT
Accept-Ranges: bytes
Content-Length: 35217
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
s.cliengo.com/weboptimizer/5ccc3baae4b0b75b045c9cd4/5ccc3babe4b0b75b045c9cd7.js
18.205.36.100200 OK 2.1 kB URL HTTP/1.1 s.cliengo.com/weboptimizer/5ccc3baae4b0b75b045c9cd4/5ccc3babe4b0b75b045c9cd7.js
IP 18.205.36.100:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (778)
Hash 792b3542cc2c61c78172757f1a8e7015
4edfdd8900f2a7baa64c48421791df255392a7c5
b7a7c3e078ee1f184c5d38b329eee505ae5e72fb02c8bd45961b018b5bcd4146
GET /weboptimizer/5ccc3baae4b0b75b045c9cd4/5ccc3babe4b0b75b045c9cd7.js HTTP/1.1
Host: s.cliengo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Server: Play! Framework;1.4.5;prod
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Sun, 29 Jan 2023 11:08:50 GMT
Set-Cookie: PLAY_ERRORS=; Max-Age=0; Expires=Sun, 29 Jan 2023 11:08:50 GMT; Path=/; Domain=.leadaki.com
PLAY_FLASH=; Max-Age=0; Expires=Sun, 29 Jan 2023 11:08:50 GMT; Path=/; Domain=.leadaki.com
ldkInit=1; Max-Age=10000000; Expires=Thu, 25 May 2023 04:55:30 GMT; Path=/; Domain=.cliengo.com
PLAY_SESSION=; Max-Age=0; Expires=Sun, 29 Jan 2023 11:08:50 GMT; Path=/; Domain=.leadaki.com
Cache-Control: no-cache
Content-Length: 2100
Via: 1.1 vegur
fiat.betaplanes.com/wp-content/uploads/2018/09/texto-1.png
107.180.88.128200 OK 3.7 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2018/09/texto-1.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 550 x 113, 8-bit colormap, non-interlaced\012- data
Hash 7f39c50e4b370646da457ad12f2221d3
5bf7c3cff1406cf90e509574f8ffdbff5dd1b5c3
f752c68319ce6655805be429dcc02aad205bbfab3478568443d451af3cafe9d3
GET /wp-content/uploads/2018/09/texto-1.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Mon, 26 Jul 2021 20:42:42 GMT
Accept-Ranges: bytes
Content-Length: 3743
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
fiat.betaplanes.com/wp-content/uploads/2018/07/Iconos_Instagram-300x300.png
107.180.88.128200 OK 11 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2018/07/Iconos_Instagram-300x300.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash e30ec4f53268e92f056de64e18075066
013e41c532dbc7c91be7ed5d259787c3f52cbc0c
c4419726ba634434b09e041f54ccc9b1103aaf3525f3d33dac295e64c6d562a6
GET /wp-content/uploads/2018/07/Iconos_Instagram-300x300.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Tue, 17 Dec 2019 20:28:20 GMT
Accept-Ranges: bytes
Content-Length: 11281
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
fiat.betaplanes.com/wp-content/uploads/2018/07/Iconos_Facebook-300x300.png
107.180.88.128200 OK 5.0 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2018/07/Iconos_Facebook-300x300.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 0af587abfd3f866054a8b539a34ebe50
7bcd004b0b878eeac23de0a2569bf2d06c55d71b
666e8be4836720ba0a68305484bce52d0393ce1f7658a0b75a6f7c035af1aa9c
GET /wp-content/uploads/2018/07/Iconos_Facebook-300x300.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Tue, 17 Dec 2019 20:28:22 GMT
Accept-Ranges: bytes
Content-Length: 4962
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/png
fiat.betaplanes.com/wp-content/uploads/2018/07/Iconos_Linked-In-300x300.png
107.180.88.128200 OK 6.9 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2018/07/Iconos_Linked-In-300x300.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 51bc837e1cad2fa3ffcb6f65418906d8
d7b0a58748e48e294428a51b8c72ac29330ca2f2
b60062a7744ebd6af60cb114c9b0bb257a97d0dd4a860d29a01e269c34922630
GET /wp-content/uploads/2018/07/Iconos_Linked-In-300x300.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Tue, 17 Dec 2019 20:24:52 GMT
Accept-Ranges: bytes
Content-Length: 6898
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
fiat.betaplanes.com/wp-content/uploads/2018/07/FiatPlan-2.png
107.180.88.128200 OK 3.4 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2018/07/FiatPlan-2.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 300 x 300, 8-bit colormap, non-interlaced\012- data
Hash d5ef51cdd6202344b67d72eeac00a9b8
f22927a06378012c7d0b5c4d99bc677de2209bce
eeb4842447f9337a07d308adbe6667d7d366c40ca2ec2f3ec0f601776ee3399c
GET /wp-content/uploads/2018/07/FiatPlan-2.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Thu, 24 Jan 2019 20:10:03 GMT
Accept-Ranges: bytes
Content-Length: 3423
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png
fiat.betaplanes.com/wp-content/uploads/2018/07/Iconos_Youtube-300x300.png
107.180.88.128200 OK 9.8 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2018/07/Iconos_Youtube-300x300.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 8c77d13997cd2f1dcc7777775fbbcfee
f7f16f7bae83b048ae23c1379f591c6bc77165c8
b421a84645b02c2d6949559af43236226de60ae6229f3903f8228ef1d9010a66
GET /wp-content/uploads/2018/07/Iconos_Youtube-300x300.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Tue, 17 Dec 2019 20:24:53 GMT
Accept-Ranges: bytes
Content-Length: 9842
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
fiat.betaplanes.com/wp-content/uploads/2018/07/Iconos_Twitter-300x300.png
107.180.88.128200 OK 7.1 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2018/07/Iconos_Twitter-300x300.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash cc81f9b26101969bba64b379af13d5d3
6cf8677efb2030ec9386969cf618436213e70c83
d87d0412e9ef13a1964036445b17071fca1bba7b6fd9ba999029f93b6b1f0a26
GET /wp-content/uploads/2018/07/Iconos_Twitter-300x300.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Tue, 17 Dec 2019 20:24:50 GMT
Accept-Ranges: bytes
Content-Length: 7080
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
fiat.betaplanes.com/wp-content/uploads/2018/07/LogoBeta2021_Mesa-de-trabajo-1-copia-2.png
107.180.88.128200 OK 22 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2018/07/LogoBeta2021_Mesa-de-trabajo-1-copia-2.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 1266 x 339, 8-bit colormap, non-interlaced\012- data
Hash 79bee48a177822c7587eac2c6d15f873
d57f9203f8222b169c6abc60be8522354be42b23
eedf68bd428c2bb24114533bba0ebef56b97a75d4378b1ac83b2d83a8667d610
GET /wp-content/uploads/2018/07/LogoBeta2021_Mesa-de-trabajo-1-copia-2.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Thu, 08 Jul 2021 13:40:33 GMT
Accept-Ranges: bytes
Content-Length: 22090
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png
fiat.betaplanes.com/wp-content/uploads/2021/07/Strada.png
107.180.88.128200 OK 391 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2021/07/Strada.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 1611 x 1515, 8-bit colormap, non-interlaced\012- data
Size 391 kB (390905 bytes)
Hash 2eb147fdb2e4106e102340d995b2d40b
70a4528c911ef700e503a867d25a68baf94d0f72
17f452e00aae27eff5c3f40610470f57c3b7bee494b8aec80d52548ea9b8fb74
GET /wp-content/uploads/2021/07/Strada.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Mon, 26 Jul 2021 18:23:25 GMT
Accept-Ranges: bytes
Content-Length: 390905
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
fiat.betaplanes.com/wp-content/uploads/2022/01/Cronos_taxi-1.png
107.180.88.128200 OK 377 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2022/01/Cronos_taxi-1.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 1611 x 1515, 8-bit colormap, non-interlaced\012- data
Size 377 kB (377298 bytes)
Hash 83306cee5dda748fd1271dd2cc82d6b5
b18ad300f4dcfc41bd3531c99234f2a386801d34
29c526b2f9b1c4fd7538357bf79e2b88f07fb2f075f9c6f0ac9957a9ae8b3d07
GET /wp-content/uploads/2022/01/Cronos_taxi-1.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Wed, 05 Jan 2022 18:21:49 GMT
Accept-Ranges: bytes
Content-Length: 377298
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
fiat.betaplanes.com/wp-content/uploads/2018/09/ahorristas-1.png
107.180.88.128200 OK 4.4 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2018/09/ahorristas-1.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 1943 x 333, 4-bit colormap, non-interlaced\012- data
Hash 2791a6e1d401fce0b39f3ab72384eff9
f5c96750cc66497b8d3bb25210b0acec093cb5d6
9c5999b5d34855cf9f3fb8684f11adcaac0abcaa919e9cbb080ca8705804e4c4
GET /wp-content/uploads/2018/09/ahorristas-1.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Mon, 26 Jul 2021 15:10:50 GMT
Accept-Ranges: bytes
Content-Length: 4426
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png
fiat.betaplanes.com/wp-content/uploads/2022/08/Cronos.png
107.180.88.128200 OK 441 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2022/08/Cronos.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 1611 x 1515, 8-bit colormap, non-interlaced\012- data
Size 441 kB (440663 bytes)
Hash 41794a5fc0e5ba4b579e11ecfe2abeb5
3ff6f0307415904735a415177df431cb463998f2
9f37514c69b075ef81cf94870dcf696676d34a5cfa218ddc090e6a0a7f7f754b
GET /wp-content/uploads/2022/08/Cronos.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 12:49:45 GMT
Accept-Ranges: bytes
Content-Length: 440663
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/png
fiat.betaplanes.com/wp-content/uploads/2018/07/logo25.png
107.180.88.128200 OK 11 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2018/07/logo25.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 425 x 106, 8-bit colormap, non-interlaced\012- data
Hash 59808a56c00c562fb028d539650d2e7f
5ceef9cb8e9d37059349d279f54b7c8a35767c13
448dded104867d53e55bcb24a65faa8a4610219fdf8d2da3b4964a879994f7cc
GET /wp-content/uploads/2018/07/logo25.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Fri, 10 Aug 2018 14:41:44 GMT
Accept-Ranges: bytes
Content-Length: 10577
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png
fiat.betaplanes.com/wp-content/uploads/2021/09/Toro-4.png
107.180.88.128200 OK 356 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2021/09/Toro-4.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 1611 x 1515, 8-bit colormap, non-interlaced\012- data
Size 356 kB (356148 bytes)
Hash 08fc71b289888ba3bf395d938720d5c1
799bb886048445a1036a6696e01585e653436df1
2a7c95be85c9179751454e39164143a3cc64bd8c60178575d257fe43c5321cc5
GET /wp-content/uploads/2021/09/Toro-4.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Fri, 24 Sep 2021 19:30:47 GMT
Accept-Ranges: bytes
Content-Length: 356148
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png
fiat.betaplanes.com/wp-content/themes/uncode/library/img/preloader.svg
107.180.88.128200 OK 3.0 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/themes/uncode/library/img/preloader.svg
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3036), with no line terminators
Hash 1512bad842a92baa01efd6096c649fd5
3d2e4ea41bbe8114406ab2c868fb26c7fedb8436
29b7a9ba65e54ae7bfd94be8be87b821f74227693907a9ea18201dd43bd75556
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/uncode/library/img/preloader.svg HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/wp-content/themes/uncode/library/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Wed, 08 Nov 2017 13:23:04 GMT
Accept-Ranges: bytes
Content-Length: 3036
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/svg+xml
maps.gstatic.com/maps-api-v3/embed/js/51/7/init_embed.js
142.250.74.99200 OK 69 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/51/7/init_embed.js
IP 142.250.74.99:0
File type ASCII text, with very long lines (2599)
Hash fd4867728783671f13b38d1f073e7be9
ff5ba304ce5b2838e4b49b6cff833dede37e1098
52a398663110b5dc50e72094c287b049ec5ed33a2b639418e4e1a9c3d313b82c
GET /maps-api-v3/embed/js/51/7/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 69373
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 18:33:57 GMT
expires: Thu, 25 Jan 2024 18:33:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Jan 2023 21:48:16 GMT
content-type: text/javascript
age: 318893
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fiat.betaplanes.com/wp-content/uploads/2021/07/texto.png
107.180.88.128200 OK 8.9 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2021/07/texto.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 593 x 538, 8-bit colormap, non-interlaced\012- data
Hash f3388894de473b219a1893be030bffeb
b1a0fca43b32e9b95246d5a9b05e75a4a5678cc1
626759cc5839e586a92e50689206aaee932462b0a99983ac5935f6456225c0b2
GET /wp-content/uploads/2021/07/texto.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Mon, 26 Jul 2021 14:48:46 GMT
Accept-Ranges: bytes
Content-Length: 8943
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png
fiat.betaplanes.com/wp-content/uploads/2019/05/whatsapp-logo.png
107.180.88.128200 OK 848 B URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2019/05/whatsapp-logo.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash aa4e9d8e681a5c39ebd9e617ee4cd964
24de3262aef73df93ace5a7f7f3de25cce9ea573
8234970d5ee91d645f994febf91e6407fe88f9e4e7a98931df921e93e959d003
GET /wp-content/uploads/2019/05/whatsapp-logo.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Mon, 06 May 2019 20:12:09 GMT
Accept-Ranges: bytes
Content-Length: 848
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:08:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ed8a8c45dceab588456b222e04775919
0242859712655caa3c3e9b936878c7c7874b7b5a
669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:08:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 29 Jan 2023 09:46:59 GMT
expires: Sun, 29 Jan 2023 11:46:59 GMT
cache-control: public, max-age=7200
age: 4912
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/852661004/?random=1674990537856&cv=11&fst=1674990537856&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffiat.betaplanes.com%2F&tiba=Beta%20SA%20%E2%80%93%20La%20gran%20Fiat%20de%20Rosario%20y%20zona&auid=980936468.1674990538&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.162200 OK 913 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/852661004/?random=1674990537856&cv=11&fst=1674990537856&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffiat.betaplanes.com%2F&tiba=Beta%20SA%20%E2%80%93%20La%20gran%20Fiat%20de%20Rosario%20y%20zona&auid=980936468.1674990538&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (1937), with no line terminators
Hash 212cc3e6d8b9c9a0fb975147c8c599e4
7809fd035cf5a90c81e0e58eb69b4fa360f72082
a618e32a55ed12d852b685a12a148bf8fe19bd1701c43318bbff27a4619be22a
GET /pagead/viewthroughconversion/852661004/?random=1674990537856&cv=11&fst=1674990537856&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffiat.betaplanes.com%2F&tiba=Beta%20SA%20%E2%80%93%20La%20gran%20Fiat%20de%20Rosario%20y%20zona&auid=980936468.1674990538&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 11:08:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 913
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 29-Jan-2023 11:23:51 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7078b1d21bbac26012d93fc9501fbbb0
412189ffa7980709edc28b87a820aa1ae64fa3a7
6db1d0d3f3924d7e75e1fd087553cf4ec5fa938ecc52adf3f149570551eaf7f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4283
Cache-Control: max-age=114355
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:08:51 GMT
Etag: "63d55ebb-1d7"
Expires: Mon, 30 Jan 2023 18:54:46 GMT
Last-Modified: Sat, 28 Jan 2023 17:43:23 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 541db4f3f0ba067bfb58cdac34cb86f4
20e6883f068568888ce37c6b9ef8f5d12be257c0
83898f3b2da2a11996d2eb3a5115ef301255030fdf231b8bf7971916769bc7be
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: r2LkwPdSiqJjMX0a535lHSxTPVUBu7XZ4DUyuIms+Pm6obyYKpwNYGN27lMQXUnOKkJLqQq1KcENNpAeIBtqqA==
content-length: 27815
x-fb-trip-id: 1904183273
date: Sun, 29 Jan 2023 11:08:51 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j99&a=232238512&t=pageview&_s=1&dl=https%3A%2F%2Ffiat.betaplanes.com%2F&ul=en-us&de=UTF-8&dt=Beta%20SA%20%E2%80%93%20La%20gran%20Fiat%20de%20Rosario%20y%20zona&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=821810398&gjid=1243088792&cid=1990496833.1674990538&tid=UA-126018779-1&_gid=249740080.1674990538&_r=1&_slc=1>m=2ou1p0&z=984219653
142.250.74.142200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=232238512&t=pageview&_s=1&dl=https%3A%2F%2Ffiat.betaplanes.com%2F&ul=en-us&de=UTF-8&dt=Beta%20SA%20%E2%80%93%20La%20gran%20Fiat%20de%20Rosario%20y%20zona&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=821810398&gjid=1243088792&cid=1990496833.1674990538&tid=UA-126018779-1&_gid=249740080.1674990538&_r=1&_slc=1>m=2ou1p0&z=984219653
IP 142.250.74.142:0
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j99&a=232238512&t=pageview&_s=1&dl=https%3A%2F%2Ffiat.betaplanes.com%2F&ul=en-us&de=UTF-8&dt=Beta%20SA%20%E2%80%93%20La%20gran%20Fiat%20de%20Rosario%20y%20zona&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=821810398&gjid=1243088792&cid=1990496833.1674990538&tid=UA-126018779-1&_gid=249740080.1674990538&_r=1&_slc=1>m=2ou1p0&z=984219653 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://fiat.betaplanes.com
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://fiat.betaplanes.com
date: Sun, 29 Jan 2023 11:08:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js
142.250.74.142200 OK 63 kB URL HTTP/2 www.youtube.com/s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js
IP 142.250.74.142:0
File type ASCII text, with very long lines (817)
Hash f02565101c5e23455bc9cb529917079f
d191ba22867a37580b73c62e85cafec8934445cc
adbc433ec3318badba117cecfe624154f8211ca424260f8626f1c5aa97340e6a
GET /s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 62798
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 16:39:49 GMT
expires: Thu, 25 Jan 2024 16:39:49 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/javascript
age: 325742
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j99&a=232238512&t=pageview&_s=1&dl=https%3A%2F%2Ffiat.betaplanes.com%2F&ul=en-us&de=UTF-8&dt=Beta%20SA%20%E2%80%93%20La%20gran%20Fiat%20de%20Rosario%20y%20zona&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEDAAUABAAAAACAAI~&jid=542579993&gjid=115730940&cid=1990496833.1674990538&tid=UA-90818801-3&_gid=249740080.1674990538&_r=1&_slc=1>m=2ou1p0&z=288567683
142.250.74.142200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=232238512&t=pageview&_s=1&dl=https%3A%2F%2Ffiat.betaplanes.com%2F&ul=en-us&de=UTF-8&dt=Beta%20SA%20%E2%80%93%20La%20gran%20Fiat%20de%20Rosario%20y%20zona&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEDAAUABAAAAACAAI~&jid=542579993&gjid=115730940&cid=1990496833.1674990538&tid=UA-90818801-3&_gid=249740080.1674990538&_r=1&_slc=1>m=2ou1p0&z=288567683
IP 142.250.74.142:0
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j99&a=232238512&t=pageview&_s=1&dl=https%3A%2F%2Ffiat.betaplanes.com%2F&ul=en-us&de=UTF-8&dt=Beta%20SA%20%E2%80%93%20La%20gran%20Fiat%20de%20Rosario%20y%20zona&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEDAAUABAAAAACAAI~&jid=542579993&gjid=115730940&cid=1990496833.1674990538&tid=UA-90818801-3&_gid=249740080.1674990538&_r=1&_slc=1>m=2ou1p0&z=288567683 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://fiat.betaplanes.com
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://fiat.betaplanes.com
date: Sun, 29 Jan 2023 11:08:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ed8a8c45dceab588456b222e04775919
0242859712655caa3c3e9b936878c7c7874b7b5a
669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:08:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7078b1d21bbac26012d93fc9501fbbb0
412189ffa7980709edc28b87a820aa1ae64fa3a7
6db1d0d3f3924d7e75e1fd087553cf4ec5fa938ecc52adf3f149570551eaf7f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4283
Cache-Control: max-age=114355
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:08:51 GMT
Etag: "63d55ebb-1d7"
Expires: Mon, 30 Jan 2023 18:54:46 GMT
Last-Modified: Sat, 28 Jan 2023 17:43:23 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash b7da7d1d3e5880d5d4e313ac7fcf2a83
60a1e887ccb7c7cdae0035c65ef7df9908547fef
af17efcd17df50324c29cff05cea79f18cba79f6b1134ec0e6d1637759b5e895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:08:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash b7da7d1d3e5880d5d4e313ac7fcf2a83
60a1e887ccb7c7cdae0035c65ef7df9908547fef
af17efcd17df50324c29cff05cea79f18cba79f6b1134ec0e6d1637759b5e895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:08:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fiat.betaplanes.com/favicon.ico
107.180.88.128302 Found 20 B URL HTTP/1.1 fiat.betaplanes.com/favicon.ico
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /favicon.ico HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Cookie: ldkRefererTracking=direct; _gcl_au=1.1.980936468.1674990538
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Date: Sun, 29 Jan 2023 11:08:51 GMT
Server: Apache
Vary: Accept-Encoding,Cookie
Link: <https://fiat.betaplanes.com/wp-json/>; rel="https://api.w.org/"
X-Redirect-By: WordPress
Content-Encoding: gzip
Location: https://fiat.betaplanes.com/wp-content/uploads/2018/07/cropped-Beta_512x512-32x32.png
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
fonts.gstatic.com/s/nunito/v11/XRXV3I6Li01BKofINeaB.woff2
216.58.207.227200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/nunito/v11/XRXV3I6Li01BKofINeaB.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 19976, version 1.0\012- data
Hash de6068bf97f40206af0b062e262e6213
9a49fe65bd0cb8cb993478f0757a243ea2132f83
c1536408aa8d8caad5b9506d222ab47db8e2905e8237349a4b74391628b77a50
GET /s/nunito/v11/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lw.cliengo.com
Connection: keep-alive
Referer: https://lw.cliengo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 07:35:36 GMT
expires: Sun, 28 Jan 2024 07:35:36 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Jul 2019 19:27:41 GMT
content-type: font/woff2
age: 99195
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.jsdelivr.net/gh/Cliengo/wisipoo@latest/demo/src/App.css
151.101.65.229200 OK 2.4 kB URL HTTP/2 cdn.jsdelivr.net/gh/Cliengo/wisipoo@latest/demo/src/App.css
IP 151.101.65.229:0
Hash 3852185ad5212062e1d0553eadc0df53
dc9f7074d48699a81169fa14fde136a3aae5f5bb
5a432f9795725d439be63138833144bc135e28a3c3033a19db0b9ccdc70556f3
GET /gh/Cliengo/wisipoo@latest/demo/src/App.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lw.cliengo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.0.9
x-jsd-version-type: version
etag: W/"275d-z43NbeUWWEN+UloDVZyd4xpBC4c"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 29 Jan 2023 11:08:51 GMT
age: 22607
x-served-by: cache-fra-eddf8230081-FRA, cache-bma1639-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2386
X-Firefox-Spdy: h2
lw.cliengo.com/s/5ccc3baae4b0b75b045c9cd4/5ccc3babe4b0b75b045c9cd7
104.26.9.30200 OK 2.1 kB URL HTTP/2 lw.cliengo.com/s/5ccc3baae4b0b75b045c9cd4/5ccc3babe4b0b75b045c9cd7
IP 104.26.9.30:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (346)
Hash a57522392aa1db1470011abad10d54ea
356202e4c448be475d26bdcd85b2340281712b1a
b5da46351a117a121fee8d4e5268dce3d7551cf5b6fa0ad5eea1df6998c9f7b8
GET /s/5ccc3baae4b0b75b045c9cd4/5ccc3babe4b0b75b045c9cd7 HTTP/1.1
Host: lw.cliengo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:08:51 GMT
content-type: text/html; charset=UTF-8
x-powered-by: Express
cache-control: public, max-age=31557600
last-modified: Wed, 21 Sep 2022 15:56:00 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=whPfkS%2Fji00xqyCBVLg7mpxE4j28%2Fk07PF8KPXyu4i2CIbLKluO8VtnXLAD%2BKb0LsBGXO6UM%2F0L6c4%2Fqq%2BMASBE4y2D%2FBcEpZ772Wigzf%2B5iM%2B7cd35ppW17A4O3ZVrP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7911832169c4fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.21.226:0
Hash b0901dff4cbdeda2bf98f33d3b404f99
a033639cf35c1871fb4be47143b6a3ec9a0cc698
3047e626e360ded18f9800ed6ce14d54727312147bdad902140446015f145e94
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:51 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "765CBC6AD5D4A241AE678487D4369D2AD466B880"
Expires: Sun, 29 Jan 2023 22:00:00 GMT
Last-Modified: Sun, 29 Jan 2023 10:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1301
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791183280c40b515-OSL
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 16:40:43 GMT
expires: Fri, 26 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 239288
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lw.cliengo.com/widget.css
104.26.9.30200 OK 8.0 kB URL HTTP/2 lw.cliengo.com/widget.css
IP 104.26.9.30:0
File type ASCII text, with very long lines (32689), with no line terminators
Hash 91c694267417199ec0fdcfaccf0dcf37
1ad1eb24b31a35dd1aaeae2183e7b4181a65b25f
5aeb50e069d997d8ce90ff3d75d041d8cf64ad4e7783835e71964532678b5da7
GET /widget.css HTTP/1.1
Host: lw.cliengo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lw.cliengo.com/s/5ccc3baae4b0b75b045c9cd4/5ccc3babe4b0b75b045c9cd7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:08:51 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=32991
etag: W/"80df-18360c50848"
last-modified: Wed, 21 Sep 2022 15:57:49 GMT
vary: Accept-Encoding
via: 1.1 vegur
x-powered-by: Express
cf-cache-status: HIT
age: 893305
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OiNpeE78I%2F9RiKQ9XMK8X9%2BZqNZoWxcG%2Bo9LrnT1dVc12jkc%2BdFdNdRsFyNkf0gT%2B6p6F66nwdaV6tjM1d0YpRO5K0NSKGzNZ5FH%2FC84E9uRA9KdfJzO9xdlv8rrl2GG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791183276f08fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 21:48:03 GMT
expires: Fri, 26 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 220848
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fiat.betaplanes.com/wp-content/uploads/2018/07/cropped-Beta_512x512-32x32.png
107.180.88.128200 OK 1.9 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2018/07/cropped-Beta_512x512-32x32.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 1197c58c3bb1e36e305e38206d378185
0c757f3f157c46683c72f5fc8b2aaab6d1512471
e77b13cf30360d0b32bfda684c5dc065fa8eeca210b430bf358e50db87666efd
GET /wp-content/uploads/2018/07/cropped-Beta_512x512-32x32.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fiat.betaplanes.com/
Connection: keep-alive
Cookie: ldkRefererTracking=direct; _gcl_au=1.1.980936468.1674990538; _ga=GA1.2.1990496833.1674990538; _gid=GA1.2.249740080.1674990538; _gat_gtag_UA_126018779_1=1; _gat_gtag_UA_90818801_3=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:51 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 18:56:57 GMT
Accept-Ranges: bytes
Content-Length: 1940
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png
www.facebook.com/tr/?id=136300506749581&ev=PageView&dl=https%3A%2F%2Ffiat.betaplanes.com%2F&rl=&if=false&ts=1674990538893&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1674990538892.1744684786&it=1674990538609&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=136300506749581&ev=PageView&dl=https%3A%2F%2Ffiat.betaplanes.com%2F&rl=&if=false&ts=1674990538893&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1674990538892.1744684786&it=1674990538609&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=136300506749581&ev=PageView&dl=https%3A%2F%2Ffiat.betaplanes.com%2F&rl=&if=false&ts=1674990538893&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1674990538892.1744684786&it=1674990538609&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 29 Jan 2023 11:08:51 GMT
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
142.250.74.35200 OK 34 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
IP 142.250.74.35:0
Hash 6e84a41cd2a6c7447ac200cd1353f770
50b4cc6b69e9c25d1e53c6690724f25ed1cd9b40
272800dbb14a0d834420a613aba3cf44547b67bd31fc6fcfc46575df036a330c
GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fiat.betaplanes.com
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 17:09:34 GMT
expires: Tue, 23 Jan 2024 17:09:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/javascript
age: 496757
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
res.cloudinary.com/hbrrdozyj/image/upload/v1603736815/Usamos-Cliengo_knac91.png
151.101.65.137200 OK 701 B URL HTTP/2 res.cloudinary.com/hbrrdozyj/image/upload/v1603736815/Usamos-Cliengo_knac91.png
IP 151.101.65.137:0
File type PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 242264fbeaa3ea5ea2646a052e31b51f
0d03bd83d1abd234cf2d1fa9ef074cde1b2feef5
856b12d7676ac78cdb0727e58eb586a1449a431a93f5496f79c068a1135305d9
GET /hbrrdozyj/image/upload/v1603736815/Usamos-Cliengo_knac91.png HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lw.cliengo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
etag: "242264fbeaa3ea5ea2646a052e31b51f"
last-modified: Mon, 26 Oct 2020 18:26:56 GMT
date: Sun, 29 Jan 2023 11:08:52 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=1;start=2023-01-29T11:08:52.023Z;desc=hit,rtt;dur=15
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
content-length: 701
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash f69c5f43bf99edb53b690cb0bba51efb
e303559ff0956b6bf963b572b17da2a713ce5206
bc95b0a6b8b9a1df9c53272c4324ca1d008699b3da74110efa37ed0118c66181
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:08:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lw.cliengo.com/widget.js
104.26.9.30200 OK 52 kB IP 104.26.9.30:0
File type ASCII text, with very long lines (64223)
Hash c490c13de03ea1c6b1758276f996761c
9eb5c3703fb6ee347c720a1ee9af0b18019e7e72
233c119267219554a96f5e31472e218fff0efdd09322d7429b229384053dad74
GET /widget.js HTTP/1.1
Host: lw.cliengo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lw.cliengo.com/s/5ccc3baae4b0b75b045c9cd4/5ccc3babe4b0b75b045c9cd7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:08:51 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=152910
etag: W/"2554e-18360c50848"
last-modified: Wed, 21 Sep 2022 15:57:49 GMT
vary: Accept-Encoding
via: 1.1 vegur
x-powered-by: Express
cf-cache-status: HIT
age: 1982333
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gtQ1XkzLGNNEHzYhcnDzZJ29iumkcaiPEznbgzb0KDalyu7gvATdH9S5KHtgBEK2Q%2FQAKilhlGMLk1vUVPnnGTK%2FUB%2B4M6gwXumb5ikt5w1cUfb4kMLI8JNsi3Z84Uj%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791183276f0bfab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash f69c5f43bf99edb53b690cb0bba51efb
e303559ff0956b6bf963b572b17da2a713ce5206
bc95b0a6b8b9a1df9c53272c4324ca1d008699b3da74110efa37ed0118c66181
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:08:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.icomoon.io/public/2f34c7d7b1/cliengowidget/style.css
54.193.7.186200 OK 2.7 kB URL HTTP/2 i.icomoon.io/public/2f34c7d7b1/cliengowidget/style.css
IP 54.193.7.186:0
File type Unicode text, UTF-8 text, with very long lines (8549)
Hash 1a303c91156b544c45fd42448de7ffe8
48b26226cfe65b9dd69655ae0b52bd0260f6060c
60a1aa08aa3e572c2734d6fa70438d2b15df1080ba708d128a36d737e425cefd
GET /public/2f34c7d7b1/cliengowidget/style.css HTTP/1.1
Host: i.icomoon.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lw.cliengo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 11:08:52 GMT
content-type: text/css
last-modified: Thu, 30 Dec 2021 16:28:10 GMT
vary: Accept-Encoding
etag: W/"61cdde1a-752"
cache-control: no-cache
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
lw.cliengo.com/incoming-message.mp3
104.26.9.30206 Partial Content 2.7 kB URL HTTP/2 lw.cliengo.com/incoming-message.mp3
IP 104.26.9.30:0
File type MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural\012- data
Hash 8b1c2a105f4cb78e309142c0664c8f8d
3fd35cc9204f9181db94b89e105adf174d305ba8
45378cb494cbf5168f5cbc64ae1f4c432a9fa40860711c1ab2a7065f4215358a
GET /incoming-message.mp3 HTTP/1.1
Host: lw.cliengo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://lw.cliengo.com/s/5ccc3baae4b0b75b045c9cd4/5ccc3babe4b0b75b045c9cd7
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
date: Sun, 29 Jan 2023 11:08:52 GMT
content-type: audio/mpeg
content-length: 2712
x-powered-by: Express
cache-control: public, max-age=31557600
last-modified: Wed, 21 Sep 2022 15:56:00 GMT
etag: W/"a98-18360c35e80"
via: 1.1 vegur
cf-cache-status: HIT
age: 915046
content-range: bytes 0-2711/2712
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bVUjU8zhLoGYIjCTgL0XXiigkyaozfPGxt38WAROAmQikyZUeo2ZgEn%2F4tsOC1a4vDr90zRq0qIsZ2l21Pi%2BHKJ0F%2BmbdwnR%2F60wNg8BAODG5gSR4U24PHEv6vYinJSc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7911832e9cb7fab8-OSL
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 29 Jan 2023 11:08:52 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash d2ade408af91f717110cf07d8d89c02a
997134ef254ea49d8aa40d48e55a715e06f9c315
81199c2fc337d94312e50e72a57ccf22e2f47060ddbd623ae9d836f24410a55a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:08:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lw.cliengo.com/s/companyid/socket-io.js
104.26.9.30200 OK 50 kB URL HTTP/2 lw.cliengo.com/s/companyid/socket-io.js
IP 104.26.9.30:0
File type ASCII text, with very long lines (49159)
Hash 8aa094fab1955c6edf0657cfa104bdc4
5abeef56fbca3bad456da16018b629be94a3a907
0cf1970945f9253bd1932a10e62031e1360a3bc466caa6edb3698a6bb9d0f1c1
GET /s/companyid/socket-io.js HTTP/1.1
Host: lw.cliengo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lw.cliengo.com/s/5ccc3baae4b0b75b045c9cd4/5ccc3babe4b0b75b045c9cd7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:08:52 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=62426
etag: W/"f3da-18360c35e80"
last-modified: Wed, 21 Sep 2022 15:56:00 GMT
vary: Accept-Encoding
via: 1.1 vegur
x-powered-by: Express
cf-cache-status: HIT
age: 1982136
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7J2YSMUqDy9fPo%2FMExgOm6wuJJcQUbugvUsj9M%2FLfENBZ07N1%2B2i7OEYo6neyQirkbZklvt99ODCZlSHEmYyqOO7kHWfkJ8nTE2ewWy9iX0PrmlatNQi3c%2B1SY13496s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7911832e9caefab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/6ca_5nH_o-4/sddefault.webp
142.250.74.86200 OK 9.6 kB URL HTTP/2 i.ytimg.com/vi_webp/6ca_5nH_o-4/sddefault.webp
IP 142.250.74.86:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dfa0c757d7d23c5c1b6dd2d16ba802eb
2e78b2a8d4c5bba2c31425ebb5bdaf711f790206
c5ecd2a965a2342cbbfc9910961f56db5e85aa8ee4086ec6ec78bccd225b5f69
GET /vi_webp/6ca_5nH_o-4/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 9584
date: Sun, 29 Jan 2023 11:08:53 GMT
expires: Sun, 29 Jan 2023 13:08:53 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bc7c4f207ec97cacb1eedd94d2f6b371
5f0948a39435ace8bacc4ac5fb3df19045908e42
bfb24fe4a1cb45a068b0a6432b03c20d00ea178aabea23498f2d1f0273bf6e1b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:08:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash d2ade408af91f717110cf07d8d89c02a
997134ef254ea49d8aa40d48e55a715e06f9c315
81199c2fc337d94312e50e72a57ccf22e2f47060ddbd623ae9d836f24410a55a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:08:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type gzip compressed data, max compression\012- data
Hash 3d41aac6d02feb1fde7283494b19108a
fe3ffb2ab31753daea33fb55bf4b4ace0a6061e7
53c33db0ad6ee509db0ac63ac17d1a529fa2e24686e9212cab7566ade6c98505
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:33:54 GMT
expires: Thu, 25 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 315299
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 07:51:59 GMT
expires: Thu, 25 Jan 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 357414
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.icomoon.io/public/2f34c7d7b1/cliengowidget/icomoon.woff2?99daqt
54.193.7.186200 OK 3.2 kB URL HTTP/2 i.icomoon.io/public/2f34c7d7b1/cliengowidget/icomoon.woff2?99daqt
IP 54.193.7.186:0
File type Web Open Font Format (Version 2), TrueType, length 3176, version 1.0\012- data
Hash 37283b3bc681c5c9b0d4b86fc827dc05
2c79d587c510f92a830f8d9c55594e9c2439af8e
be8bc2354ca787b21054bcc15885340168531ff30a85a41d11d7220e82356a80
GET /public/2f34c7d7b1/cliengowidget/icomoon.woff2?99daqt HTTP/1.1
Host: i.icomoon.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lw.cliengo.com
Connection: keep-alive
Referer: https://i.icomoon.io/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 11:08:53 GMT
content-type: font/woff2
content-length: 3176
last-modified: Thu, 30 Dec 2021 16:28:10 GMT
etag: "61cdde1a-c68"
cache-control: no-cache
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-90818801-3&cid=1990496833.1674990538&jid=542579993&gjid=115730940&_gid=249740080.1674990538&_u=YEDAAUABAAAAACAAI~&z=1812376832
64.233.165.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-90818801-3&cid=1990496833.1674990538&jid=542579993&gjid=115730940&_gid=249740080.1674990538&_u=YEDAAUABAAAAACAAI~&z=1812376832
IP 64.233.165.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-90818801-3&cid=1990496833.1674990538&jid=542579993&gjid=115730940&_gid=249740080.1674990538&_u=YEDAAUABAAAAACAAI~&z=1812376832 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://fiat.betaplanes.com
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://fiat.betaplanes.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 29 Jan 2023 11:08:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0187f1c22fc728e81cd4d1d8b27bd669
49a2ec1140634298d31add3d0421b407fd547763
45ffc16237eecfaa113b3e79ccd9a96fe56b65a40f8128b1574a4d80d476fc47
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "45FFC16237EECFAA113B3E79CCD9A96FE56B65A40F8128B1574A4D80D476FC47"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14152
Expires: Sun, 29 Jan 2023 15:04:45 GMT
Date: Sun, 29 Jan 2023 11:08:53 GMT
Connection: keep-alive
yt3.ggpht.com/ytc/AL5GRJVNV944KTqlIe5YcjeWNygfCGyzv-4qFyYF-3ezmQ=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 3.9 kB URL HTTP/2 yt3.ggpht.com/ytc/AL5GRJVNV944KTqlIe5YcjeWNygfCGyzv-4qFyYF-3ezmQ=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash b0c68dca61616c0f41cbec47a9d6b094
7362e3df70653f3eee1eea5a0aeca4117eb08577
af8becf0005a31f05a98ca5018bc4ff4bf0646c8e70ebea88ee5269b2a09c4c0
GET /ytc/AL5GRJVNV944KTqlIe5YcjeWNygfCGyzv-4qFyYF-3ezmQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v195"
expires: Mon, 30 Jan 2023 11:08:53 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 29 Jan 2023 11:08:53 GMT
server: fife
content-length: 3866
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
socketeer.cliengo.com/socket.io/?EIO=3&transport=websocket
3.220.57.224101 Switching Protocols 0 B URL HTTP/1.1 socketeer.cliengo.com/socket.io/?EIO=3&transport=websocket
IP 3.220.57.224:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: socketeer.cliengo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://lw.cliengo.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: v89AjLURAVNkCJr2E1arbg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-Websocket-Accept: 3vjoDhIv4JAk/FIRNyYQTiyeTeU=
Sec-Websocket-Extensions: permessage-deflate
Via: 1.1 vegur
fiat.betaplanes.com/wp-content/uploads/2018/07/cropped-Beta_512x512-192x192.png
107.180.88.128200 OK 26 kB URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2018/07/cropped-Beta_512x512-192x192.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash da136e1dc96982d89272b5b3e4d510f4
587ed73a6cb3a67c097bf20c26ab9be97ea90efd
ee15231884fad452a1fe33fae3a19b8dfe2744dd83e5d713c2e32aea1b1813f1
GET /wp-content/uploads/2018/07/cropped-Beta_512x512-192x192.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Cookie: ldkRefererTracking=direct; _gcl_au=1.1.980936468.1674990538; _ga=GA1.2.1990496833.1674990538; _gid=GA1.2.249740080.1674990538; _gat_gtag_UA_126018779_1=1; _gat_gtag_UA_90818801_3=1; _fbp=fb.1.1674990538892.1744684786; _gat_leadakiTracker=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:53 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 18:56:57 GMT
Accept-Ranges: bytes
Content-Length: 26393
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bc7c4f207ec97cacb1eedd94d2f6b371
5f0948a39435ace8bacc4ac5fb3df19045908e42
bfb24fe4a1cb45a068b0a6432b03c20d00ea178aabea23498f2d1f0273bf6e1b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:08:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 684f5cb5916f66d21a074674325ad19b
face881654edc5c4b3492b9e71a57df05b7074b6
1ce49c4affad983bbbccc831856d32861ef0909333382709c84fc851ebc6d9f2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:08:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 684f5cb5916f66d21a074674325ad19b
face881654edc5c4b3492b9e71a57df05b7074b6
1ce49c4affad983bbbccc831856d32861ef0909333382709c84fc851ebc6d9f2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:08:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1675012133&ei=xVPWY4v9AoqnyAWQlrzYBQ&ip=91.90.42.154&id=o-AOfcZVweeq46hVAYcXPa1pPparKy3fS30JusJhBZYBlT&itag=244&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=yt_otf&requiressl=yes&mh=Zp&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2216250&spc=H3gIhvn1EFokjdVJF3l4qtmRoXS3fAM&vprv=1&mime=video%2Fwebm&ns=nX6Raob36j4kLJqbdffBMxUL&otf=1&otfp=1&dur=0.000&lmt=1604982895627094&mt=1674990079&fvip=5&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&n=FTD8aGsbTALK2A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPNO8FDwTH6xBtY8HxG80_X05i7h-4F7zEsBhnEydgR2AiEA3Ct8kvTkk_4tkYKSZiC8KA93iqNtWmCXCGfAM08TXMM%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhALe7irRLrkbyEzQTF51diYnIuG2zZD3RdcsJ0sh8ko2xAiEA9VXRt0fWKLiPVWUjIbchOvYBJAp9X2egORGlFlZ1TGU%3D&alr=yes&cpn=gxrtPjEGZvC2vizJ&cver=1.20230111.01.00&sq=0&rn=1&rbuf=0
91.90.45.173200 OK 1.1 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1675012133&ei=xVPWY4v9AoqnyAWQlrzYBQ&ip=91.90.42.154&id=o-AOfcZVweeq46hVAYcXPa1pPparKy3fS30JusJhBZYBlT&itag=244&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=yt_otf&requiressl=yes&mh=Zp&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2216250&spc=H3gIhvn1EFokjdVJF3l4qtmRoXS3fAM&vprv=1&mime=video%2Fwebm&ns=nX6Raob36j4kLJqbdffBMxUL&otf=1&otfp=1&dur=0.000&lmt=1604982895627094&mt=1674990079&fvip=5&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&n=FTD8aGsbTALK2A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPNO8FDwTH6xBtY8HxG80_X05i7h-4F7zEsBhnEydgR2AiEA3Ct8kvTkk_4tkYKSZiC8KA93iqNtWmCXCGfAM08TXMM%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhALe7irRLrkbyEzQTF51diYnIuG2zZD3RdcsJ0sh8ko2xAiEA9VXRt0fWKLiPVWUjIbchOvYBJAp9X2egORGlFlZ1TGU%3D&alr=yes&cpn=gxrtPjEGZvC2vizJ&cver=1.20230111.01.00&sq=0&rn=1&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1053), with no line terminators
Hash 259d0a67897f19d1413239bbc1e5bba6
5f3cb4feedf675b3df672170d1b84f9c78bf9d1a
229e96be49d5cfa99a143f35ed51df263f0314262e0e78a6e2b65d203d654b0d
POST /videoplayback?expire=1675012133&ei=xVPWY4v9AoqnyAWQlrzYBQ&ip=91.90.42.154&id=o-AOfcZVweeq46hVAYcXPa1pPparKy3fS30JusJhBZYBlT&itag=244&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=yt_otf&requiressl=yes&mh=Zp&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2216250&spc=H3gIhvn1EFokjdVJF3l4qtmRoXS3fAM&vprv=1&mime=video%2Fwebm&ns=nX6Raob36j4kLJqbdffBMxUL&otf=1&otfp=1&dur=0.000&lmt=1604982895627094&mt=1674990079&fvip=5&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&n=FTD8aGsbTALK2A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPNO8FDwTH6xBtY8HxG80_X05i7h-4F7zEsBhnEydgR2AiEA3Ct8kvTkk_4tkYKSZiC8KA93iqNtWmCXCGfAM08TXMM%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhALe7irRLrkbyEzQTF51diYnIuG2zZD3RdcsJ0sh8ko2xAiEA9VXRt0fWKLiPVWUjIbchOvYBJAp9X2egORGlFlZ1TGU%3D&alr=yes&cpn=gxrtPjEGZvC2vizJ&cver=1.20230111.01.00&sq=0&rn=1&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Sun, 29 Jan 2023 11:08:53 GMT
Expires: Sun, 29 Jan 2023 11:08:53 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1053
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1675012133&ei=xVPWY4v9AoqnyAWQlrzYBQ&ip=91.90.42.154&id=o-AOfcZVweeq46hVAYcXPa1pPparKy3fS30JusJhBZYBlT&itag=251&source=youtube&requiressl=yes&mh=Zp&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2216250&spc=H3gIhvn1EFokjdVJF3l4qtmRoXS3fAM&vprv=1&mime=audio%2Fwebm&ns=nX6Raob36j4kLJqbdffBMxUL&gir=yes&clen=595391&otfp=1&dur=39.441&lmt=1564350907564176&mt=1674990079&fvip=5&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&n=FTD8aGsbTALK2A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgUaz1P--eu5v76b6dKtysG0R2_FmaJBEIkltXHUQVqXQCIGqk2R4ta5T6zOMNak61JGwGzX923vKH7nLR6SfmC0tU&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhALe7irRLrkbyEzQTF51diYnIuG2zZD3RdcsJ0sh8ko2xAiEA9VXRt0fWKLiPVWUjIbchOvYBJAp9X2egORGlFlZ1TGU%3D&alr=yes&cpn=gxrtPjEGZvC2vizJ&cver=1.20230111.01.00&range=0-65868&rn=2&rbuf=0
91.90.45.173200 OK 1.0 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1675012133&ei=xVPWY4v9AoqnyAWQlrzYBQ&ip=91.90.42.154&id=o-AOfcZVweeq46hVAYcXPa1pPparKy3fS30JusJhBZYBlT&itag=251&source=youtube&requiressl=yes&mh=Zp&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2216250&spc=H3gIhvn1EFokjdVJF3l4qtmRoXS3fAM&vprv=1&mime=audio%2Fwebm&ns=nX6Raob36j4kLJqbdffBMxUL&gir=yes&clen=595391&otfp=1&dur=39.441&lmt=1564350907564176&mt=1674990079&fvip=5&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&n=FTD8aGsbTALK2A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgUaz1P--eu5v76b6dKtysG0R2_FmaJBEIkltXHUQVqXQCIGqk2R4ta5T6zOMNak61JGwGzX923vKH7nLR6SfmC0tU&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhALe7irRLrkbyEzQTF51diYnIuG2zZD3RdcsJ0sh8ko2xAiEA9VXRt0fWKLiPVWUjIbchOvYBJAp9X2egORGlFlZ1TGU%3D&alr=yes&cpn=gxrtPjEGZvC2vizJ&cver=1.20230111.01.00&range=0-65868&rn=2&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1024), with no line terminators
Hash c5542a5a848be8db41eed35994d22c35
fba793bccce12c2a8d7665d079787bd386fe5263
7a98d5d5a1099c0145ec09789213939f86c442668828bb8bc2715e0c156614da
POST /videoplayback?expire=1675012133&ei=xVPWY4v9AoqnyAWQlrzYBQ&ip=91.90.42.154&id=o-AOfcZVweeq46hVAYcXPa1pPparKy3fS30JusJhBZYBlT&itag=251&source=youtube&requiressl=yes&mh=Zp&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2216250&spc=H3gIhvn1EFokjdVJF3l4qtmRoXS3fAM&vprv=1&mime=audio%2Fwebm&ns=nX6Raob36j4kLJqbdffBMxUL&gir=yes&clen=595391&otfp=1&dur=39.441&lmt=1564350907564176&mt=1674990079&fvip=5&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&n=FTD8aGsbTALK2A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgUaz1P--eu5v76b6dKtysG0R2_FmaJBEIkltXHUQVqXQCIGqk2R4ta5T6zOMNak61JGwGzX923vKH7nLR6SfmC0tU&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhALe7irRLrkbyEzQTF51diYnIuG2zZD3RdcsJ0sh8ko2xAiEA9VXRt0fWKLiPVWUjIbchOvYBJAp9X2egORGlFlZ1TGU%3D&alr=yes&cpn=gxrtPjEGZvC2vizJ&cver=1.20230111.01.00&range=0-65868&rn=2&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Sun, 29 Jan 2023 11:08:53 GMT
Expires: Sun, 29 Jan 2023 11:08:53 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1024
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 684f5cb5916f66d21a074674325ad19b
face881654edc5c4b3492b9e71a57df05b7074b6
1ce49c4affad983bbbccc831856d32861ef0909333382709c84fc851ebc6d9f2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:08:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 4c3813d559d4e8f0ad46bfef0de0d7ea
168db7b403236a47066ea375bc2504c66b679071
f02040e7d0ed7de4f40bf1d867ef2cbb4ffdb50b4473774bbf968af73e03b177
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:08:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 4c3813d559d4e8f0ad46bfef0de0d7ea
168db7b403236a47066ea375bc2504c66b679071
f02040e7d0ed7de4f40bf1d867ef2cbb4ffdb50b4473774bbf968af73e03b177
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:08:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr5---sn-5go7ynlk.googlevideo.com/videoplayback?expire=1675012133&ei=xVPWY4v9AoqnyAWQlrzYBQ&ip=91.90.42.154&id=o-AOfcZVweeq46hVAYcXPa1pPparKy3fS30JusJhBZYBlT&itag=251&source=youtube&requiressl=yes&spc=H3gIhvn1EFokjdVJF3l4qtmRoXS3fAM&vprv=1&mime=audio%2Fwebm&ns=nX6Raob36j4kLJqbdffBMxUL&gir=yes&clen=595391&otfp=1&dur=39.441&lmt=1564350907564176&keepalive=yes&fexp=24007246,24424483&c=WEB_EMBEDDED_PLAYER&n=FTD8aGsbTALK2A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgUaz1P--eu5v76b6dKtysG0R2_FmaJBEIkltXHUQVqXQCIGqk2R4ta5T6zOMNak61JGwGzX923vKH7nLR6SfmC0tU&alr=yes&cpn=gxrtPjEGZvC2vizJ&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=Zp&mm=29&mn=sn-5go7ynlk&ms=rdu&mt=1674990328&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgSGmQPfDQffjYhZM55XyI4M8dD2jSyAfzRH1OEvGixqQCIQDX0UFTh1og3PEPtDHpwSqio133iCi6igSNn12DBk2HRQ%3D%3D&range=0-65868&rn=4&rbuf=0&pot=D7T8LAGBfDZutMdWlOZvmIkLuA7uybZQTReGR2Hf1-mZZGShducJE3_A-B9ZeqclMTcri462RHxAjOcj4hSfrbZHKrQLo1iMi4eRX2QGMDNt53HVcK31HVEmIiz8s2_jXPDAKb0oonA=
173.194.6.10200 OK 1.2 kB URL HTTP/1.1 rr5---sn-5go7ynlk.googlevideo.com/videoplayback?expire=1675012133&ei=xVPWY4v9AoqnyAWQlrzYBQ&ip=91.90.42.154&id=o-AOfcZVweeq46hVAYcXPa1pPparKy3fS30JusJhBZYBlT&itag=251&source=youtube&requiressl=yes&spc=H3gIhvn1EFokjdVJF3l4qtmRoXS3fAM&vprv=1&mime=audio%2Fwebm&ns=nX6Raob36j4kLJqbdffBMxUL&gir=yes&clen=595391&otfp=1&dur=39.441&lmt=1564350907564176&keepalive=yes&fexp=24007246,24424483&c=WEB_EMBEDDED_PLAYER&n=FTD8aGsbTALK2A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgUaz1P--eu5v76b6dKtysG0R2_FmaJBEIkltXHUQVqXQCIGqk2R4ta5T6zOMNak61JGwGzX923vKH7nLR6SfmC0tU&alr=yes&cpn=gxrtPjEGZvC2vizJ&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=Zp&mm=29&mn=sn-5go7ynlk&ms=rdu&mt=1674990328&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgSGmQPfDQffjYhZM55XyI4M8dD2jSyAfzRH1OEvGixqQCIQDX0UFTh1og3PEPtDHpwSqio133iCi6igSNn12DBk2HRQ%3D%3D&range=0-65868&rn=4&rbuf=0&pot=D7T8LAGBfDZutMdWlOZvmIkLuA7uybZQTReGR2Hf1-mZZGShducJE3_A-B9ZeqclMTcri462RHxAjOcj4hSfrbZHKrQLo1iMi4eRX2QGMDNt53HVcK31HVEmIiz8s2_jXPDAKb0oonA=
IP 173.194.6.10:0
File type ASCII text, with very long lines (1172), with no line terminators
Hash 8dce8d7e796719b2c332986183d7e429
a70abd7cc141b38078e298cddd6185188b07c5da
b9ee767a7bc7c903e890b90bd9b6a8b52abe4959f4ddf3fb8ea02077277a6798
POST /videoplayback?expire=1675012133&ei=xVPWY4v9AoqnyAWQlrzYBQ&ip=91.90.42.154&id=o-AOfcZVweeq46hVAYcXPa1pPparKy3fS30JusJhBZYBlT&itag=251&source=youtube&requiressl=yes&spc=H3gIhvn1EFokjdVJF3l4qtmRoXS3fAM&vprv=1&mime=audio%2Fwebm&ns=nX6Raob36j4kLJqbdffBMxUL&gir=yes&clen=595391&otfp=1&dur=39.441&lmt=1564350907564176&keepalive=yes&fexp=24007246,24424483&c=WEB_EMBEDDED_PLAYER&n=FTD8aGsbTALK2A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgUaz1P--eu5v76b6dKtysG0R2_FmaJBEIkltXHUQVqXQCIGqk2R4ta5T6zOMNak61JGwGzX923vKH7nLR6SfmC0tU&alr=yes&cpn=gxrtPjEGZvC2vizJ&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=Zp&mm=29&mn=sn-5go7ynlk&ms=rdu&mt=1674990328&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgSGmQPfDQffjYhZM55XyI4M8dD2jSyAfzRH1OEvGixqQCIQDX0UFTh1og3PEPtDHpwSqio133iCi6igSNn12DBk2HRQ%3D%3D&range=0-65868&rn=4&rbuf=0&pot=D7T8LAGBfDZutMdWlOZvmIkLuA7uybZQTReGR2Hf1-mZZGShducJE3_A-B9ZeqclMTcri462RHxAjOcj4hSfrbZHKrQLo1iMi4eRX2QGMDNt53HVcK31HVEmIiz8s2_jXPDAKb0oonA= HTTP/1.1
Host: rr5---sn-5go7ynlk.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Sun, 29 Jan 2023 11:08:53 GMT
Expires: Sun, 29 Jan 2023 11:08:53 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1172
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr5---sn-5go7ynlk.googlevideo.com/videoplayback?expire=1675012133&ei=xVPWY4v9AoqnyAWQlrzYBQ&ip=91.90.42.154&id=o-AOfcZVweeq46hVAYcXPa1pPparKy3fS30JusJhBZYBlT&itag=244&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=yt_otf&requiressl=yes&spc=H3gIhvn1EFokjdVJF3l4qtmRoXS3fAM&vprv=1&mime=video%2Fwebm&ns=nX6Raob36j4kLJqbdffBMxUL&otf=1&otfp=1&dur=0.000&lmt=1604982895627094&keepalive=yes&fexp=24007246,24424483&c=WEB_EMBEDDED_PLAYER&n=FTD8aGsbTALK2A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPNO8FDwTH6xBtY8HxG80_X05i7h-4F7zEsBhnEydgR2AiEA3Ct8kvTkk_4tkYKSZiC8KA93iqNtWmCXCGfAM08TXMM%3D&alr=yes&cpn=gxrtPjEGZvC2vizJ&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=Zp&mm=29&mn=sn-5go7ynlk&ms=rdu&mt=1674990328&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgB0sYNha1MdpvFndHlP4cyjuFCbHwrriMCrlfPil1ylkCIQCDSLcsh-bb52WAeg4x83thWnjlRTm_Ar3GDB8MbgzDuw%3D%3D&sq=0&rn=3&rbuf=0&pot=D7T8LAGBfDZutMdWlOZvmIkLuA7uybZQTReGR2Hf1-mZZGShducJE3_A-B9ZeqclMTcri462RHxAjOcj4hSfrbZHKrQLo1iMi4eRX2QGMDNt53HVcK31HVEmIiz8s2_jXPDAKb0oonA=
173.194.6.10200 OK 1.2 kB URL HTTP/1.1 rr5---sn-5go7ynlk.googlevideo.com/videoplayback?expire=1675012133&ei=xVPWY4v9AoqnyAWQlrzYBQ&ip=91.90.42.154&id=o-AOfcZVweeq46hVAYcXPa1pPparKy3fS30JusJhBZYBlT&itag=244&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=yt_otf&requiressl=yes&spc=H3gIhvn1EFokjdVJF3l4qtmRoXS3fAM&vprv=1&mime=video%2Fwebm&ns=nX6Raob36j4kLJqbdffBMxUL&otf=1&otfp=1&dur=0.000&lmt=1604982895627094&keepalive=yes&fexp=24007246,24424483&c=WEB_EMBEDDED_PLAYER&n=FTD8aGsbTALK2A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPNO8FDwTH6xBtY8HxG80_X05i7h-4F7zEsBhnEydgR2AiEA3Ct8kvTkk_4tkYKSZiC8KA93iqNtWmCXCGfAM08TXMM%3D&alr=yes&cpn=gxrtPjEGZvC2vizJ&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=Zp&mm=29&mn=sn-5go7ynlk&ms=rdu&mt=1674990328&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgB0sYNha1MdpvFndHlP4cyjuFCbHwrriMCrlfPil1ylkCIQCDSLcsh-bb52WAeg4x83thWnjlRTm_Ar3GDB8MbgzDuw%3D%3D&sq=0&rn=3&rbuf=0&pot=D7T8LAGBfDZutMdWlOZvmIkLuA7uybZQTReGR2Hf1-mZZGShducJE3_A-B9ZeqclMTcri462RHxAjOcj4hSfrbZHKrQLo1iMi4eRX2QGMDNt53HVcK31HVEmIiz8s2_jXPDAKb0oonA=
IP 173.194.6.10:0
File type ASCII text, with very long lines (1207), with no line terminators
Hash 00c0f16a9bf64807643046c8c75c875e
c765a6f34de86c81deb93de044a15301c05ad6f7
29d8f643b4c1da38f2ddc163060b674a7f6a3c2f9e0a86de572191f360ec464f
POST /videoplayback?expire=1675012133&ei=xVPWY4v9AoqnyAWQlrzYBQ&ip=91.90.42.154&id=o-AOfcZVweeq46hVAYcXPa1pPparKy3fS30JusJhBZYBlT&itag=244&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=yt_otf&requiressl=yes&spc=H3gIhvn1EFokjdVJF3l4qtmRoXS3fAM&vprv=1&mime=video%2Fwebm&ns=nX6Raob36j4kLJqbdffBMxUL&otf=1&otfp=1&dur=0.000&lmt=1604982895627094&keepalive=yes&fexp=24007246,24424483&c=WEB_EMBEDDED_PLAYER&n=FTD8aGsbTALK2A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPNO8FDwTH6xBtY8HxG80_X05i7h-4F7zEsBhnEydgR2AiEA3Ct8kvTkk_4tkYKSZiC8KA93iqNtWmCXCGfAM08TXMM%3D&alr=yes&cpn=gxrtPjEGZvC2vizJ&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=Zp&mm=29&mn=sn-5go7ynlk&ms=rdu&mt=1674990328&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgB0sYNha1MdpvFndHlP4cyjuFCbHwrriMCrlfPil1ylkCIQCDSLcsh-bb52WAeg4x83thWnjlRTm_Ar3GDB8MbgzDuw%3D%3D&sq=0&rn=3&rbuf=0&pot=D7T8LAGBfDZutMdWlOZvmIkLuA7uybZQTReGR2Hf1-mZZGShducJE3_A-B9ZeqclMTcri462RHxAjOcj4hSfrbZHKrQLo1iMi4eRX2QGMDNt53HVcK31HVEmIiz8s2_jXPDAKb0oonA= HTTP/1.1
Host: rr5---sn-5go7ynlk.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Sun, 29 Jan 2023 11:08:53 GMT
Expires: Sun, 29 Jan 2023 11:08:53 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1207
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 4c3813d559d4e8f0ad46bfef0de0d7ea
168db7b403236a47066ea375bc2504c66b679071
f02040e7d0ed7de4f40bf1d867ef2cbb4ffdb50b4473774bbf968af73e03b177
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 11:08:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-5hnekn7z.googlevideo.com/videoplayback?expire=1675012133&ei=xVPWY4v9AoqnyAWQlrzYBQ&ip=91.90.42.154&id=o-AOfcZVweeq46hVAYcXPa1pPparKy3fS30JusJhBZYBlT&itag=251&source=youtube&requiressl=yes&spc=H3gIhvn1EFokjdVJF3l4qtmRoXS3fAM&vprv=1&mime=audio%2Fwebm&ns=nX6Raob36j4kLJqbdffBMxUL&gir=yes&clen=595391&otfp=1&dur=39.441&lmt=1564350907564176&keepalive=yes&fexp=24007246,24424483&c=WEB_EMBEDDED_PLAYER&n=FTD8aGsbTALK2A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgUaz1P--eu5v76b6dKtysG0R2_FmaJBEIkltXHUQVqXQCIGqk2R4ta5T6zOMNak61JGwGzX923vKH7nLR6SfmC0tU&alr=yes&cpn=gxrtPjEGZvC2vizJ&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7l,sn-5gose76&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Zp&mm=34&mn=sn-5hnekn7z&ms=ltu&mt=1674990290&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgbIqetp_MdBXEatDKEIUAMe1Eo2pznM6kZHoltn7m1_kCIBuDyUilBbcjgK3yS0QzRaE7BpcuM2EHRGZ4Cd_0EwPk&range=0-65868&rn=5&rbuf=0&pot=D7T8LAGBfDZutMdWlOZvmIkLuA7uybZQTReGR2Hf1-mZZGShducJE3_A-B9ZeqclMTcri462RHxAjOcj4hSfrbZHKrQLo1iMi4eRX2QGMDNt53HVcK31HVEmIiz8s2_jXPDAKb0oonA=
74.125.100.102200 OK 66 kB URL HTTP/1.1 rr1---sn-5hnekn7z.googlevideo.com/videoplayback?expire=1675012133&ei=xVPWY4v9AoqnyAWQlrzYBQ&ip=91.90.42.154&id=o-AOfcZVweeq46hVAYcXPa1pPparKy3fS30JusJhBZYBlT&itag=251&source=youtube&requiressl=yes&spc=H3gIhvn1EFokjdVJF3l4qtmRoXS3fAM&vprv=1&mime=audio%2Fwebm&ns=nX6Raob36j4kLJqbdffBMxUL&gir=yes&clen=595391&otfp=1&dur=39.441&lmt=1564350907564176&keepalive=yes&fexp=24007246,24424483&c=WEB_EMBEDDED_PLAYER&n=FTD8aGsbTALK2A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgUaz1P--eu5v76b6dKtysG0R2_FmaJBEIkltXHUQVqXQCIGqk2R4ta5T6zOMNak61JGwGzX923vKH7nLR6SfmC0tU&alr=yes&cpn=gxrtPjEGZvC2vizJ&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7l,sn-5gose76&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Zp&mm=34&mn=sn-5hnekn7z&ms=ltu&mt=1674990290&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgbIqetp_MdBXEatDKEIUAMe1Eo2pznM6kZHoltn7m1_kCIBuDyUilBbcjgK3yS0QzRaE7BpcuM2EHRGZ4Cd_0EwPk&range=0-65868&rn=5&rbuf=0&pot=D7T8LAGBfDZutMdWlOZvmIkLuA7uybZQTReGR2Hf1-mZZGShducJE3_A-B9ZeqclMTcri462RHxAjOcj4hSfrbZHKrQLo1iMi4eRX2QGMDNt53HVcK31HVEmIiz8s2_jXPDAKb0oonA=
IP 74.125.100.102:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash ccdf2848cde43c96e69a6827456521c8
c872bc0332863516443a6d5b41f99425314dc787
ed3a15cdcd02e628a6a70d1db2150d0eb2b04676fd2efa3bd5cf45518d37842f
POST /videoplayback?expire=1675012133&ei=xVPWY4v9AoqnyAWQlrzYBQ&ip=91.90.42.154&id=o-AOfcZVweeq46hVAYcXPa1pPparKy3fS30JusJhBZYBlT&itag=251&source=youtube&requiressl=yes&spc=H3gIhvn1EFokjdVJF3l4qtmRoXS3fAM&vprv=1&mime=audio%2Fwebm&ns=nX6Raob36j4kLJqbdffBMxUL&gir=yes&clen=595391&otfp=1&dur=39.441&lmt=1564350907564176&keepalive=yes&fexp=24007246,24424483&c=WEB_EMBEDDED_PLAYER&n=FTD8aGsbTALK2A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgUaz1P--eu5v76b6dKtysG0R2_FmaJBEIkltXHUQVqXQCIGqk2R4ta5T6zOMNak61JGwGzX923vKH7nLR6SfmC0tU&alr=yes&cpn=gxrtPjEGZvC2vizJ&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7l,sn-5gose76&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Zp&mm=34&mn=sn-5hnekn7z&ms=ltu&mt=1674990290&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgbIqetp_MdBXEatDKEIUAMe1Eo2pznM6kZHoltn7m1_kCIBuDyUilBbcjgK3yS0QzRaE7BpcuM2EHRGZ4Cd_0EwPk&range=0-65868&rn=5&rbuf=0&pot=D7T8LAGBfDZutMdWlOZvmIkLuA7uybZQTReGR2Hf1-mZZGShducJE3_A-B9ZeqclMTcri462RHxAjOcj4hSfrbZHKrQLo1iMi4eRX2QGMDNt53HVcK31HVEmIiz8s2_jXPDAKb0oonA= HTTP/1.1
Host: rr1---sn-5hnekn7z.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sun, 28 Jul 2019 21:55:07 GMT
Content-Type: audio/webm
Date: Sun, 29 Jan 2023 11:08:54 GMT
Expires: Sun, 29 Jan 2023 11:08:54 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 65869
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
fiat.betaplanes.com/wp-json/contact-form-7/v1/contact-forms/31132/refill
107.180.88.128200 OK 22 B URL HTTP/1.1 fiat.betaplanes.com/wp-json/contact-form-7/v1/contact-forms/31132/refill
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JSON data\012- , ASCII text, with no line terminators
Hash 061faf60a30dde2f20ba8f454c3020de
1940a26a9be338cb36f5b50a1d638ef36b124d51
21947b02ead137acb20e602e9448c7c453b2836d1a755aadd5e1c61ecd2eb034
Analyzer Verdict Alert fortinet Phishing
GET /wp-json/contact-form-7/v1/contact-forms/31132/refill HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fiat.betaplanes.com/
Connection: keep-alive
Cookie: ldkRefererTracking=direct; _gcl_au=1.1.980936468.1674990538; _ga=GA1.2.1990496833.1674990538; _gid=GA1.2.249740080.1674990538; _gat_gtag_UA_126018779_1=1; _gat_gtag_UA_90818801_3=1; _fbp=fb.1.1674990538892.1744684786; _gat_leadakiTracker=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:53 GMT
Server: Apache
Vary: Accept-Encoding,Cookie,Origin
X-Robots-Tag: noindex
Link: <https://fiat.betaplanes.com/wp-json/>; rel="https://api.w.org/"
X-Content-Type-Options: nosniff
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Allow: GET
Content-Encoding: gzip
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8
fiat.betaplanes.com/wp-json/contact-form-7/v1/contact-forms/73896/refill
107.180.88.128200 OK 22 B URL HTTP/1.1 fiat.betaplanes.com/wp-json/contact-form-7/v1/contact-forms/73896/refill
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JSON data\012- , ASCII text, with no line terminators
Hash 061faf60a30dde2f20ba8f454c3020de
1940a26a9be338cb36f5b50a1d638ef36b124d51
21947b02ead137acb20e602e9448c7c453b2836d1a755aadd5e1c61ecd2eb034
Analyzer Verdict Alert fortinet Phishing
GET /wp-json/contact-form-7/v1/contact-forms/73896/refill HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fiat.betaplanes.com/
Connection: keep-alive
Cookie: ldkRefererTracking=direct; _gcl_au=1.1.980936468.1674990538; _ga=GA1.2.1990496833.1674990538; _gid=GA1.2.249740080.1674990538; _gat_gtag_UA_126018779_1=1; _gat_gtag_UA_90818801_3=1; _fbp=fb.1.1674990538892.1744684786; _gat_leadakiTracker=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:53 GMT
Server: Apache
Vary: Accept-Encoding,Cookie,Origin
X-Robots-Tag: noindex
Link: <https://fiat.betaplanes.com/wp-json/>; rel="https://api.w.org/"
X-Content-Type-Options: nosniff
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Allow: GET
Content-Encoding: gzip
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8
rr1---sn-5hnekn7z.googlevideo.com/videoplayback?expire=1675012133&ei=xVPWY4v9AoqnyAWQlrzYBQ&ip=91.90.42.154&id=o-AOfcZVweeq46hVAYcXPa1pPparKy3fS30JusJhBZYBlT&itag=244&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=yt_otf&requiressl=yes&spc=H3gIhvn1EFokjdVJF3l4qtmRoXS3fAM&vprv=1&mime=video%2Fwebm&ns=nX6Raob36j4kLJqbdffBMxUL&otf=1&otfp=1&dur=0.000&lmt=1604982895627094&keepalive=yes&fexp=24007246,24424483&c=WEB_EMBEDDED_PLAYER&n=FTD8aGsbTALK2A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPNO8FDwTH6xBtY8HxG80_X05i7h-4F7zEsBhnEydgR2AiEA3Ct8kvTkk_4tkYKSZiC8KA93iqNtWmCXCGfAM08TXMM%3D&alr=yes&cpn=gxrtPjEGZvC2vizJ&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7l,sn-5gose76&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Zp&mm=34&mn=sn-5hnekn7z&ms=ltu&mt=1674990290&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgBBDY4SoMrU6UKUaGkJKMiai6lUosjWYH2XMMIj07CVkCIFt60ma2Zx-jrd8G3YIN6MWpPL5IuoVplXX00bKVOXIZ&sq=0&rn=8&rbuf=0&pot=D7T8LAGBfDZutMdWlOZvmIkLuA7uybZQTReGR2Hf1-mZZGShducJE3_A-B9ZeqclMTcri462RHxAjOcj4hSfrbZHKrQLo1iMi4eRX2QGMDNt53HVcK31HVEmIiz8s2_jXPDAKb0oonA=
74.125.100.102200 OK 304 B URL HTTP/1.1 rr1---sn-5hnekn7z.googlevideo.com/videoplayback?expire=1675012133&ei=xVPWY4v9AoqnyAWQlrzYBQ&ip=91.90.42.154&id=o-AOfcZVweeq46hVAYcXPa1pPparKy3fS30JusJhBZYBlT&itag=244&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=yt_otf&requiressl=yes&spc=H3gIhvn1EFokjdVJF3l4qtmRoXS3fAM&vprv=1&mime=video%2Fwebm&ns=nX6Raob36j4kLJqbdffBMxUL&otf=1&otfp=1&dur=0.000&lmt=1604982895627094&keepalive=yes&fexp=24007246,24424483&c=WEB_EMBEDDED_PLAYER&n=FTD8aGsbTALK2A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPNO8FDwTH6xBtY8HxG80_X05i7h-4F7zEsBhnEydgR2AiEA3Ct8kvTkk_4tkYKSZiC8KA93iqNtWmCXCGfAM08TXMM%3D&alr=yes&cpn=gxrtPjEGZvC2vizJ&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7l,sn-5gose76&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Zp&mm=34&mn=sn-5hnekn7z&ms=ltu&mt=1674990290&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgBBDY4SoMrU6UKUaGkJKMiai6lUosjWYH2XMMIj07CVkCIFt60ma2Zx-jrd8G3YIN6MWpPL5IuoVplXX00bKVOXIZ&sq=0&rn=8&rbuf=0&pot=D7T8LAGBfDZutMdWlOZvmIkLuA7uybZQTReGR2Hf1-mZZGShducJE3_A-B9ZeqclMTcri462RHxAjOcj4hSfrbZHKrQLo1iMi4eRX2QGMDNt53HVcK31HVEmIiz8s2_jXPDAKb0oonA=
IP 74.125.100.102:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash fa5a16142bc9e4ebadd0029a463b45c3
466cce4b0df603fa00ff4c667bed9d5ed02de053
17e92af3e665eb7391082b0e768297cb87a7609de5ad52d794baa2180d12c1b3
POST /videoplayback?expire=1675012133&ei=xVPWY4v9AoqnyAWQlrzYBQ&ip=91.90.42.154&id=o-AOfcZVweeq46hVAYcXPa1pPparKy3fS30JusJhBZYBlT&itag=244&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=yt_otf&requiressl=yes&spc=H3gIhvn1EFokjdVJF3l4qtmRoXS3fAM&vprv=1&mime=video%2Fwebm&ns=nX6Raob36j4kLJqbdffBMxUL&otf=1&otfp=1&dur=0.000&lmt=1604982895627094&keepalive=yes&fexp=24007246,24424483&c=WEB_EMBEDDED_PLAYER&n=FTD8aGsbTALK2A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPNO8FDwTH6xBtY8HxG80_X05i7h-4F7zEsBhnEydgR2AiEA3Ct8kvTkk_4tkYKSZiC8KA93iqNtWmCXCGfAM08TXMM%3D&alr=yes&cpn=gxrtPjEGZvC2vizJ&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7l,sn-5gose76&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Zp&mm=34&mn=sn-5hnekn7z&ms=ltu&mt=1674990290&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgBBDY4SoMrU6UKUaGkJKMiai6lUosjWYH2XMMIj07CVkCIFt60ma2Zx-jrd8G3YIN6MWpPL5IuoVplXX00bKVOXIZ&sq=0&rn=8&rbuf=0&pot=D7T8LAGBfDZutMdWlOZvmIkLuA7uybZQTReGR2Hf1-mZZGShducJE3_A-B9ZeqclMTcri462RHxAjOcj4hSfrbZHKrQLo1iMi4eRX2QGMDNt53HVcK31HVEmIiz8s2_jXPDAKb0oonA= HTTP/1.1
Host: rr1---sn-5hnekn7z.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 07 Jan 2023 14:38:01 GMT
Content-Type: video/webm
Date: Sun, 29 Jan 2023 11:08:54 GMT
Expires: Sun, 29 Jan 2023 11:08:54 GMT
Cache-Control: private, max-age=21299
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
fiat.betaplanes.com/wp-json/contact-form-7/v1/contact-forms/73896/refill
107.180.88.128200 OK 22 B URL HTTP/1.1 fiat.betaplanes.com/wp-json/contact-form-7/v1/contact-forms/73896/refill
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JSON data\012- , ASCII text, with no line terminators
Hash 061faf60a30dde2f20ba8f454c3020de
1940a26a9be338cb36f5b50a1d638ef36b124d51
21947b02ead137acb20e602e9448c7c453b2836d1a755aadd5e1c61ecd2eb034
Analyzer Verdict Alert fortinet Phishing
GET /wp-json/contact-form-7/v1/contact-forms/73896/refill HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fiat.betaplanes.com/
Connection: keep-alive
Cookie: ldkRefererTracking=direct; _gcl_au=1.1.980936468.1674990538; _ga=GA1.2.1990496833.1674990538; _gid=GA1.2.249740080.1674990538; _gat_gtag_UA_126018779_1=1; _gat_gtag_UA_90818801_3=1; _fbp=fb.1.1674990538892.1744684786; _gat_leadakiTracker=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:54 GMT
Server: Apache
Vary: Accept-Encoding,Cookie,Origin
X-Robots-Tag: noindex
Link: <https://fiat.betaplanes.com/wp-json/>; rel="https://api.w.org/"
X-Content-Type-Options: nosniff
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Allow: GET
Content-Encoding: gzip
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8
www.youtube.com/player_api
142.250.74.142200 OK 0 B URL HTTP/2 www.youtube.com/player_api
IP 142.250.74.142:0
GET /player_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Sun, 29 Jan 2023 11:08:51 GMT
date: Sun, 29 Jan 2023 11:08:51 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=wXBGKERybLk; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TkRBeU9UVTFNemczTWpVd01qVTVOQT09EMOn2Z4GGMOn2Z4G; Domain=.youtube.com; Expires=Fri, 28-Jul-2023 11:08:51 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=OAlGMq3bpjM; Domain=.youtube.com; Expires=Fri, 28-Jul-2023 11:08:51 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+470; expires=Tue, 28-Jan-2025 11:08:51 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fiat.betaplanes.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
107.180.88.128200 OK 0 B URL HTTP/1.1 fiat.betaplanes.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16 HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Mon, 27 Sep 2021 18:38:07 GMT
Accept-Ranges: bytes
Content-Length: 157610
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
lw.cliengo.com/mainclgo.bundle.js
104.26.9.30200 OK 0 B URL HTTP/2 lw.cliengo.com/mainclgo.bundle.js
IP 104.26.9.30:0
GET /mainclgo.bundle.js HTTP/1.1
Host: lw.cliengo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 11:08:50 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31557600
cf-bgj: minify
etag: W/"4596-18360c50848"
last-modified: Wed, 21 Sep 2022 15:57:49 GMT
vary: Accept-Encoding
via: 1.1 vegur
x-powered-by: Express
cf-cache-status: HIT
age: 886991
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwFtSmarHPNSD5CL%2B3iEuqc3rULjDwydncvjGx2JhcRFMX%2B%2BzXpIeZFStD%2FxBS%2FaackpuwT6TysROFZSVGeKXTbcOd8p75VQV96EAiSL2L5arBUGIW61E6BM2jIhTUgD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79118321198ffab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
fiat.betaplanes.com/wp-content/uploads/2018/07/LogoBeta-Plan_Mesa-de-trabajo-1-1-1.png
107.180.88.128200 OK 0 B URL HTTP/1.1 fiat.betaplanes.com/wp-content/uploads/2018/07/LogoBeta-Plan_Mesa-de-trabajo-1-1-1.png
IP 107.180.88.128:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
GET /wp-content/uploads/2018/07/LogoBeta-Plan_Mesa-de-trabajo-1-1-1.png HTTP/1.1
Host: fiat.betaplanes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiat.betaplanes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 11:08:50 GMT
Server: Apache
Last-Modified: Tue, 01 Sep 2020 19:20:44 GMT
Accept-Ranges: bytes
Content-Length: 27891
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png