Report - flokbaby.it/mymet/b928e

Report Overview

Visited public
2023-08-19 11:44:59
Tags
crypto phishing
URL
flokbaby.it/mymet/b928e
Finishing URL
flokbaby.it/mymet/b928e/secure.html
IP / ASN
77.83.64.33
#12637 SEEWEB s.r.l.
Title
MetaMask - A crypto wallet & gateway to blockchain apps
Phishing - Generic Crypto/Wallet

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-08-18 17:41:21	16 kB	342 kB	142.250.74.164
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-08-18 17:44:41	21 kB	2.9 MB	216.58.211.3
accdn.lpsnmedia.net	3410	2010-08-04	2014-02-08 00:25:14	2023-08-15 21:45:23	2.0 kB	45 kB	178.249.97.99
lpcdn.lpsnmedia.net	3501	2010-08-04	2014-04-27 12:17:58	2023-08-17 18:26:07	1.7 kB	74 kB	178.249.97.98
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-08-18 17:40:58	891 B	3.1 kB	142.250.74.106
flokbaby.it	unknown	2020-03-03	2020-03-03 17:20:36	2023-08-15 20:33:06	29 kB	3.7 MB	77.83.64.33
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-08-18 17:40:30	1.7 kB	3.5 kB	142.250.74.131
forms.hsforms.com	5160	2013-09-18	2018-03-07 16:21:13	2023-08-18 17:39:50	476 B	3.2 kB	104.17.210.243
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-08-18 17:45:52	11 kB	423 kB	216.58.207.227
ocsp.sectigo.com	487	2018-08-16	2019-11-29 12:50:24	2023-08-18 18:00:12	660 B	1.9 kB	104.18.15.101
perf.hsforms.com	10768	2013-09-18	2020-07-03 15:11:28	2023-08-18 17:15:33	490 B	1.1 kB	104.17.210.243
js.hsforms.net	7264	2013-09-18	2013-09-26 04:52:40	2023-08-18 18:38:28	528 B	2.5 kB	104.16.187.65

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-08-18	medium	flokbaby.it/mymet/b928e	Crypto/Wallet

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (56)

	URL	From	Size	First Seen	Last Seen
	flokbaby.it/mymet/b928e/meta/jsonp	ScriptElement	278 kB	2023-03-07	2024-12-31
Pretty URL flokbaby.it/mymet/b928e/meta/jsonp IP 77.83.64.33 ASN #12637 SEEWEB s.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29 Last Seen2024-12-31 05:03 Times Seen36 Hash 7efac8c0fa8e30db7a423500ef59abab be73717f776f24dd31498c27a1b02b784570d5bb 102411780270584690575675e14e574ef8a16cf6fdd5700d5682e68a8d2cc00d Loading...

	accdn.lpsnmedia.net/api/account/88982875/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB	ScriptElement	3.4 kB	2023-08-16	2024-08-21
Pretty URL accdn.lpsnmedia.net/api/account/88982875/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB IP 178.249.97.99 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-16 11:32 Last Seen2024-08-21 08:36 Times Seen2 Hash 28300d482a47115aed9944b7515ba4cc eacd2f248f4b6a22215ba905895cbd1d9d477599 f857027613658b319824dbd0b0aa6738ec2185d21f4c643d6bfc6157652da8a4 Loading...

	flokbaby.it/mymet/b928e/meta/recaptcha__nl.js.download	ScriptElement	354 kB	2023-03-07	2024-12-31
Pretty URL flokbaby.it/mymet/b928e/meta/recaptcha__nl.js.download IP 77.83.64.33 ASN #12637 SEEWEB s.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29 Last Seen2024-12-31 05:03 Times Seen66 Hash e735084e8ffed1ad8d89df08d98d4d23 6cdab8dac12030c8bc980ec129affecc626285c3 6cde5be2d724e53c8c4a97041365d3075e3af63ec08e1712b2f831b6e2bd357b Loading...

	js.hsforms.net/forms-next/shell-recaptcha	ScriptElement	540 B	2023-04-05	2025-02-03
Pretty URL js.hsforms.net/forms-next/shell-recaptcha IP 104.16.187.65 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 05:29 Last Seen2025-02-03 10:04 Times Seen100 Hash 0ef8295b6b00040322f2dcbc2dad3a7b 3c3f471eb10ddba84126b623484930b3c99a8014 8f6e0ed5457a4e0086d8f5754cf5beb474f716ed08184676d4768c88bffb2c63 Loading...

	flokbaby.it/mymet/b928e/secure.html	ScriptElement	73 B	2023-03-07	2025-05-06
Pretty URL flokbaby.it/mymet/b928e/secure.html IP 77.83.64.33 ASN #12637 SEEWEB s.r.l. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:24 Last Seen2025-05-06 11:44 Times Seen200 Hash ccf7a258eee5e12d2cb3d813a5da86c8 0d0c6985e493d2f610870c9259901a2511734328 441b05bfa42c0b589fd682ec21e9ba36e55f6ec2718fbb259a812cd0b999c28e Loading...

	www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js	ScriptElement	461 kB	2023-08-18	2023-08-31
Pretty URL www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js IP 216.58.211.3 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-18 04:48 Last Seen2023-08-31 09:12 Times Seen1265 Hash e346196cabbe1100839406d8f02a31c3 24f54bd82fdab0dc9bc5c6a71e33eefc02286aad 9dab174b3b1ef754d71d613162c1e1f5b88f9f317da8d1f14c146be9c6d9fd35 Loading...

	flokbaby.it/mymet/b928e/secure.html	ScriptElement	181 B	2023-03-07	2025-05-09
Pretty URL flokbaby.it/mymet/b928e/secure.html IP 77.83.64.33 ASN #12637 SEEWEB s.r.l. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:17 Last Seen2025-05-09 11:08 Times Seen15839 Hash 0e9e3ad57abeefde87342864450cc232 4dc8676bf3417d597053d5f253fce034007f63da 9a37601d1f5a5f2fba3b000694d4bf5e035c606d5485dd94e2997cbe2efe5c26 Loading...

	flokbaby.it/mymet/b928e/sandbox%20eval%20code		147 B	2023-04-11	2025-05-09
Pretty URL flokbaby.it/mymet/b928e/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 13:10 Times Seen341444 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	flokbaby.it/mymet/b928e/secure.html	ScriptElement	164 B	2023-03-07	2025-05-06
Pretty URL flokbaby.it/mymet/b928e/secure.html IP 77.83.64.33 ASN #12637 SEEWEB s.r.l. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02 Last Seen2025-05-06 11:44 Times Seen134 Hash 9fb685752617cf9403453cc16f9b0469 84d82954770f482fbea43960d5a5dc36e3572d1a d57443d0c7faf37db40a6058be8401314277c4b2662d8ed301ee6c0bd99a8c4d Loading...

	flokbaby.it/mymet/b928e/meta/tag.js.download	ScriptElement	22 kB	2023-03-07	2024-12-23
Pretty URL flokbaby.it/mymet/b928e/meta/tag.js.download IP 77.83.64.33 ASN #12637 SEEWEB s.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2024-12-23 16:45 Times Seen103 Hash e2ee8a9cd68c3d310a4c62fdb4b5c93a 67eb5f9547f1d9de0a8b143c3b50511c26281399 145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7 Loading...

	flokbaby.it/mymet/b928e/secure.html	ScriptElement	1.8 kB	2023-03-07	2025-05-06
Pretty URL flokbaby.it/mymet/b928e/secure.html IP 77.83.64.33 ASN #12637 SEEWEB s.r.l. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 17:55 Last Seen2025-05-06 11:44 Times Seen114 Hash 8b1fb904d189e68aaf32a2223915fdfd d1a510fab3db50f7482275581d2171914e1d6631 c1863d7b43731c0cb9a160099c3fa80215e0b0966f27061f78eb6af1da84f026 Loading...

	lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=https%3A%2F%2Fflokbaby.it&site=88982875&env=prod&isCrossDomain=true	ScriptElement	39 kB	2023-03-07	2024-12-23
Pretty URL lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=https%3A%2F%2Fflokbaby.it&site=88982875&env=prod&isCrossDomain=true IP 178.249.97.98 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2024-12-23 16:45 Times Seen55 Hash a3a38a5d6888ddc1831a811e9d428c77 2ca5b076aea8b4c6ff7ad1873de4ade91d66511f d4676cbbadec76c9f89f5b771a7f4927d544b4d76801e40e9957493e038e0db4 Loading...

	flokbaby.it/mymet/b928e/meta/plx.chock.js	ScriptElement	3.4 kB	2023-03-07	2025-05-03
Pretty URL flokbaby.it/mymet/b928e/meta/plx.chock.js IP 77.83.64.33 ASN #12637 SEEWEB s.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29 Last Seen2025-05-03 11:49 Times Seen81 Hash 5acfeead7d13511cdef767305b87e3f8 ec5337e62f1e64d3aaba3bf41a41b5f876964922 b9417c5359a2259bb564852a1ebd2b743b79ac06efdee42dc53456f8445ad246 Loading...

	flokbaby.it/mymet/b928e/meta/webfont.js.download	ScriptElement	13 kB	2023-03-07	2025-05-09
Pretty URL flokbaby.it/mymet/b928e/meta/webfont.js.download IP 77.83.64.33 ASN #12637 SEEWEB s.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-09 11:08 Times Seen17504 Hash 7c96a5f11d9741541d5e3c42ff6380d7 d3fa2564c021cf730e58ffddb138cf6b57ed126e 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Loading...

	flokbaby.it/mymet/b928e/meta/v2.js.download	ScriptElement	579 kB	2023-03-09	2024-12-23
Pretty URL flokbaby.it/mymet/b928e/meta/v2.js.download IP 77.83.64.33 ASN #12637 SEEWEB s.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 10:05 Last Seen2024-12-23 16:45 Times Seen62 Hash d3b2366c9977c975fc6abdc6a119c361 ed6031ba0b0efe5b77acd0382f8d647f2cc88018 7f82030e7f8b2956fcb539a7cf3f1d80907d28d02c2696ac0560daf3cfafaa25 Loading...

	forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=	ScriptElement	5.8 kB	2024-08-21	2024-08-21
Pretty URL forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk= IP 104.17.210.243 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 08:24 Last Seen2024-08-21 08:24 Times Seen1 Hash f006c0666787fed6fa7c81d43618b46e c0e163fb7972a9127694d70920b625e45e1c0beb 82ef4f179c2cb7fbc1f238978b86a1be464a7529d7b8c3631eedafa975ff2eeb Loading...

	flokbaby.it/mymet/b928e/secure.html	ScriptElement	116 B	2023-03-07	2025-05-06
Pretty URL flokbaby.it/mymet/b928e/secure.html IP 77.83.64.33 ASN #12637 SEEWEB s.r.l. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02 Last Seen2025-05-06 11:44 Times Seen140 Hash 65eedcd8ea68974fc10b18a001f5ff0d d57d865c29e2ba5f817f850194c33f6d1e7ea064 681e6299492c0b7a15980513d81a420ff8d912dadc14d90148b77bd81018926e Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mbG9rYmFieS5pdDo0NDM.&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=eaoit81ntzxz	ScriptElement	75 B	2023-03-07	2025-05-09
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mbG9rYmFieS5pdDo0NDM.&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=eaoit81ntzxz IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:15 Last Seen2025-05-09 13:10 Times Seen14232 Hash dca9d53787fff314e5bd1a123b28906a 1350c858f60bbb03d1b53b05cbad6cea82ff29d1 2475d902b4182bac667d464a44c89ee405e5cfd64156b30f811557cf2b347e2f Loading...

	flokbaby.it/mymet/b928e/meta/analytics.js.download	ScriptElement	50 kB	2023-03-07	2025-05-04
Pretty URL flokbaby.it/mymet/b928e/meta/analytics.js.download IP 77.83.64.33 ASN #12637 SEEWEB s.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-04 17:44 Times Seen272 Hash d40531c5e99a6f84e42535859476fe35 a901817d77b2fe5259c298c91bc65c54d7f8a1a9 a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Loading...

	www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true	ScriptElement	1.0 kB	2023-08-19	2023-08-25
Pretty URL www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-19 13:45 Last Seen2023-08-25 12:18 Times Seen8 Hash aac3288b87f93219ccd838f40e3985d7 4f1e30acf86e034db135c6d666702fc72f86c155 8eace2ac1082d16eaa54c0851cf077baf7d925e1791e24df78d4d1d72fe02958 Loading...

	lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.js?loc=https%3A%2F%2Fflokbaby.it&site=88982875&force=1&env=prod&isCrossDomain=true	ScriptElement	39 kB	2023-03-07	2024-12-31
Pretty URL lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.js?loc=https%3A%2F%2Fflokbaby.it&site=88982875&force=1&env=prod&isCrossDomain=true IP 178.249.97.98 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2024-12-31 05:03 Times Seen69 Hash 3386ec5559f1ba569cf0ab6acab436cc e98e11d37c5172ee128a85f68447efb3cb0e853c 996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73 Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=12gauca4ue83	ScriptElement	44 kB	2024-08-21	2024-08-21
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=12gauca4ue83 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 08:24 Last Seen2024-08-21 08:24 Times Seen1 Hash 22ee7bd01e7d8925a10acf18b66e5337 7bf913f800a27fa195217b02ef98b272e05ea4fe 1c3bc3310a561ea6a422a4500e0268e8511cf558e1936d1e010f51030ebe2585 Loading...

	flokbaby.it/mymet/b928e/meta/js	ScriptElement	92 kB	2023-03-07	2024-12-31
Pretty URL flokbaby.it/mymet/b928e/meta/js IP 77.83.64.33 ASN #12637 SEEWEB s.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20 Last Seen2024-12-31 05:03 Times Seen37 Hash fb2ab9b8632250b0d7aa50c08150cfe1 73b3f266ac08c9fb07e1de1664fed384ccd5bc86 5d419e0ff614b331e4f8fed2ba7c1380b1f5983f98d820a6a0f7040b55f60b5b Loading...

	accdn.lpsnmedia.net/api/account/88982875/configuration/setting/accountproperties/?cb=lpCb25449x5771	ScriptElement	6.7 kB	2024-08-21	2024-08-21
Pretty URL accdn.lpsnmedia.net/api/account/88982875/configuration/setting/accountproperties/?cb=lpCb25449x5771 IP 178.249.97.99 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 08:24 Last Seen2024-08-21 08:24 Times Seen1 Hash 93b19d0ffaa14fd410b16ee3b94ac3ae 48a08b73cbdd7bd224cab7d763a72b1e619a0b9e 94a0df5933f6c58967027804e1e59f85f231a053f16c2b9ea616efde1d9913ab Loading...

	www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 13:13 Times Seen4636113 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-09
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 13:10 Times Seen340643 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	flokbaby.it/mymet/b928e/meta/webflow.js.download	ScriptElement	601 kB	2023-03-07	2025-05-06
Pretty URL flokbaby.it/mymet/b928e/meta/webflow.js.download IP 77.83.64.33 ASN #12637 SEEWEB s.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20 Last Seen2025-05-06 11:44 Times Seen100 Hash 9758f7e3aa0c79ea7a3cadb16d10087b 07f3c4e552e28eba6172f53d6dcf981a55f42031 0bb0c326dfc33136ad88e7454f06d22398a75f57f5eef79a30b218c171136f0d Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mbG9rYmFieS5pdDo0NDM.&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=eaoit81ntzxz	ScriptElement	44 kB	2024-08-21	2024-08-21
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mbG9rYmFieS5pdDo0NDM.&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=eaoit81ntzxz IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 08:24 Last Seen2024-08-21 08:24 Times Seen1 Hash 79814b4726450f64fac1b3aad5e5bff6 5052d2a36db5ad0f2bc6d284b53468f5076703da 2f9b95cf51ca6373a975487fa043ccc06f036c5c41e45aa3c279a0cc750a2fea Loading...

	accdn.lpsnmedia.net/api/account/88982875/configuration/domainprotection/refererrestrictions?cb=lpCb41938x70017	ScriptElement	113 B	2024-08-21	2024-08-21
Pretty URL accdn.lpsnmedia.net/api/account/88982875/configuration/domainprotection/refererrestrictions?cb=lpCb41938x70017 IP 178.249.97.99 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 08:24 Last Seen2024-08-21 08:24 Times Seen1 Hash 657546de4d3f923ce621f52f62739fd1 911b8d31caff28e1c1dc3dad0b63bdda77a5528a a49a91771f260f623a18590e0d03e325c3110a50e57ccba77635cc9fd2716006 Loading...

	flokbaby.it/mymet/b928e/meta/jquery-3.5.1.min.dc5e7f18c8.js.download	ScriptElement	90 kB	2023-03-07	2025-05-09
Pretty URL flokbaby.it/mymet/b928e/meta/jquery-3.5.1.min.dc5e7f18c8.js.download IP 77.83.64.33 ASN #12637 SEEWEB s.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 13:09 Times Seen108616 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	flokbaby.it/mymet/b928e/secure.html	ScriptElement	184 B	2023-03-07	2025-05-06
Pretty URL flokbaby.it/mymet/b928e/secure.html IP 77.83.64.33 ASN #12637 SEEWEB s.r.l. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02 Last Seen2025-05-06 11:44 Times Seen149 Hash 12c0659e2686c193368d09f53edc8090 e2a481f856253ec2b3dfe266ab035bc1ca650b72 7269e1e3bae2d22edc632e41922fd7e090dd785fdb749c05b577f78e9126075c Loading...

	flokbaby.it/mymet/b928e/meta/enterprise.js.download	ScriptElement	1.0 kB	2023-03-07	2024-12-31
Pretty URL flokbaby.it/mymet/b928e/meta/enterprise.js.download IP 77.83.64.33 ASN #12637 SEEWEB s.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29 Last Seen2024-12-31 05:03 Times Seen67 Hash d07e7630bc23cbdd7520d0a4f086c922 b50685923a96d55109959fdf21f369d902971b2a 15c0f679abecff8fba48dbe673343f3e0f2a07c439d3f631722fccd2af2e1df2 Loading...

	flokbaby.it/mymet/b928e/meta/anchor.html	ScriptElement	33 kB	2023-03-09	2025-05-03
Pretty URL flokbaby.it/mymet/b928e/meta/anchor.html IP 77.83.64.33 ASN #12637 SEEWEB s.r.l. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 10:05 Last Seen2025-05-03 11:49 Times Seen91 Hash 27fe4cb47aa233ddd8165960b6d65929 11cc82d6e20cc46d88bacc3ed4bfb3f24bbf4b3b 692d9a7342c1fcb4c0417afee37d21695396088ca85a5a29f116f63189e0c595 Loading...

	flokbaby.it/mymet/b928e/meta/bframe.html	ScriptElement	175 B	2023-03-07	2025-05-03
Pretty URL flokbaby.it/mymet/b928e/meta/bframe.html IP 77.83.64.33 ASN #12637 SEEWEB s.r.l. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:17 Last Seen2025-05-03 11:49 Times Seen98 Hash 117ee3a6ec35b36713c5e48205ff5fce 8f892b6a14a32c6e5e1cf000d06b18535a7b6238 7317f1aa4ede14314da978897b86477afe5fbc7b634899c0e33a740ca235e675 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 272eb139968a9665de1db4beccf568d2	22 B	2023-03-09 10:05	2024-12-23 16:45
Pretty Observations First Seen2023-03-09 10:05 Last Seen2024-12-23 16:45 Times Seen63 Hash 272eb139968a9665de1db4beccf568d2 e6505fdd0680c557e102b20212d31942c7d24429 26ef4c313a8ffd1b7fc79977328690a19336ac1187fa07d9cfc3a8327f5a08ba Loading...

	#2 Eval - d1fd412b0227656a3c136cb8bca3aa5c	17 kB	2024-08-21 08:24	2024-08-21 08:24
Pretty Observations First Seen2024-08-21 08:24 Last Seen2024-08-21 08:24 Times Seen1 Hash d1fd412b0227656a3c136cb8bca3aa5c d98e199107e08268e0a957b384b6ffdcebbd0976 ac70d7bba14f6540bd9f3fabe1533e3ed8cd1e57576026e7f1faddfc1f1f1f2d Loading...

	#3 Eval - b37ea80c6981c6ccd04ac272fd3d0c11	60 B	2023-08-13 09:08	2024-08-21 08:52
Pretty Observations First Seen2023-08-13 09:08 Last Seen2024-08-21 08:52 Times Seen308 Hash b37ea80c6981c6ccd04ac272fd3d0c11 b35908b4d00d1e1e46ee2d4ad5f980aec4cce194 9ff459cfc5f900830d2fa470e54ffc1ede15fa58fe87c1179beefe2d32e9bcd4 Loading...

	#4 Eval - 048a9a9850392ab32c456f349368e587	16 kB	2023-08-13 09:08	2024-08-21 08:52
Pretty Observations First Seen2023-08-13 09:08 Last Seen2024-08-21 08:52 Times Seen308 Hash 048a9a9850392ab32c456f349368e587 3d62eb6f89ad440debc95b791c82729a89f03252 485b6f2a021f4334a9e25bf749454c0046b23073501a7a156219e19842d124a1 Loading...

	#5 Eval - 86bc822035733695526c28eadce128e5	16 kB	2024-08-21 08:24	2024-08-21 08:24
Pretty Observations First Seen2024-08-21 08:24 Last Seen2024-08-21 08:24 Times Seen1 Hash 86bc822035733695526c28eadce128e5 6eae7858043a8df07110593c997cf875c50143f0 636eb015a2d9b1b329e4c43b352259524d5188c73a77fb6ad4e81e5fb620534a Loading...

	#6 Eval - dfa8e3be2b87ad419bbd4cfb0359d716	22 B	2023-08-13 09:08	2024-08-21 08:52
Pretty Observations First Seen2023-08-13 09:08 Last Seen2024-08-21 08:52 Times Seen308 Hash dfa8e3be2b87ad419bbd4cfb0359d716 185104640f22de26f041ea23a67190dc51a5bf88 7884c30856a44e60a9928a8e52928d81c8af0e1d2fbf87c97e051be8b39f6e82 Loading...

	#7 Eval - 4572d55394e900fc0f23ef5ecb075a03	20 kB	2024-08-21 08:24	2024-08-21 08:24
Pretty Observations First Seen2024-08-21 08:24 Last Seen2024-08-21 08:24 Times Seen1 Hash 4572d55394e900fc0f23ef5ecb075a03 724f5b1f6aac09d45ea9e44c779d2e0ef3229220 bd661ea6320091199b53c1ce264981cb9bf626560aa534424c8e1685fd24d512 Loading...

	#8 Eval - aba5c6f15ea735d08715eb78295909a0	22 kB	2024-08-21 08:24	2024-08-21 08:24
Pretty Observations First Seen2024-08-21 08:24 Last Seen2024-08-21 08:24 Times Seen1 Hash aba5c6f15ea735d08715eb78295909a0 1f38fe4ed3d6d9f6170a325aacfacc84ddbacb43 5dc6e2e10904612130914acbf44d1e92191c4fc7b15a88f132c0d096519e90b6 Loading...

	#9 Eval - 89bd09467fcf972e2e31479d8362119b	22 B	2023-08-17 16:23	2024-08-21 08:31
Pretty Observations First Seen2023-08-17 16:23 Last Seen2024-08-21 08:31 Times Seen482 Hash 89bd09467fcf972e2e31479d8362119b eb62943799ff64ddc091960c8dd02ef1daf34008 fad7a71298be0c9a5a3e4a6ea9b00be919a80061b9cbaaaacce78f81f5db80c5 Loading...

	#10 Eval - 4206274e66169cfa52363e7992d5e6ba	17 kB	2024-08-21 08:24	2024-08-21 08:24
Pretty Observations First Seen2024-08-21 08:24 Last Seen2024-08-21 08:24 Times Seen1 Hash 4206274e66169cfa52363e7992d5e6ba bd4278be0197c3eb7927cfe7240422fbab3c770b 37c81efc8beac5485d73c69df6ca2f8048d72b3ddbeee3831e26c6554148e1dc Loading...

	#11 Eval - 0f73cfb2a7dd102466ba89e462fc6bc2	64 B	2023-08-17 16:23	2024-08-21 08:31
Pretty Observations First Seen2023-08-17 16:23 Last Seen2024-08-21 08:31 Times Seen483 Hash 0f73cfb2a7dd102466ba89e462fc6bc2 bac7684b917eb345707a0daafa61db677d90e976 30945008e16eabad892034aa6430c1cb3ecb3f83e458a018a1f7d1ae7521eddc Loading...

	#12 Eval - eb1f92ae8599aa07646f4bf47c6d2554	18 kB	2024-08-21 08:24	2024-08-21 08:24
Pretty Observations First Seen2024-08-21 08:24 Last Seen2024-08-21 08:24 Times Seen1 Hash eb1f92ae8599aa07646f4bf47c6d2554 5a752db7f267ab9b3db9e08529fbfcf712650a8d ccd79b1752445e4f67e00dd11101e8b16fb5acf1f388b5d9a6a8948650e8f199 Loading...

	#13 Eval - 18030ad613dbe2d0f597b0a79eec8281	18 kB	2024-08-21 08:24	2024-08-21 08:24
Pretty Observations First Seen2024-08-21 08:24 Last Seen2024-08-21 08:24 Times Seen1 Hash 18030ad613dbe2d0f597b0a79eec8281 3c7d065bcafda77fc8866d0012e78cec2eed5bb6 d299d0b5a6b2c4d17c84a5cd0d34b1e82ee80b2e9af9500a18a3159d8b2774c9 Loading...

	#14 Eval - e441937c4f2f07f6d3354c6ad1b22c66	22 B	2023-08-17 16:23	2024-08-21 08:31
Pretty Observations First Seen2023-08-17 16:23 Last Seen2024-08-21 08:31 Times Seen480 Hash e441937c4f2f07f6d3354c6ad1b22c66 21f145951b64155a76a793cd33b66fe128d93de1 f132be20496bc0923dbd1f9fff8fe5f20480a25118d64fcba8f17dbcd87fc397 Loading...

	#15 Eval - adec55ad9d2194e581f2268f499e5af2	23 kB	2024-08-21 08:24	2024-08-21 08:24
Pretty Observations First Seen2024-08-21 08:24 Last Seen2024-08-21 08:24 Times Seen1 Hash adec55ad9d2194e581f2268f499e5af2 00e7248fe06818d79279ecb30329139567432e9d 3840131e580a5417f1c534107875e8161edfa582700f09cd7ca45382bcdff233 Loading...

	#16 Eval - 1978b47512c9e8df3d7bbdc6e166d9e9	17 kB	2024-08-21 08:24	2024-08-21 08:24
Pretty Observations First Seen2024-08-21 08:24 Last Seen2024-08-21 08:24 Times Seen1 Hash 1978b47512c9e8df3d7bbdc6e166d9e9 b8f7cc0d75e5dc1277c4102335fe65c959cd1092 358264e1118162cdfcb356b09623faef7585bd1ec1fe5dbd24509d0fec6f832e Loading...

	#17 Eval - 15760900e488ec647450f20eeaa49944	15 kB	2023-03-09 10:05	2024-12-23 16:45
Pretty Observations First Seen2023-03-09 10:05 Last Seen2024-12-23 16:45 Times Seen60 Hash 15760900e488ec647450f20eeaa49944 208ad236b244f8adbd138cda9ad9f7f1d4e7758e 90d9c75dc0b4578e5468206d805353952b0a650c707ac7f9632b29f3694c1dff Loading...

	#18 Eval - eb94905b9da3f67da3f000d1bb6efbde	64 B	2023-03-09 10:05	2024-12-23 16:45
Pretty Observations First Seen2023-03-09 10:05 Last Seen2024-12-23 16:45 Times Seen62 Hash eb94905b9da3f67da3f000d1bb6efbde 1d3286e8759266d0f632990a00153ac614ca6c39 ef56a8332ced72dcd8b9a2756ce1fe129be6db47ca4863412b51e8028a9d1eb2 Loading...

	#19 Eval - 4914b38c27fc01df24a82cd521c6c314	18 kB	2023-08-18 00:22	2024-08-21 08:30
Pretty Observations First Seen2023-08-18 00:22 Last Seen2024-08-21 08:30 Times Seen2 Hash 4914b38c27fc01df24a82cd521c6c314 9808715bc0694cd1223883b9f21d2a0d7a572de2 4305d4e28cacc4ca014b91ff5e7ce9e329768c69b1a91440613e6239040ab616 Loading...

	#20 Eval - 8239ee6044ad7e817a1f26d19412f6eb	22 B	2023-03-09 10:05	2024-12-23 16:45
Pretty Observations First Seen2023-03-09 10:05 Last Seen2024-12-23 16:45 Times Seen62 Hash 8239ee6044ad7e817a1f26d19412f6eb 7116e217d05810b609ff09ac21e2c6097f14484c df78f0db59a013604da430bf67714a0445ddb583f42925592cfed1774716374d Loading...

	#21 Eval - deb5f5c172a241af7f04dc256ad2c79e	22 B	2023-08-13 09:08	2024-08-21 08:52
Pretty Observations First Seen2023-08-13 09:08 Last Seen2024-08-21 08:52 Times Seen308 Hash deb5f5c172a241af7f04dc256ad2c79e 7bc0a688e4bad0e418fc5af6e21b4815b6869e04 62bda49e9f2c1fb1529014f32fefd9595b8c7b3ef68fcfe823065ba95c270006 Loading...

	#22 Eval - e5331e16fb0e9b22d95c3a52fc9838e2	16 kB	2023-08-17 16:23	2024-08-21 08:31
Pretty Observations First Seen2023-08-17 16:23 Last Seen2024-08-21 08:31 Times Seen482 Hash e5331e16fb0e9b22d95c3a52fc9838e2 65991bda31c37951624f7766318b850e2550005f 98c6675f06f58f8ffcecbb872b4cb5feb24b25a31d213dea639e4bae73521bdd Loading...

HTTP Transactions (147)

URL IP Response Size

flokbaby.it/mymet/b928e

77.83.64.33

240 B

URL
flokbaby.it/mymet/b928e
IP
77.83.64.33:0
ASN
#12637 SEEWEB s.r.l.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
240 B (240 bytes)
Hash
5a277ef664794ea9c207f2a070c0f839
0b0a07738874a3d57ecb212b79ca42dec5f573f0
7282e6fdcd26d16e7ffeaa51dcd8a1623b43dcfc59d89af371b724d587f0982b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /mymet/b928e HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 19 Aug 2023 11:44:35 GMT
content-type: text/html; charset=iso-8859-1
content-length: 240
location: https://flokbaby.it/mymet/b928e/
x-powered-by: PleskLin
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5cc11da7ecc512a2fd369ae67b7b9764
aa0414b152588c8db9116515e3417e532a0d012a
f2b21a5eaa3d5f5788f04796f522546c7296bd0d41f98527d8d818ff00a71cf5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Aug 2023 11:44:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

flokbaby.it/mymet/b928e/meta/enterprise.js.download

77.83.64.33

200 OK

1.0 kB

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/enterprise.js.download
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
ASCII text, with very long lines (1008), with no line terminators
Size
1.0 kB (1004 bytes)
Hash
d07e7630bc23cbdd7520d0a4f086c922
b50685923a96d55109959fdf21f369d902971b2a
15c0f679abecff8fba48dbe673343f3e0f2a07c439d3f631722fccd2af2e1df2

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mymet/b928e/meta/enterprise.js.download HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:36 GMT
content-type: application/javascript
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
etag: W/"3f0-60303d48851eb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

flokbaby.it/mymet/b928e/meta/mm-logo.svg

77.83.64.33

200 OK

12 kB

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/mm-logo.svg
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1001)
Size
12 kB (12019 bytes)
Hash
51bcea2625eb2c6e9268a7377a792c86
5eeb306e6584eed1747c36c11724f193711d430e
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mymet/b928e/meta/mm-logo.svg HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:36 GMT
content-type: image/svg+xml
content-length: 12019
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
etag: "64dc62ed-2ef3"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

flokbaby.it/mymet/b928e/meta/jsonp

77.83.64.33

200 OK

278 kB

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/jsonp
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
278 kB (278382 bytes)
Hash
7efac8c0fa8e30db7a423500ef59abab
be73717f776f24dd31498c27a1b02b784570d5bb
102411780270584690575675e14e574ef8a16cf6fdd5700d5682e68a8d2cc00d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mymet/b928e/meta/jsonp HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:36 GMT
content-type: application/octet-stream
content-length: 278382
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
etag: "64dc62ed-43f6e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dd719b6ed9f63940603029334ebd6d9e
c047e5651a43b3fac6a453587978e7fc55e86c41
c22e839a1eb817a93d5fbb9097a77baefee1dbb14cf12fd2bb223fcef15a1fef

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Aug 2023 11:44:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

flokbaby.it/mymet/b928e/meta/css.html

77.83.64.33

200 OK

8.1 kB

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/css.html
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
ASCII text
Size
8.1 kB (8134 bytes)
Hash
147429fb2ddc3861e2ae0f473f17d78e
f2bdce63e15b9f3b90c8c3b153deb75b28eb69e3
25d501d70fcb9835f935fd47e045502700dc5f862cd7e763a49bbc7316396f2a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mymet/b928e/meta/css.html HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:36 GMT
content-type: text/html
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
etag: W/"2ac-60303d48859bb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dd719b6ed9f63940603029334ebd6d9e
c047e5651a43b3fac6a453587978e7fc55e86c41
c22e839a1eb817a93d5fbb9097a77baefee1dbb14cf12fd2bb223fcef15a1fef

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Aug 2023 11:44:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=

104.17.210.243

200 OK

2.1 kB

URL GET HTTP/3
forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=
IP
104.17.210.243:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1E:9D:91:27:86:63:DC:7B:9D:15:4E:99:31:FC:AA:1D:DC:9E:06:3B
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (5788), with no line terminators
Size
2.1 kB (2111 bytes)
Hash
625f49915e60f876679ae605fbf3d7c7
8ef6815b4d28f78ca587eecd14130d76587067dd
fa640444deea25cb6f97fd666e20106609387acdcbcdd53cee2e755640eab733

HTTP Headers

GET /embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk= HTTP/1.1
Host: forms.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 19 Aug 2023 11:44:37 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace: 2B847D9870826513CCB0CB7D192E3AAF1F56978EF5000000000000000000
X-Origin-Hublet: na1
Vary: origin
Content-Disposition: attachment; filename=no-rfd.txt
X-Content-Type-Options: nosniff
Access-Control-Allow-Credentials: false
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
X-Robots-Tag: none
x-envoy-upstream-service-time: 14
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-4bsw8
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
X-HubSpot-Correlation-Id: d53e9d06-a532-4531-bec2-1caa0f249d40
x-request-id: d53e9d06-a532-4531-bec2-1caa0f249d40
CF-Cache-Status: DYNAMIC
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 7f92254849d00b59-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
00b3cdb981551622d6a150fc684beb8c
c6f5ed880f1643b6a8614620bbe7bdf3725e7fd6
13242ce5f60abe7049d2b81915cc5c94be797757da09cf5197fa754240d85095

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Aug 2023 11:44:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

142.250.74.164

200 OK

614 B

URL GET HTTP/3
www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint6B:BC:50:D6:D8:AB:DE:2F:10:C5:BE:7D:98:41:FA:8E:F2:D8:34:C4
ValidityMon, 31 Jul 2023 08:16:44 GMT - Mon, 23 Oct 2023 08:16:43 GMT

File type
ASCII text, with very long lines (1008), with no line terminators
Size
614 B (614 bytes)
Hash
aac3288b87f93219ccd838f40e3985d7
4f1e30acf86e034db135c6d666702fc72f86c155
8eace2ac1082d16eaa54c0851cf077baf7d925e1791e24df78d4d1d72fe02958

HTTP Headers

GET /recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
expires: Sat, 19 Aug 2023 11:44:37 GMT
date: Sat, 19 Aug 2023 11:44:37 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 614
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6c4bdf2d267f65cc6fcc19580f116c8c
d0e2ccbf84854e153f9fbf9ff35f8e43358681de
b5bd37863b684f86771fc0232e27a5d102442780bf03953d31d37a405a32a455

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Aug 2023 11:44:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2

216.58.207.227

200 OK

8.4 kB

URL GET HTTP/3
fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8404, version 1.0\012- data
Size
8.4 kB (8404 bytes)
Hash
141119ae119bf7ca75e10ef82f66e442
adebf435aa078db3c116cb9faae15f2ad81d3ac5
c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff

HTTP Headers

GET /s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flokbaby.it
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Aug 2023 19:03:07 GMT
expires: Sun, 11 Aug 2024 19:03:07 GMT
cache-control: public, max-age=31536000
age: 578490
last-modified: Thu, 21 Apr 2022 17:15:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.15.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
986d8a69d25e688079bb725829e2372c
0214dea8f28d019c0445170efc5b9cd5da00e5a7
45fd404478495763ad6ccd2038b4c4c1539dbfc65d112c3520b28f0525a0049d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 19 Aug 2023 11:44:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 18 Aug 2023 14:36:14 GMT
Expires: Fri, 25 Aug 2023 14:36:13 GMT
Etag: "0214dea8f28d019c0445170efc5b9cd5da00e5a7"
Cache-Control: max-age=528453,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7f92254af8dcb523-OSL

ocsp.sectigo.com/

104.18.15.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
986d8a69d25e688079bb725829e2372c
0214dea8f28d019c0445170efc5b9cd5da00e5a7
45fd404478495763ad6ccd2038b4c4c1539dbfc65d112c3520b28f0525a0049d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 19 Aug 2023 11:44:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 18 Aug 2023 14:36:14 GMT
Expires: Fri, 25 Aug 2023 14:36:13 GMT
Etag: "0214dea8f28d019c0445170efc5b9cd5da00e5a7"
Cache-Control: max-age=528571,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7f92254af98ab4ed-OSL

flokbaby.it/mymet/b928e/meta/EuclidCircularB-Regular-WebXL.woff2

77.83.64.33

200 OK

45 kB

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/EuclidCircularB-Regular-WebXL.woff2
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
Web Open Font Format (Version 2), TrueType, length 45196, version 3.66\012- data
Size
45 kB (45196 bytes)
Hash
2d75957df3bb3aa6ed84f6591b0d5a1a
906424e75625f63b0188471067065794d0348536
8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mymet/b928e/meta/EuclidCircularB-Regular-WebXL.woff2 HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/meta/metamask-staging-2.webflow.css
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:37 GMT
content-type: font/woff2
content-length: 45196
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
etag: "64dc62ed-b08c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

flokbaby.it/mymet/b928e/meta/storage.secure.min.js.download

77.83.64.33

200 OK

58 kB

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/storage.secure.min.js.download
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
ASCII text, with very long lines (38562), with no line terminators
Size
58 kB (57615 bytes)
Hash
3386ec5559f1ba569cf0ab6acab436cc
e98e11d37c5172ee128a85f68447efb3cb0e853c
996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mymet/b928e/meta/storage.secure.min.js.download HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:36 GMT
content-type: application/javascript
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
vary: Accept-Encoding
etag: W/"64dc62ed-96a2"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js

216.58.211.3

200 OK

186 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
ASCII text, with very long lines (679)
Size
186 kB (185519 bytes)
Hash
e346196cabbe1100839406d8f02a31c3
24f54bd82fdab0dc9bc5c6a71e33eefc02286aad
9dab174b3b1ef754d71d613162c1e1f5b88f9f317da8d1f14c146be9c6d9fd35

HTTP Headers

GET /recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flokbaby.it
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 185519
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 21:44:58 GMT
expires: Fri, 16 Aug 2024 21:44:58 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 136780
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

flokbaby.it/mymet/b928e/meta/metamask-staging-2.webflow.css

77.83.64.33

200 OK

18 kB

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/metamask-staging-2.webflow.css
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
ASCII text
Size
18 kB (18052 bytes)
Hash
d4ede0f1d47b3b9aac92ea8a29c2ec85
135c44809f03ce1360c7e74da033e4b4f5cfb87c
98489ee303fa850e7c3185248b30d64dfb6c7c55aa8726a98efb037525988e5a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mymet/b928e/meta/metamask-staging-2.webflow.css HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:36 GMT
content-type: text/css
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
vary: Accept-Encoding
etag: W/"64dc62ed-22adb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

flokbaby.it/js.hsforms.net/forms/v2.js

77.83.64.33

301 Moved Permanently

0 B

URL GET HTTP/2
flokbaby.it/js.hsforms.net/forms/v2.js
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/meta/saved_resource.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /js.hsforms.net/forms/v2.js HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/meta/saved_resource.html
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 19 Aug 2023 11:44:38 GMT
content-type: text/html; charset=UTF-8
content-length: 0
link: <https://flokbaby.it/wp-json/>; rel="https://api.w.org/"
expires: Sat, 19 Aug 2023 12:44:38 GMT
cache-control: max-age=3600
location: https://flokbaby.it/blogs/tag/internet/
x-powered-by: PHP/7.4.28, PleskLin
X-Firefox-Spdy: h2

flokbaby.it/metamask.io/images/webclip.png

77.83.64.33

301 Moved Permanently

0 B

URL GET HTTP/2
flokbaby.it/metamask.io/images/webclip.png
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /metamask.io/images/webclip.png HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 19 Aug 2023 11:44:38 GMT
content-type: text/html; charset=UTF-8
content-length: 0
link: <https://flokbaby.it/wp-json/>; rel="https://api.w.org/"
expires: Sat, 19 Aug 2023 12:44:38 GMT
cache-control: max-age=3600
location: https://flokbaby.it/prodotto/marsupio-ergonomico-standard-zig-zag/
x-powered-by: PHP/7.4.28, PleskLin
X-Firefox-Spdy: h2

accdn.lpsnmedia.net/api/account/88982875/configuration/domainprotection/refererrestrictions?cb=lpCb1497x93940

178.249.97.99

31 kB

URL
accdn.lpsnmedia.net/api/account/88982875/configuration/domainprotection/refererrestrictions?cb=lpCb1497x93940
IP
178.249.97.99:0
ASN
#11054 LIVEPERSON

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (47236)
Size
31 kB (31196 bytes)
Hash
288516b50a87707cbaeeb0229a0fc711
f3aa8b3a1398b189fd91187472b721ab4b38b7e8
519ec8120ba0362aeee7bce86dc956bfc01b0286e9232eb14444d7e7a3a8f8c3

HTTP Headers

GET /api/account/88982875/configuration/domainprotection/refererrestrictions?cb=lpCb1497x93940 HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lpcdn.lpsnmedia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 19 Aug 2023 11:44:38 GMT
content-type: application/javascript
cache-control: no-store
x-envoy-upstream-service-time: 89
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: MISS
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

flokbaby.it/metamask.io/images/favicon.png

77.83.64.33

301 Moved Permanently

0 B

URL GET HTTP/2
flokbaby.it/metamask.io/images/favicon.png
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /metamask.io/images/favicon.png HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 19 Aug 2023 11:44:38 GMT
content-type: text/html; charset=UTF-8
content-length: 0
link: <https://flokbaby.it/wp-json/>; rel="https://api.w.org/"
expires: Sat, 19 Aug 2023 12:44:38 GMT
cache-control: max-age=3600
location: https://flokbaby.it/prodotto/marsupio-ergonomico-standard-zig-zag/
x-powered-by: PHP/7.4.28, PleskLin
X-Firefox-Spdy: h2

lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.js?loc=https%3A%2F%2Fflokbaby.it&site=88982875&force=1&env=prod&isCrossDomain=true

178.249.97.98

200 OK

15 kB

URL GET HTTP/2
lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.js?loc=https%3A%2F%2Fflokbaby.it&site=88982875&force=1&env=prod&isCrossDomain=true
IP
178.249.97.98:443
ASN
#11054 LIVEPERSON

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerSectigo Limited
Subject*.lpsnmedia.net
Fingerprint50:71:62:B3:88:93:98:3D:CC:EF:A7:C6:82:00:2D:1E:44:64:14:BB
ValidityMon, 09 Jan 2023 00:00:00 GMT - Tue, 09 Jan 2024 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
15 kB (14845 bytes)
Hash
7093bd81dfb4b6b8a2da54b428e82974
5c12656ac6f9c0b38af75d59645eef52461babc5
c256b26c9bb28696f2bf8dbccbb2bbdcfc8a7b9617f1d97d75e12fadaf18c2e5

HTTP Headers

GET /le_secure_storage/3.15.0.0-release_5063/storage.secure.min.js?loc=https%3A%2F%2Fflokbaby.it&site=88982875&force=1&env=prod&isCrossDomain=true HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 19 Aug 2023 11:44:38 GMT
content-type: application/javascript
last-modified: Fri, 05 Nov 2021 13:34:15 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sun, 18 Aug 2024 11:44:38 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/api2/info_2x.png

216.58.211.3

200 OK

665 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/info_2x.png
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://flokbaby.it/mymet/b928e/meta/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
665 B (665 bytes)
Hash
07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

HTTP Headers

GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Aug 2023 11:00:47 GMT
expires: Sat, 26 Aug 2023 11:00:47 GMT
cache-control: public, max-age=604800
age: 2632
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/refresh_2x.png

216.58.211.3

200 OK

600 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/refresh_2x.png
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://flokbaby.it/mymet/b928e/meta/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
600 B (600 bytes)
Hash
0f2a4639b8a4cb30c76e8333c00d30a6
57e273a270bb864970d747c74b3f0a7c8e515b13
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

HTTP Headers

GET /recaptcha/api2/refresh_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 15:12:23 GMT
expires: Thu, 24 Aug 2023 15:12:23 GMT
cache-control: public, max-age=604800
age: 160336
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/audio_2x.png

216.58.211.3

200 OK

530 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/audio_2x.png
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
530 B (530 bytes)
Hash
88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

HTTP Headers

GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 04:54:45 GMT
expires: Thu, 24 Aug 2023 04:54:45 GMT
cache-control: public, max-age=604800
age: 197394
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css

216.58.211.3

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
ASCII text, with very long lines (56403), with no line terminators
Size
25 kB (24605 bytes)
Hash
83f90c5a4c20afb44429fa346fbadc10
7c278ec721d3880fbafaadeba9ee80bdf294b014
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

HTTP Headers

GET /recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Aug 2023 06:13:40 GMT
expires: Sun, 18 Aug 2024 06:13:40 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
content-type: text/css
vary: Accept-Encoding
age: 19859
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js

216.58.211.3

200 OK

186 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
ASCII text, with very long lines (679)
Size
186 kB (185519 bytes)
Hash
e346196cabbe1100839406d8f02a31c3
24f54bd82fdab0dc9bc5c6a71e33eefc02286aad
9dab174b3b1ef754d71d613162c1e1f5b88f9f317da8d1f14c146be9c6d9fd35

HTTP Headers

GET /recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 185519
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 21:44:58 GMT
expires: Fri, 16 Aug 2024 21:44:58 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 136781
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mbG9rYmFieS5pdDo0NDM.&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=eaoit81ntzxz
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 15:24:26 GMT
expires: Fri, 16 Aug 2024 15:24:26 GMT
cache-control: public, max-age=31536000
age: 159613
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

16 kB

URL GET
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Aug 2023 22:56:18 GMT
expires: Wed, 14 Aug 2024 22:56:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 305301
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

flokbaby.it/mymet/b928e/meta/saved_resource(1).html

77.83.64.33

200 OK

24 kB

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/saved_resource(1).html
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
24 kB (24236 bytes)
Hash
938be7d50aa827110de3ba6d24f24ceb
499a6b9239bbf79c2363a2ecf3cc405a957b24ec
58092d87121c0af28a0ae8ad3e9afcfb4c50156ca369a9a2dfafc8d516a25d5c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mymet/b928e/meta/saved_resource(1).html HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:37 GMT
content-type: text/html
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
etag: W/"1f8-60303d4884e03"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/api2/logo_48.png

216.58.211.3

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mbG9rYmFieS5pdDo0NDM.&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=eaoit81ntzxz
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Aug 2023 14:42:45 GMT
expires: Fri, 25 Aug 2023 14:42:45 GMT
cache-control: public, max-age=604800
age: 75714
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js

216.58.211.3

200 OK

186 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
ASCII text, with very long lines (679)
Size
186 kB (185519 bytes)
Hash
e346196cabbe1100839406d8f02a31c3
24f54bd82fdab0dc9bc5c6a71e33eefc02286aad
9dab174b3b1ef754d71d613162c1e1f5b88f9f317da8d1f14c146be9c6d9fd35

HTTP Headers

GET /recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 185519
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 21:44:58 GMT
expires: Fri, 16 Aug 2024 21:44:58 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 136781
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

142.250.74.164

200 OK

1.2 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint6B:BC:50:D6:D8:AB:DE:2F:10:C5:BE:7D:98:41:FA:8E:F2:D8:34:C4
ValidityMon, 31 Jul 2023 08:16:44 GMT - Mon, 23 Oct 2023 08:16:43 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.2 kB (1162 bytes)
Hash
26ffeb191d0ab7a905a44f5729c9b344
a93ca3fafbff000661b82716e2cf3e1d0312143d
1a3a5df8d35c70a7d64734cea13427d3f9fb2d8b0e3be2bcf8308bf6acee43e1

HTTP Headers

GET /recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 19 Aug 2023 11:44:39 GMT
content-security-policy: script-src 'nonce-YSUPwo2JxpUUS0bUZOrAxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1162
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css

216.58.211.3

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
ASCII text, with very long lines (56403), with no line terminators
Size
25 kB (24605 bytes)
Hash
83f90c5a4c20afb44429fa346fbadc10
7c278ec721d3880fbafaadeba9ee80bdf294b014
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

HTTP Headers

GET /recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Aug 2023 06:13:40 GMT
expires: Sun, 18 Aug 2024 06:13:40 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
content-type: text/css
vary: Accept-Encoding
age: 19859
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js

216.58.211.3

200 OK

186 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
ASCII text, with very long lines (679)
Size
186 kB (185519 bytes)
Hash
e346196cabbe1100839406d8f02a31c3
24f54bd82fdab0dc9bc5c6a71e33eefc02286aad
9dab174b3b1ef754d71d613162c1e1f5b88f9f317da8d1f14c146be9c6d9fd35

HTTP Headers

GET /recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 185519
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 21:44:58 GMT
expires: Fri, 16 Aug 2024 21:44:58 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 136781
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit

142.250.74.164

200 OK

614 B

URL GET HTTP/3
www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://js.hsforms.net/forms-next/shell-recaptcha
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint6B:BC:50:D6:D8:AB:DE:2F:10:C5:BE:7D:98:41:FA:8E:F2:D8:34:C4
ValidityMon, 31 Jul 2023 08:16:44 GMT - Mon, 23 Oct 2023 08:16:43 GMT

File type
ASCII text, with very long lines (1008), with no line terminators
Size
614 B (614 bytes)
Hash
aac3288b87f93219ccd838f40e3985d7
4f1e30acf86e034db135c6d666702fc72f86c155
8eace2ac1082d16eaa54c0851cf077baf7d925e1791e24df78d4d1d72fe02958

HTTP Headers

GET /recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Sat, 19 Aug 2023 11:44:39 GMT
date: Sat, 19 Aug 2023 11:44:39 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 614
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js

216.58.211.3

200 OK

186 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
ASCII text, with very long lines (679)
Size
186 kB (185519 bytes)
Hash
e346196cabbe1100839406d8f02a31c3
24f54bd82fdab0dc9bc5c6a71e33eefc02286aad
9dab174b3b1ef754d71d613162c1e1f5b88f9f317da8d1f14c146be9c6d9fd35

HTTP Headers

GET /recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://js.hsforms.net
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 185519
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 21:44:58 GMT
expires: Fri, 16 Aug 2024 21:44:58 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 136782
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

flokbaby.it/blogs/tag/internet/

77.83.64.33

200 OK

49 kB

URL GET HTTP/2
flokbaby.it/blogs/tag/internet/
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/meta/saved_resource.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9462), with CRLF, LF line terminators
Size
49 kB (49223 bytes)
Hash
d0af2b12d721ceb37f4e73eb0ace728e
aa7dc82109b4f7487d5ed8b8a3a6ece5a4786852
fad74ad9e1dcb5afdfb97d5a34dd1913e22a008b3d92e93aa27e18574cb4e270

HTTP Headers

GET /blogs/tag/internet/ HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flokbaby.it/mymet/b928e/meta/saved_resource.html
DNT: 1
Connection: keep-alive
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://flokbaby.it/wp-json/>; rel="https://api.w.org/", <https://flokbaby.it/wp-json/wp/v2/tags/27>; rel="alternate"; type="application/json"
x-powered-by: PHP/7.4.28, PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css

216.58.211.3

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
ASCII text, with very long lines (56403), with no line terminators
Size
25 kB (24605 bytes)
Hash
83f90c5a4c20afb44429fa346fbadc10
7c278ec721d3880fbafaadeba9ee80bdf294b014
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

HTTP Headers

GET /recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Aug 2023 06:13:40 GMT
expires: Sun, 18 Aug 2024 06:13:40 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
content-type: text/css
vary: Accept-Encoding
age: 19860
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js

216.58.211.3

200 OK

186 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
ASCII text, with very long lines (679)
Size
186 kB (185519 bytes)
Hash
e346196cabbe1100839406d8f02a31c3
24f54bd82fdab0dc9bc5c6a71e33eefc02286aad
9dab174b3b1ef754d71d613162c1e1f5b88f9f317da8d1f14c146be9c6d9fd35

HTTP Headers

GET /recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 185519
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 21:44:58 GMT
expires: Fri, 16 Aug 2024 21:44:58 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 136782
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

142.250.74.164

200 OK

25 kB

URL POST HTTP/3
www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint6B:BC:50:D6:D8:AB:DE:2F:10:C5:BE:7D:98:41:FA:8E:F2:D8:34:C4
ValidityMon, 31 Jul 2023 08:16:44 GMT - Mon, 23 Oct 2023 08:16:43 GMT

File type
ASCII text, with very long lines (41198)
Size
25 kB (24995 bytes)
Hash
79c9b45646371067c43bbf7165829bf9
44865394698476c274c1195dea8bfc1e175bbbcf
bb2cd638539d3e71bcf8bb63d463fe0de3cac519ffb0ed761ac2840e70d44f55

HTTP Headers

POST /recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuffer
Content-Length: 8500
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
date: Sat, 19 Aug 2023 11:44:40 GMT
expires: Sat, 19 Aug 2023 11:44:40 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 24995
server: GSE
set-cookie: _GRECAPTCHA=09AHJ_tr6Gak2PgwPQwKR-6rubbqqhFfQubVaKeRdaXAbEvMM2seh2vYSZhrAt_H2OFOuAwQCC6TVcq3jLSdbTJ4s;Path=/recaptcha;Expires=Thu, 15-Feb-2024 11:44:40 GMT;Secure;HttpOnly;Priority=HIGH;SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mbG9rYmFieS5pdDo0NDM.&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=eaoit81ntzxz
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 15:24:26 GMT
expires: Fri, 16 Aug 2024 15:24:26 GMT
cache-control: public, max-age=31536000
age: 159614
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

flokbaby.it/mymet/b928e/meta/webflow.css

77.83.64.33

200 OK

152 kB

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/webflow.css
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
Unicode text, UTF-8 text, with very long lines (2587)
Size
152 kB (152430 bytes)
Hash
13fc860cb6eddbf469d986e1a6b6480b
6bb85ecdc704734f59d4984d202f75b02048a58d
ba6716203b5a6f128eab828aef79dcdfeab87ec1ee605392e4a9d6955de30842

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mymet/b928e/meta/webflow.css HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:36 GMT
content-type: text/css
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
vary: Accept-Encoding
etag: W/"64dc62ed-98c5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15340, version 1.0\012- data
Size
15 kB (15340 bytes)
Hash
19b7a0adfdd4f808b53af7e2ce2ad4e5
81d5d4c7b5035ad10cce63cf7100295e0c51fdda
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 15:15:27 GMT
expires: Fri, 16 Aug 2024 15:15:27 GMT
cache-control: public, max-age=31536000
age: 160153
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/payload?p=06ADUVZwCCHqVLjfQ7sdIJGvF29ft2OgiPIUUBtcsXhmDi5EVZrbFliQdHQzFQ-YJayQIlZ3HwU9_bJBNw-EAXvze_aBshSUKhmoOHeFN6x9xMh5Ix8X2Gt3oojIEgB-b8bw_QyvF5ZADQrL450oCTqVGw0D1LCUfqzTKV7Hx6XMr_ftqdQvgYQE_wVfuEBNPM3ZQXgmVEDKZ91OvCJRh-oJC04GsaUke6mw&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

142.250.74.164

31 kB

URL
www.google.com/recaptcha/enterprise/payload?p=06ADUVZwCCHqVLjfQ7sdIJGvF29ft2OgiPIUUBtcsXhmDi5EVZrbFliQdHQzFQ-YJayQIlZ3HwU9_bJBNw-EAXvze_aBshSUKhmoOHeFN6x9xMh5Ix8X2Gt3oojIEgB-b8bw_QyvF5ZADQrL450oCTqVGw0D1LCUfqzTKV7Hx6XMr_ftqdQvgYQE_wVfuEBNPM3ZQXgmVEDKZ91OvCJRh-oJC04GsaUke6mw&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
142.250.74.164:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint6B:BC:50:D6:D8:AB:DE:2F:10:C5:BE:7D:98:41:FA:8E:F2:D8:34:C4
ValidityMon, 31 Jul 2023 08:16:44 GMT - Mon, 23 Oct 2023 08:16:43 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Size
31 kB (30766 bytes)
Hash
e09e96e69b9d9426c84b65eeebee1849
d9b4960ac9d7d6a84d7ef8e3db3ab8938bc520df
a28463cff0ae3655576e16da9730de14238424e54af447521a48c2b496c5bf87

HTTP Headers

GET /recaptcha/enterprise/payload?p=06ADUVZwCCHqVLjfQ7sdIJGvF29ft2OgiPIUUBtcsXhmDi5EVZrbFliQdHQzFQ-YJayQIlZ3HwU9_bJBNw-EAXvze_aBshSUKhmoOHeFN6x9xMh5Ix8X2Gt3oojIEgB-b8bw_QyvF5ZADQrL450oCTqVGw0D1LCUfqzTKV7Hx6XMr_ftqdQvgYQE_wVfuEBNPM3ZQXgmVEDKZ91OvCJRh-oJC04GsaUke6mw&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Cookie: _GRECAPTCHA=09AHJ_tr6Gak2PgwPQwKR-6rubbqqhFfQubVaKeRdaXAbEvMM2seh2vYSZhrAt_H2OFOuAwQCC6TVcq3jLSdbTJ4s
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Sat, 19 Aug 2023 11:44:40 GMT
date: Sat, 19 Aug 2023 11:44:40 GMT
cache-control: private, max-age=30
content-type: image/jpeg
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 30766
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/refresh_2x.png

216.58.211.3

200 OK

600 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/refresh_2x.png
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://flokbaby.it/mymet/b928e/meta/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
600 B (600 bytes)
Hash
0f2a4639b8a4cb30c76e8333c00d30a6
57e273a270bb864970d747c74b3f0a7c8e515b13
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

HTTP Headers

GET /recaptcha/api2/refresh_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 15:12:23 GMT
expires: Thu, 24 Aug 2023 15:12:23 GMT
cache-control: public, max-age=604800
age: 160337
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/audio_2x.png

216.58.211.3

200 OK

530 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/audio_2x.png
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
530 B (530 bytes)
Hash
88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

HTTP Headers

GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 04:54:45 GMT
expires: Thu, 24 Aug 2023 04:54:45 GMT
cache-control: public, max-age=604800
age: 197395
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/info_2x.png

216.58.211.3

200 OK

665 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/info_2x.png
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://flokbaby.it/mymet/b928e/meta/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
665 B (665 bytes)
Hash
07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

HTTP Headers

GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Aug 2023 11:00:47 GMT
expires: Sat, 26 Aug 2023 11:00:47 GMT
cache-control: public, max-age=604800
age: 2633
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mbG9rYmFieS5pdDo0NDM.&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=eaoit81ntzxz
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 15:24:26 GMT
expires: Fri, 16 Aug 2024 15:24:26 GMT
cache-control: public, max-age=31536000
age: 159614
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

16 kB

URL GET
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Aug 2023 22:56:18 GMT
expires: Wed, 14 Aug 2024 22:56:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 305302
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq

142.250.74.164

200 OK

112 B

URL GET HTTP/3
www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=12gauca4ue83
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint6B:BC:50:D6:D8:AB:DE:2F:10:C5:BE:7D:98:41:FA:8E:F2:D8:34:C4
ValidityMon, 31 Jul 2023 08:16:44 GMT - Mon, 23 Oct 2023 08:16:43 GMT

File type
ASCII text, with no line terminators
Size
112 B (112 bytes)
Hash
9850c72f212186063d38d2b8ff0c678b
9cf08c9995213b8252aaed87931c91e456b8b6b2
13f425cbab48a8199950e3873a94b5f8faa294a66f751cfe15423d34dfc98ff8

HTTP Headers

GET /recaptcha/enterprise/webworker.js?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=u73hw1edt5bt
Cookie: _GRECAPTCHA=09AHJ_tr6Gak2PgwPQwKR-6rubbqqhFfQubVaKeRdaXAbEvMM2seh2vYSZhrAt_H2OFOuAwQCC6TVcq3jLSdbTJ4s
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Sat, 19 Aug 2023 11:44:40 GMT
date: Sat, 19 Aug 2023 11:44:40 GMT
cache-control: private, max-age=300
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/logo_48.png

216.58.211.3

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mbG9rYmFieS5pdDo0NDM.&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=eaoit81ntzxz
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Aug 2023 14:42:45 GMT
expires: Fri, 25 Aug 2023 14:42:45 GMT
cache-control: public, max-age=604800
age: 75715
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js

216.58.211.3

200 OK

186 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
ASCII text, with very long lines (679)
Size
186 kB (185519 bytes)
Hash
e346196cabbe1100839406d8f02a31c3
24f54bd82fdab0dc9bc5c6a71e33eefc02286aad
9dab174b3b1ef754d71d613162c1e1f5b88f9f317da8d1f14c146be9c6d9fd35

HTTP Headers

GET /recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 185519
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 21:44:58 GMT
expires: Fri, 16 Aug 2024 21:44:58 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 136782
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

142.250.74.164

200 OK

1.2 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint6B:BC:50:D6:D8:AB:DE:2F:10:C5:BE:7D:98:41:FA:8E:F2:D8:34:C4
ValidityMon, 31 Jul 2023 08:16:44 GMT - Mon, 23 Oct 2023 08:16:43 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.2 kB (1161 bytes)
Hash
479c06887ba2014bf0c9e07db6cf7178
78f5cac2807dd8eaec902c6cfbcef26870e8032d
45a79458e4d88b2b13caa6b0a7eb4463603b05c7d8eda95dac54fd6869f02492

HTTP Headers

GET /recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Cookie: _GRECAPTCHA=09AHJ_tr6Gak2PgwPQwKR-6rubbqqhFfQubVaKeRdaXAbEvMM2seh2vYSZhrAt_H2OFOuAwQCC6TVcq3jLSdbTJ4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 19 Aug 2023 11:44:41 GMT
content-security-policy: script-src 'nonce-YCOv2kQTf74xB2X8w6fp9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1161
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css

216.58.211.3

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
ASCII text, with very long lines (56403), with no line terminators
Size
25 kB (24605 bytes)
Hash
83f90c5a4c20afb44429fa346fbadc10
7c278ec721d3880fbafaadeba9ee80bdf294b014
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

HTTP Headers

GET /recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Aug 2023 06:13:40 GMT
expires: Sun, 18 Aug 2024 06:13:40 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
content-type: text/css
vary: Accept-Encoding
age: 19861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js

216.58.211.3

200 OK

186 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
ASCII text, with very long lines (679)
Size
186 kB (185519 bytes)
Hash
e346196cabbe1100839406d8f02a31c3
24f54bd82fdab0dc9bc5c6a71e33eefc02286aad
9dab174b3b1ef754d71d613162c1e1f5b88f9f317da8d1f14c146be9c6d9fd35

HTTP Headers

GET /recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 185519
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 21:44:58 GMT
expires: Fri, 16 Aug 2024 21:44:58 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 136783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

142.250.74.164

200 OK

26 kB

URL POST HTTP/3
www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint6B:BC:50:D6:D8:AB:DE:2F:10:C5:BE:7D:98:41:FA:8E:F2:D8:34:C4
ValidityMon, 31 Jul 2023 08:16:44 GMT - Mon, 23 Oct 2023 08:16:43 GMT

File type
ASCII text, with very long lines (42425)
Size
26 kB (25856 bytes)
Hash
0e9adfc4985a6956212ea8a41a0882f1
efab840bad4fc4cb2fd3bd631ea397d43d373f68
cb182487a81849b59c4f08ac4767c3498984174c8a508e1045cb7c590d39018e

HTTP Headers

POST /recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuffer
Content-Length: 6946
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Cookie: _GRECAPTCHA=09AHJ_tr6Gak2PgwPQwKR-6rubbqqhFfQubVaKeRdaXAbEvMM2seh2vYSZhrAt_H2OFOuAwQCC6TVcq3jLSdbTJ4s
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
date: Sat, 19 Aug 2023 11:44:41 GMT
expires: Sat, 19 Aug 2023 11:44:41 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 25856
server: GSE
set-cookie: _GRECAPTCHA=09AHJ_tr7yRbmuE9-Bn6iSjct-34UnLC-snkJO5ZXeMlHfzOJfaA23Y9xsUXKajtSh6et83LKUfwedtitmrkTi0Lo;Path=/recaptcha;Expires=Thu, 15-Feb-2024 11:44:41 GMT;Secure;HttpOnly;Priority=HIGH;SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mbG9rYmFieS5pdDo0NDM.&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=eaoit81ntzxz
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 15:24:26 GMT
expires: Fri, 16 Aug 2024 15:24:26 GMT
cache-control: public, max-age=31536000
age: 159615
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

flokbaby.it/mymet/b928e/meta/plx.chock.js

77.83.64.33

200 OK

16 kB

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/plx.chock.js
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
ASCII text
Size
16 kB (15773 bytes)
Hash
5acfeead7d13511cdef767305b87e3f8
ec5337e62f1e64d3aaba3bf41a41b5f876964922
b9417c5359a2259bb564852a1ebd2b743b79ac06efdee42dc53456f8445ad246

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mymet/b928e/meta/plx.chock.js HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:36 GMT
content-type: application/javascript
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
vary: Accept-Encoding
etag: W/"64dc62ed-d41"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/api2/refresh_2x.png

216.58.211.3

200 OK

600 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/refresh_2x.png
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://flokbaby.it/mymet/b928e/meta/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
600 B (600 bytes)
Hash
0f2a4639b8a4cb30c76e8333c00d30a6
57e273a270bb864970d747c74b3f0a7c8e515b13
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

HTTP Headers

GET /recaptcha/api2/refresh_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 15:12:23 GMT
expires: Thu, 24 Aug 2023 15:12:23 GMT
cache-control: public, max-age=604800
age: 160338
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/audio_2x.png

216.58.211.3

200 OK

530 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/audio_2x.png
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
530 B (530 bytes)
Hash
88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

HTTP Headers

GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 04:54:45 GMT
expires: Thu, 24 Aug 2023 04:54:45 GMT
cache-control: public, max-age=604800
age: 197396
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/info_2x.png

216.58.211.3

200 OK

665 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/info_2x.png
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://flokbaby.it/mymet/b928e/meta/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
665 B (665 bytes)
Hash
07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

HTTP Headers

GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Aug 2023 11:00:47 GMT
expires: Sat, 26 Aug 2023 11:00:47 GMT
cache-control: public, max-age=604800
age: 2634
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15340, version 1.0\012- data
Size
15 kB (15340 bytes)
Hash
19b7a0adfdd4f808b53af7e2ce2ad4e5
81d5d4c7b5035ad10cce63cf7100295e0c51fdda
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 15:15:27 GMT
expires: Fri, 16 Aug 2024 15:15:27 GMT
cache-control: public, max-age=31536000
age: 160154
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/payload?p=06ADUVZwBcTdO8de5SFFoHngEgb05E3JFZVN9oLV7K837M1lPMW45WTNbXcGeUFvpOl9aJrrxUS2JCsD8a9tCe8woQO2FXbvHT9LOIn_K4hQw8pDKTdToqSbWHg8ahujAbL8bjo6WZkyY4CNMqyUsMPWuePv75R0JkBZ1_sYhgPMRQEqttH1-uvM_QoIezMmWWNREZ40Fqs7uA&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

142.250.74.164

39 kB

URL
www.google.com/recaptcha/enterprise/payload?p=06ADUVZwBcTdO8de5SFFoHngEgb05E3JFZVN9oLV7K837M1lPMW45WTNbXcGeUFvpOl9aJrrxUS2JCsD8a9tCe8woQO2FXbvHT9LOIn_K4hQw8pDKTdToqSbWHg8ahujAbL8bjo6WZkyY4CNMqyUsMPWuePv75R0JkBZ1_sYhgPMRQEqttH1-uvM_QoIezMmWWNREZ40Fqs7uA&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
142.250.74.164:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint6B:BC:50:D6:D8:AB:DE:2F:10:C5:BE:7D:98:41:FA:8E:F2:D8:34:C4
ValidityMon, 31 Jul 2023 08:16:44 GMT - Mon, 23 Oct 2023 08:16:43 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Size
39 kB (38714 bytes)
Hash
09aa9fb394d8bcbc1408947107e91dcc
a83be23a0c27872443e946676baa20740dfd5f80
abdd4218d26cce11696f6f44e8e63df0735a4d90e53d937bd608d0b9ba37c143

HTTP Headers

GET /recaptcha/enterprise/payload?p=06ADUVZwBcTdO8de5SFFoHngEgb05E3JFZVN9oLV7K837M1lPMW45WTNbXcGeUFvpOl9aJrrxUS2JCsD8a9tCe8woQO2FXbvHT9LOIn_K4hQw8pDKTdToqSbWHg8ahujAbL8bjo6WZkyY4CNMqyUsMPWuePv75R0JkBZ1_sYhgPMRQEqttH1-uvM_QoIezMmWWNREZ40Fqs7uA&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Cookie: _GRECAPTCHA=09AHJ_tr7yRbmuE9-Bn6iSjct-34UnLC-snkJO5ZXeMlHfzOJfaA23Y9xsUXKajtSh6et83LKUfwedtitmrkTi0Lo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Sat, 19 Aug 2023 11:44:42 GMT
date: Sat, 19 Aug 2023 11:44:42 GMT
cache-control: private, max-age=30
content-type: image/jpeg
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 38714
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/canonical_car.png

216.58.211.3

11 kB

URL
www.gstatic.com/recaptcha/api2/canonical_car.png
IP
216.58.211.3:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
PNG image data, 98 x 90, 8-bit/color RGB, non-interlaced\012- data
Size
11 kB (11174 bytes)
Hash
a4741c6089e163f0e5c0cdb2c698a03e
03b190c8d9350802cbabbccd2757cff1fb7115f0
c9685b413894b0647b42edf9cac1fc0b2ed044c1fe238d843b9ca3d29db1b805

HTTP Headers

GET /recaptcha/api2/canonical_car.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 11174
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Aug 2023 07:19:55 GMT
expires: Wed, 23 Aug 2023 07:19:55 GMT
cache-control: public, max-age=604800
age: 275087
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

flokbaby.it/mymet/b928e/meta/webfont.js.download

77.83.64.33

200 OK

13 kB

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/webfont.js.download
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
ASCII text, with very long lines (2134)
Size
13 kB (13316 bytes)
Hash
7c96a5f11d9741541d5e3c42ff6380d7
d3fa2564c021cf730e58ffddb138cf6b57ed126e
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mymet/b928e/meta/webfont.js.download HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/secure.html
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1; wp_woocommerce_session_b225a3e1d791aefc99bcf5f3eeeb78ae=t_99e0bb14513f2b7e6ba1932c535add%7C%7C1692618279%7C%7C1692614679%7C%7C55f7c0a2d23c5c0f4aead8c27e9524bb; woocommerce_recently_viewed=4638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:46 GMT
content-type: application/javascript
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
vary: Accept-Encoding
etag: W/"64dc62ed-3384"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

flokbaby.it/mymet/b928e/meta/plx.chock.js

77.83.64.33

200 OK

8.6 kB

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/plx.chock.js
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
ASCII text
Size
8.6 kB (8625 bytes)
Hash
5acfeead7d13511cdef767305b87e3f8
ec5337e62f1e64d3aaba3bf41a41b5f876964922
b9417c5359a2259bb564852a1ebd2b743b79ac06efdee42dc53456f8445ad246

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mymet/b928e/meta/plx.chock.js HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/secure.html
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1; wp_woocommerce_session_b225a3e1d791aefc99bcf5f3eeeb78ae=t_99e0bb14513f2b7e6ba1932c535add%7C%7C1692618279%7C%7C1692614679%7C%7C55f7c0a2d23c5c0f4aead8c27e9524bb; woocommerce_recently_viewed=4638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:46 GMT
content-type: application/javascript
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
vary: Accept-Encoding
etag: W/"64dc62ed-d41"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

flokbaby.it/mymet/b928e/meta/jsonp

77.83.64.33

200 OK

278 kB

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/jsonp
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
278 kB (278382 bytes)
Hash
7efac8c0fa8e30db7a423500ef59abab
be73717f776f24dd31498c27a1b02b784570d5bb
102411780270584690575675e14e574ef8a16cf6fdd5700d5682e68a8d2cc00d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mymet/b928e/meta/jsonp HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/secure.html
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1; wp_woocommerce_session_b225a3e1d791aefc99bcf5f3eeeb78ae=t_99e0bb14513f2b7e6ba1932c535add%7C%7C1692618279%7C%7C1692614679%7C%7C55f7c0a2d23c5c0f4aead8c27e9524bb; woocommerce_recently_viewed=4638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:46 GMT
content-type: application/octet-stream
content-length: 278382
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
etag: "64dc62ed-43f6e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

flokbaby.it/mymet/b928e/meta/mm-logo.svg

77.83.64.33

200 OK

12 kB

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/mm-logo.svg
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1001)
Size
12 kB (12019 bytes)
Hash
51bcea2625eb2c6e9268a7377a792c86
5eeb306e6584eed1747c36c11724f193711d430e
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mymet/b928e/meta/mm-logo.svg HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/secure.html
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1; wp_woocommerce_session_b225a3e1d791aefc99bcf5f3eeeb78ae=t_99e0bb14513f2b7e6ba1932c535add%7C%7C1692618279%7C%7C1692614679%7C%7C55f7c0a2d23c5c0f4aead8c27e9524bb; woocommerce_recently_viewed=4638
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:46 GMT
content-type: image/svg+xml
content-length: 12019
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
etag: "64dc62ed-2ef3"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

flokbaby.it/mymet/b928e/meta/css.html

77.83.64.33

200 OK

129 kB

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/css.html
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
ASCII text
Size
129 kB (128586 bytes)
Hash
147429fb2ddc3861e2ae0f473f17d78e
f2bdce63e15b9f3b90c8c3b153deb75b28eb69e3
25d501d70fcb9835f935fd47e045502700dc5f862cd7e763a49bbc7316396f2a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mymet/b928e/meta/css.html HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/secure.html
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1; wp_woocommerce_session_b225a3e1d791aefc99bcf5f3eeeb78ae=t_99e0bb14513f2b7e6ba1932c535add%7C%7C1692618279%7C%7C1692614679%7C%7C55f7c0a2d23c5c0f4aead8c27e9524bb; woocommerce_recently_viewed=4638
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:46 GMT
content-type: text/html
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
etag: W/"2ac-60303d48859bb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

flokbaby.it/mymet/b928e/meta/EuclidCircularB-Regular-WebXL.woff2

77.83.64.33

200 OK

45 kB

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/EuclidCircularB-Regular-WebXL.woff2
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
Web Open Font Format (Version 2), TrueType, length 45196, version 3.66\012- data
Size
45 kB (45196 bytes)
Hash
2d75957df3bb3aa6ed84f6591b0d5a1a
906424e75625f63b0188471067065794d0348536
8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mymet/b928e/meta/EuclidCircularB-Regular-WebXL.woff2 HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/meta/metamask-staging-2.webflow.css
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1; wp_woocommerce_session_b225a3e1d791aefc99bcf5f3eeeb78ae=t_99e0bb14513f2b7e6ba1932c535add%7C%7C1692618279%7C%7C1692614679%7C%7C55f7c0a2d23c5c0f4aead8c27e9524bb; woocommerce_recently_viewed=4638
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:47 GMT
content-type: font/woff2
content-length: 45196
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
etag: "64dc62ed-b08c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

flokbaby.it/mymet/b928e/meta/EuclidCircularB-Bold-WebXL.woff2

77.83.64.33

200 OK

44 kB

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/EuclidCircularB-Bold-WebXL.woff2
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
Web Open Font Format (Version 2), TrueType, length 44544, version 3.66\012- data
Size
44 kB (44544 bytes)
Hash
9024d0bf73943172297c4628d0054e20
36c3795e7b297d06589e15ef59592683d9ed0974
88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mymet/b928e/meta/EuclidCircularB-Bold-WebXL.woff2 HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/meta/metamask-staging-2.webflow.css
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1; wp_woocommerce_session_b225a3e1d791aefc99bcf5f3eeeb78ae=t_99e0bb14513f2b7e6ba1932c535add%7C%7C1692618279%7C%7C1692614679%7C%7C55f7c0a2d23c5c0f4aead8c27e9524bb; woocommerce_recently_viewed=4638
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:47 GMT
content-type: font/woff2
content-length: 44544
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
etag: "64dc62ed-ae00"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

142.250.74.164

200 OK

614 B

URL GET HTTP/3
www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint6B:BC:50:D6:D8:AB:DE:2F:10:C5:BE:7D:98:41:FA:8E:F2:D8:34:C4
ValidityMon, 31 Jul 2023 08:16:44 GMT - Mon, 23 Oct 2023 08:16:43 GMT

File type
ASCII text, with very long lines (1008), with no line terminators
Size
614 B (614 bytes)
Hash
aac3288b87f93219ccd838f40e3985d7
4f1e30acf86e034db135c6d666702fc72f86c155
8eace2ac1082d16eaa54c0851cf077baf7d925e1791e24df78d4d1d72fe02958

HTTP Headers

GET /recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/
Cookie: _GRECAPTCHA=09AHJ_tr7yRbmuE9-Bn6iSjct-34UnLC-snkJO5ZXeMlHfzOJfaA23Y9xsUXKajtSh6et83LKUfwedtitmrkTi0Lo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Sat, 19 Aug 2023 11:44:47 GMT
date: Sat, 19 Aug 2023 11:44:47 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 614
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js

216.58.211.3

200 OK

186 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
ASCII text, with very long lines (679)
Size
186 kB (185519 bytes)
Hash
e346196cabbe1100839406d8f02a31c3
24f54bd82fdab0dc9bc5c6a71e33eefc02286aad
9dab174b3b1ef754d71d613162c1e1f5b88f9f317da8d1f14c146be9c6d9fd35

HTTP Headers

GET /recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flokbaby.it
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 185519
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 21:44:58 GMT
expires: Fri, 16 Aug 2024 21:44:58 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 136789
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

accdn.lpsnmedia.net/api/account/88982875/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

178.249.97.99

200 OK

2.3 kB

URL GET HTTP/2
accdn.lpsnmedia.net/api/account/88982875/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
IP
178.249.97.99:443
ASN
#11054 LIVEPERSON

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerSectigo Limited
Subject*.lpsnmedia.net
Fingerprint50:71:62:B3:88:93:98:3D:CC:EF:A7:C6:82:00:2D:1E:44:64:14:BB
ValidityMon, 09 Jan 2023 00:00:00 GMT - Tue, 09 Jan 2024 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
2.3 kB (2264 bytes)
Hash
57b5b7b5dd698e203898c5cd25aa2593
9cdfac0bdf6ac68757b0e9321eff62857f142d90
f48dd67da580f5bec9276509b66c8ac361884255ba23c7f0ee801c7614c5a1ab

HTTP Headers

GET /api/account/88982875/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 19 Aug 2023 11:44:47 GMT
content-type: application/javascript
vary: Accept
expires: Sat, 19 Aug 2023 11:45:30 GMT
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: HIT
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

flokbaby.it/js.hsforms.net/forms/v2.js

77.83.64.33

301 Moved Permanently

0 B

URL GET HTTP/2
flokbaby.it/js.hsforms.net/forms/v2.js
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/meta/saved_resource.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /js.hsforms.net/forms/v2.js HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/meta/saved_resource.html
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1; wp_woocommerce_session_b225a3e1d791aefc99bcf5f3eeeb78ae=t_99e0bb14513f2b7e6ba1932c535add%7C%7C1692618279%7C%7C1692614679%7C%7C55f7c0a2d23c5c0f4aead8c27e9524bb; woocommerce_recently_viewed=4638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 19 Aug 2023 11:44:47 GMT
content-type: text/html; charset=UTF-8
content-length: 0
link: <https://flokbaby.it/wp-json/>; rel="https://api.w.org/"
expires: Sat, 19 Aug 2023 12:44:47 GMT
cache-control: max-age=3600
location: https://flokbaby.it/blogs/tag/internet/
x-powered-by: PHP/7.4.28, PleskLin
X-Firefox-Spdy: h2

flokbaby.it/metamask.io/images/favicon.png

77.83.64.33

301 Moved Permanently

0 B

URL GET HTTP/2
flokbaby.it/metamask.io/images/favicon.png
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /metamask.io/images/favicon.png HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/secure.html
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1; wp_woocommerce_session_b225a3e1d791aefc99bcf5f3eeeb78ae=t_99e0bb14513f2b7e6ba1932c535add%7C%7C1692618279%7C%7C1692614679%7C%7C55f7c0a2d23c5c0f4aead8c27e9524bb; woocommerce_recently_viewed=4638
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 19 Aug 2023 11:44:47 GMT
content-type: text/html; charset=UTF-8
content-length: 0
link: <https://flokbaby.it/wp-json/>; rel="https://api.w.org/"
expires: Sat, 19 Aug 2023 12:44:47 GMT
cache-control: max-age=3600
location: https://flokbaby.it/prodotto/marsupio-ergonomico-standard-zig-zag/
x-powered-by: PHP/7.4.28, PleskLin
X-Firefox-Spdy: h2

www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mbG9rYmFieS5pdDo0NDM.&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=eaoit81ntzxz

142.250.74.164

200 OK

29 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mbG9rYmFieS5pdDo0NDM.&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=eaoit81ntzxz
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint6B:BC:50:D6:D8:AB:DE:2F:10:C5:BE:7D:98:41:FA:8E:F2:D8:34:C4
ValidityMon, 31 Jul 2023 08:16:44 GMT - Mon, 23 Oct 2023 08:16:43 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (44147)
Size
29 kB (28868 bytes)
Hash
acf1a0b63ba26f3602fc6efd09c6c705
8379725c8aff38457e0ee2307c0066ab1f7ffa25
3da3a0e6792d0456a3c8802083550caad91e6d0e51f4e61bd0d54691572d8cc1

HTTP Headers

GET /recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mbG9rYmFieS5pdDo0NDM.&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=eaoit81ntzxz HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/
Cookie: _GRECAPTCHA=09AHJ_tr7yRbmuE9-Bn6iSjct-34UnLC-snkJO5ZXeMlHfzOJfaA23Y9xsUXKajtSh6et83LKUfwedtitmrkTi0Lo
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 19 Aug 2023 11:44:47 GMT
content-security-policy: script-src 'nonce-o2bxTGLfq71Zww88bCJuyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 28868
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

flokbaby.it/metamask.io/images/webclip.png

77.83.64.33

301 Moved Permanently

0 B

URL GET HTTP/2
flokbaby.it/metamask.io/images/webclip.png
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /metamask.io/images/webclip.png HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/secure.html
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1; wp_woocommerce_session_b225a3e1d791aefc99bcf5f3eeeb78ae=t_99e0bb14513f2b7e6ba1932c535add%7C%7C1692618279%7C%7C1692614679%7C%7C55f7c0a2d23c5c0f4aead8c27e9524bb; woocommerce_recently_viewed=4638
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 19 Aug 2023 11:44:47 GMT
content-type: text/html; charset=UTF-8
content-length: 0
link: <https://flokbaby.it/wp-json/>; rel="https://api.w.org/"
expires: Sat, 19 Aug 2023 12:44:47 GMT
cache-control: max-age=3600
location: https://flokbaby.it/prodotto/marsupio-ergonomico-standard-zig-zag/
x-powered-by: PHP/7.4.28, PleskLin
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css

216.58.211.3

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
ASCII text, with very long lines (56403), with no line terminators
Size
25 kB (24605 bytes)
Hash
83f90c5a4c20afb44429fa346fbadc10
7c278ec721d3880fbafaadeba9ee80bdf294b014
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

HTTP Headers

GET /recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Aug 2023 06:13:40 GMT
expires: Sun, 18 Aug 2024 06:13:40 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
content-type: text/css
vary: Accept-Encoding
age: 19867
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js

216.58.211.3

200 OK

186 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
ASCII text, with very long lines (679)
Size
186 kB (185519 bytes)
Hash
e346196cabbe1100839406d8f02a31c3
24f54bd82fdab0dc9bc5c6a71e33eefc02286aad
9dab174b3b1ef754d71d613162c1e1f5b88f9f317da8d1f14c146be9c6d9fd35

HTTP Headers

GET /recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 185519
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 21:44:58 GMT
expires: Fri, 16 Aug 2024 21:44:58 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 136789
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

flokbaby.it/mymet/b928e/meta/tag.js.download

77.83.64.33

200 OK

7.3 kB

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/tag.js.download
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
ASCII text, with very long lines (21652), with no line terminators
Size
7.3 kB (7283 bytes)
Hash
e2ee8a9cd68c3d310a4c62fdb4b5c93a
67eb5f9547f1d9de0a8b143c3b50511c26281399
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mymet/b928e/meta/tag.js.download HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:36 GMT
content-type: application/javascript
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
vary: Accept-Encoding
etag: W/"64dc62ed-5494"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.js?loc=https%3A%2F%2Fflokbaby.it&site=88982875&force=1&env=prod&isCrossDomain=true

178.249.97.98

200 OK

16 kB

URL GET HTTP/2
lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.js?loc=https%3A%2F%2Fflokbaby.it&site=88982875&force=1&env=prod&isCrossDomain=true
IP
178.249.97.98:443
ASN
#11054 LIVEPERSON

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerSectigo Limited
Subject*.lpsnmedia.net
Fingerprint50:71:62:B3:88:93:98:3D:CC:EF:A7:C6:82:00:2D:1E:44:64:14:BB
ValidityMon, 09 Jan 2023 00:00:00 GMT - Tue, 09 Jan 2024 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
16 kB (15670 bytes)
Hash
0da6f95b38aeb748bc2b547bfb23a7ec
3b7e57045ca3d4ea1f13eee963679d386472c220
887e56a2418b36279211cc11947a2300f3b5a7f3c2c0b736b53f6472bb52afb8

HTTP Headers

GET /le_secure_storage/3.15.0.0-release_5063/storage.secure.min.js?loc=https%3A%2F%2Fflokbaby.it&site=88982875&force=1&env=prod&isCrossDomain=true HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 19 Aug 2023 11:44:47 GMT
content-type: application/javascript
last-modified: Fri, 05 Nov 2021 13:34:15 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sun, 18 Aug 2024 11:44:47 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.106

200 OK

1.1 kB

URL GET HTTP/3
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint2A:06:F9:5A:FD:FC:89:5C:D7:C5:CC:38:F0:25:78:FB:15:9F:5A:67
ValidityMon, 31 Jul 2023 08:22:19 GMT - Mon, 23 Oct 2023 08:22:18 GMT

File type
gzip compressed data, max compression\012- data
Size
1.1 kB (1064 bytes)
Hash
dd165196f896f15066a3c8ca4fb1fd53
47de63f5e36c2f03ce49684ae3b2343ed963a4d7
5572fc8ca99ec4a73e37dc9de317ae8344f48a3784aebd52fd99ed8f5d7c1aac

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 19 Aug 2023 11:44:46 GMT
date: Sat, 19 Aug 2023 11:44:46 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/audio_2x.png

216.58.211.3

200 OK

530 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/audio_2x.png
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
530 B (530 bytes)
Hash
88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

HTTP Headers

GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 04:54:45 GMT
expires: Thu, 24 Aug 2023 04:54:45 GMT
cache-control: public, max-age=604800
age: 197402
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mbG9rYmFieS5pdDo0NDM.&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=eaoit81ntzxz
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 15:24:26 GMT
expires: Fri, 16 Aug 2024 15:24:26 GMT
cache-control: public, max-age=31536000
age: 159622
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

16 kB

URL GET
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Aug 2023 22:56:18 GMT
expires: Wed, 14 Aug 2024 22:56:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 305310
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq

142.250.74.164

200 OK

112 B

URL GET HTTP/3
www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=12gauca4ue83
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint6B:BC:50:D6:D8:AB:DE:2F:10:C5:BE:7D:98:41:FA:8E:F2:D8:34:C4
ValidityMon, 31 Jul 2023 08:16:44 GMT - Mon, 23 Oct 2023 08:16:43 GMT

File type
ASCII text, with no line terminators
Size
112 B (112 bytes)
Hash
9850c72f212186063d38d2b8ff0c678b
9cf08c9995213b8252aaed87931c91e456b8b6b2
13f425cbab48a8199950e3873a94b5f8faa294a66f751cfe15423d34dfc98ff8

HTTP Headers

GET /recaptcha/enterprise/webworker.js?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mbG9rYmFieS5pdDo0NDM.&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=eaoit81ntzxz
Cookie: _GRECAPTCHA=09AHJ_tr7yRbmuE9-Bn6iSjct-34UnLC-snkJO5ZXeMlHfzOJfaA23Y9xsUXKajtSh6et83LKUfwedtitmrkTi0Lo
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Sat, 19 Aug 2023 11:44:48 GMT
date: Sat, 19 Aug 2023 11:44:48 GMT
cache-control: private, max-age=300
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/logo_48.png

216.58.211.3

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mbG9rYmFieS5pdDo0NDM.&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=eaoit81ntzxz
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Aug 2023 14:42:45 GMT
expires: Fri, 25 Aug 2023 14:42:45 GMT
cache-control: public, max-age=604800
age: 75723
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js

216.58.211.3

200 OK

186 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
ASCII text, with very long lines (679)
Size
186 kB (185519 bytes)
Hash
e346196cabbe1100839406d8f02a31c3
24f54bd82fdab0dc9bc5c6a71e33eefc02286aad
9dab174b3b1ef754d71d613162c1e1f5b88f9f317da8d1f14c146be9c6d9fd35

HTTP Headers

GET /recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 185519
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 21:44:58 GMT
expires: Fri, 16 Aug 2024 21:44:58 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 136790
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

142.250.74.164

200 OK

1.2 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint6B:BC:50:D6:D8:AB:DE:2F:10:C5:BE:7D:98:41:FA:8E:F2:D8:34:C4
ValidityMon, 31 Jul 2023 08:16:44 GMT - Mon, 23 Oct 2023 08:16:43 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.2 kB (1161 bytes)
Hash
a049a5ea298f6d7b0e33be5bdda7e924
65c912dd7c2e91fab64177ffd3fd196e6358c85a
bec1857988fc80b4d553352c85155cfdf624c3c338a3a3915bdb91fb37fd4155

HTTP Headers

GET /recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/
Cookie: _GRECAPTCHA=09AHJ_tr7yRbmuE9-Bn6iSjct-34UnLC-snkJO5ZXeMlHfzOJfaA23Y9xsUXKajtSh6et83LKUfwedtitmrkTi0Lo
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 19 Aug 2023 11:44:48 GMT
content-security-policy: script-src 'nonce-ZFFfwmHpwPcN9t2PPWXBYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1161
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css

216.58.211.3

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
ASCII text, with very long lines (56403), with no line terminators
Size
25 kB (24605 bytes)
Hash
83f90c5a4c20afb44429fa346fbadc10
7c278ec721d3880fbafaadeba9ee80bdf294b014
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

HTTP Headers

GET /recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Aug 2023 06:13:40 GMT
expires: Sun, 18 Aug 2024 06:13:40 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
content-type: text/css
vary: Accept-Encoding
age: 19868
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

flokbaby.it/blogs/tag/internet/

77.83.64.33

200 OK

203 kB

URL GET HTTP/2
flokbaby.it/blogs/tag/internet/
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/meta/saved_resource.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9462), with CRLF, LF line terminators
Size
203 kB (203053 bytes)
Hash
d0af2b12d721ceb37f4e73eb0ace728e
aa7dc82109b4f7487d5ed8b8a3a6ece5a4786852
fad74ad9e1dcb5afdfb97d5a34dd1913e22a008b3d92e93aa27e18574cb4e270

HTTP Headers

GET /blogs/tag/internet/ HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flokbaby.it/mymet/b928e/meta/saved_resource.html
DNT: 1
Connection: keep-alive
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1; wp_woocommerce_session_b225a3e1d791aefc99bcf5f3eeeb78ae=t_99e0bb14513f2b7e6ba1932c535add%7C%7C1692618279%7C%7C1692614679%7C%7C55f7c0a2d23c5c0f4aead8c27e9524bb; woocommerce_recently_viewed=4638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:48 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://flokbaby.it/wp-json/>; rel="https://api.w.org/", <https://flokbaby.it/wp-json/wp/v2/tags/27>; rel="alternate"; type="application/json"
x-powered-by: PHP/7.4.28, PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit

142.250.74.164

200 OK

614 B

URL GET HTTP/3
www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://js.hsforms.net/forms-next/shell-recaptcha
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint6B:BC:50:D6:D8:AB:DE:2F:10:C5:BE:7D:98:41:FA:8E:F2:D8:34:C4
ValidityMon, 31 Jul 2023 08:16:44 GMT - Mon, 23 Oct 2023 08:16:43 GMT

File type
ASCII text, with very long lines (1008), with no line terminators
Size
614 B (614 bytes)
Hash
aac3288b87f93219ccd838f40e3985d7
4f1e30acf86e034db135c6d666702fc72f86c155
8eace2ac1082d16eaa54c0851cf077baf7d925e1791e24df78d4d1d72fe02958

HTTP Headers

GET /recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Cookie: _GRECAPTCHA=09AHJ_tr7yRbmuE9-Bn6iSjct-34UnLC-snkJO5ZXeMlHfzOJfaA23Y9xsUXKajtSh6et83LKUfwedtitmrkTi0Lo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Sat, 19 Aug 2023 11:44:48 GMT
date: Sat, 19 Aug 2023 11:44:48 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 614
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

flokbaby.it/mymet/b928e/meta/js

77.83.64.33

200 OK

241 kB

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/js
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
ASCII text, with very long lines (1815)
Size
241 kB (240651 bytes)
Hash
fb2ab9b8632250b0d7aa50c08150cfe1
73b3f266ac08c9fb07e1de1664fed384ccd5bc86
5d419e0ff614b331e4f8fed2ba7c1380b1f5983f98d820a6a0f7040b55f60b5b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mymet/b928e/meta/js HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/secure.html
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1; wp_woocommerce_session_b225a3e1d791aefc99bcf5f3eeeb78ae=t_99e0bb14513f2b7e6ba1932c535add%7C%7C1692618279%7C%7C1692614679%7C%7C55f7c0a2d23c5c0f4aead8c27e9524bb; woocommerce_recently_viewed=4638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:46 GMT
content-type: text/plain
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
vary: Accept-Encoding
etag: W/"64dc62ed-168a5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

142.250.74.164

200 OK

25 kB

URL POST HTTP/3
www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint6B:BC:50:D6:D8:AB:DE:2F:10:C5:BE:7D:98:41:FA:8E:F2:D8:34:C4
ValidityMon, 31 Jul 2023 08:16:44 GMT - Mon, 23 Oct 2023 08:16:43 GMT

File type
ASCII text, with very long lines (41022)
Size
25 kB (24868 bytes)
Hash
ed6c0885efadd10a6bb24793d0f27982
1314e0000fa45393ce3397f2443d7b28f36da308
4b1ec2b85c346cd5fe128854dfd69388674087c90e5e7c2adaa89bd27cb74bef

HTTP Headers

POST /recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuffer
Content-Length: 6973
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Cookie: _GRECAPTCHA=09AHJ_tr7yRbmuE9-Bn6iSjct-34UnLC-snkJO5ZXeMlHfzOJfaA23Y9xsUXKajtSh6et83LKUfwedtitmrkTi0Lo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
date: Sat, 19 Aug 2023 11:44:48 GMT
expires: Sat, 19 Aug 2023 11:44:48 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 24868
server: GSE
set-cookie: _GRECAPTCHA=09AHJ_tr5twgO1bRbOnnLpP9mLtbC4w7DoddBV5I7s-crZu2xXJVcusYX9xoHfg3qtUIfgWViERMb1feZChZwoxHg;Path=/recaptcha;Expires=Thu, 15-Feb-2024 11:44:48 GMT;Secure;HttpOnly;Priority=HIGH;SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

flokbaby.it/mymet/b928e/meta/metamask-staging-2.webflow.css

77.83.64.33

200 OK

69 kB

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/metamask-staging-2.webflow.css
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
ASCII text
Size
69 kB (68704 bytes)
Hash
d4ede0f1d47b3b9aac92ea8a29c2ec85
135c44809f03ce1360c7e74da033e4b4f5cfb87c
98489ee303fa850e7c3185248b30d64dfb6c7c55aa8726a98efb037525988e5a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mymet/b928e/meta/metamask-staging-2.webflow.css HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/secure.html
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1; wp_woocommerce_session_b225a3e1d791aefc99bcf5f3eeeb78ae=t_99e0bb14513f2b7e6ba1932c535add%7C%7C1692618279%7C%7C1692614679%7C%7C55f7c0a2d23c5c0f4aead8c27e9524bb; woocommerce_recently_viewed=4638
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:46 GMT
content-type: text/css
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
vary: Accept-Encoding
etag: W/"64dc62ed-22adb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mbG9rYmFieS5pdDo0NDM.&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=eaoit81ntzxz
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 15:24:26 GMT
expires: Fri, 16 Aug 2024 15:24:26 GMT
cache-control: public, max-age=31536000
age: 159622
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15340, version 1.0\012- data
Size
15 kB (15340 bytes)
Hash
19b7a0adfdd4f808b53af7e2ce2ad4e5
81d5d4c7b5035ad10cce63cf7100295e0c51fdda
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 15:15:27 GMT
expires: Fri, 16 Aug 2024 15:15:27 GMT
cache-control: public, max-age=31536000
age: 160161
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

16 kB

URL GET
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Aug 2023 22:56:18 GMT
expires: Wed, 14 Aug 2024 22:56:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 305310
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

flokbaby.it/mymet/b928e/meta/recaptcha__nl.js.download

77.83.64.33

200 OK

128 kB

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/recaptcha__nl.js.download
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/meta/anchor.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
ASCII text, with very long lines (820)
Size
128 kB (128369 bytes)
Hash
e735084e8ffed1ad8d89df08d98d4d23
6cdab8dac12030c8bc980ec129affecc626285c3
6cde5be2d724e53c8c4a97041365d3075e3af63ec08e1712b2f831b6e2bd357b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mymet/b928e/meta/recaptcha__nl.js.download HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/meta/bframe.html
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1; wp_woocommerce_session_b225a3e1d791aefc99bcf5f3eeeb78ae=t_99e0bb14513f2b7e6ba1932c535add%7C%7C1692618279%7C%7C1692614679%7C%7C55f7c0a2d23c5c0f4aead8c27e9524bb; woocommerce_recently_viewed=4638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:47 GMT
content-type: application/javascript
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
vary: Accept-Encoding
etag: W/"64dc62ed-56577"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/api2/audio_2x.png

216.58.211.3

200 OK

530 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/audio_2x.png
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
530 B (530 bytes)
Hash
88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

HTTP Headers

GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 04:54:45 GMT
expires: Thu, 24 Aug 2023 04:54:45 GMT
cache-control: public, max-age=604800
age: 197403
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/info_2x.png

216.58.211.3

200 OK

665 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/info_2x.png
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://flokbaby.it/mymet/b928e/meta/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
665 B (665 bytes)
Hash
07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

HTTP Headers

GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Aug 2023 11:00:47 GMT
expires: Sat, 26 Aug 2023 11:00:47 GMT
cache-control: public, max-age=604800
age: 2641
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/payload?p=06ADUVZwDwfaEObHcGD0IrFSEoeRMDM91To829J2RKCZtEB-uOqXjpOuwPhPH1k0fNlfeQ_WbN28lwc8JFZSgkEH4M8Vyv1a37naWyxZcgoKB1Z83-_QKGL7YKpG62sx4ApUn67vxYFIaI5Qvjtp2T27V3Uiy6TsGkESoWGoDdzgaFqJfu-SXCHs27RYQ0KllVGTdbzrX801xY&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

142.250.74.164

200 OK

30 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/payload?p=06ADUVZwDwfaEObHcGD0IrFSEoeRMDM91To829J2RKCZtEB-uOqXjpOuwPhPH1k0fNlfeQ_WbN28lwc8JFZSgkEH4M8Vyv1a37naWyxZcgoKB1Z83-_QKGL7YKpG62sx4ApUn67vxYFIaI5Qvjtp2T27V3Uiy6TsGkESoWGoDdzgaFqJfu-SXCHs27RYQ0KllVGTdbzrX801xY&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint6B:BC:50:D6:D8:AB:DE:2F:10:C5:BE:7D:98:41:FA:8E:F2:D8:34:C4
ValidityMon, 31 Jul 2023 08:16:44 GMT - Mon, 23 Oct 2023 08:16:43 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Size
30 kB (29459 bytes)
Hash
69d01a0c05173916f8009df36d7b2cdd
8cd21766fbc0a1a1d830b555fd98e082f80467fc
a0a032920c69fadbb5f330c27b86def81f58cab359cada2d323b5aa8398f8345

HTTP Headers

GET /recaptcha/enterprise/payload?p=06ADUVZwDwfaEObHcGD0IrFSEoeRMDM91To829J2RKCZtEB-uOqXjpOuwPhPH1k0fNlfeQ_WbN28lwc8JFZSgkEH4M8Vyv1a37naWyxZcgoKB1Z83-_QKGL7YKpG62sx4ApUn67vxYFIaI5Qvjtp2T27V3Uiy6TsGkESoWGoDdzgaFqJfu-SXCHs27RYQ0KllVGTdbzrX801xY&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Cookie: _GRECAPTCHA=09AHJ_tr5twgO1bRbOnnLpP9mLtbC4w7DoddBV5I7s-crZu2xXJVcusYX9xoHfg3qtUIfgWViERMb1feZChZwoxHg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Sat, 19 Aug 2023 11:44:48 GMT
date: Sat, 19 Aug 2023 11:44:48 GMT
cache-control: private, max-age=30
content-type: image/jpeg
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 29459
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css

216.58.211.3

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
ASCII text, with very long lines (56403), with no line terminators
Size
25 kB (24605 bytes)
Hash
83f90c5a4c20afb44429fa346fbadc10
7c278ec721d3880fbafaadeba9ee80bdf294b014
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

HTTP Headers

GET /recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Aug 2023 06:13:40 GMT
expires: Sun, 18 Aug 2024 06:13:40 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
content-type: text/css
vary: Accept-Encoding
age: 19869
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js

216.58.211.3

200 OK

186 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
ASCII text, with very long lines (679)
Size
186 kB (185519 bytes)
Hash
e346196cabbe1100839406d8f02a31c3
24f54bd82fdab0dc9bc5c6a71e33eefc02286aad
9dab174b3b1ef754d71d613162c1e1f5b88f9f317da8d1f14c146be9c6d9fd35

HTTP Headers

GET /recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 185519
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 21:44:58 GMT
expires: Fri, 16 Aug 2024 21:44:58 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 136791
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mbG9rYmFieS5pdDo0NDM.&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=eaoit81ntzxz
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 15:24:26 GMT
expires: Fri, 16 Aug 2024 15:24:26 GMT
cache-control: public, max-age=31536000
age: 159623
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

flokbaby.it/prodotto/marsupio-ergonomico-standard-zig-zag/

77.83.64.33

200 OK

39 kB

URL GET HTTP/2
flokbaby.it/prodotto/marsupio-ergonomico-standard-zig-zag/
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9462), with CRLF, LF line terminators
Size
39 kB (38934 bytes)
Hash
d8c0dce24f009703534ba8546bf00dc7
9ea0308dc675f70af7781420519a767fa0bff3dd
8eaca173f684a9925ce0bc21102174edd3ff37f443852c6617393468d7ebcd2e

HTTP Headers

GET /prodotto/marsupio-ergonomico-standard-zig-zag/ HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flokbaby.it/mymet/b928e/secure.html
DNT: 1
Connection: keep-alive
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1; wp_woocommerce_session_b225a3e1d791aefc99bcf5f3eeeb78ae=t_99e0bb14513f2b7e6ba1932c535add%7C%7C1692618279%7C%7C1692614679%7C%7C55f7c0a2d23c5c0f4aead8c27e9524bb; woocommerce_recently_viewed=4638
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:48 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://flokbaby.it/wp-json/>; rel="https://api.w.org/", <https://flokbaby.it/wp-json/wp/v2/product/4638>; rel="alternate"; type="application/json", <https://flokbaby.it/?p=4638>; rel=shortlink
set-cookie: woocommerce_recently_viewed=4638; expires=Mon, 18-Sep-2023 11:44:48 GMT; Max-Age=2592000; path=/
x-powered-by: PHP/7.4.28, PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq

142.250.74.164

200 OK

112 B

URL GET HTTP/3
www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=12gauca4ue83
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint6B:BC:50:D6:D8:AB:DE:2F:10:C5:BE:7D:98:41:FA:8E:F2:D8:34:C4
ValidityMon, 31 Jul 2023 08:16:44 GMT - Mon, 23 Oct 2023 08:16:43 GMT

File type
ASCII text, with no line terminators
Size
112 B (112 bytes)
Hash
9850c72f212186063d38d2b8ff0c678b
9cf08c9995213b8252aaed87931c91e456b8b6b2
13f425cbab48a8199950e3873a94b5f8faa294a66f751cfe15423d34dfc98ff8

HTTP Headers

GET /recaptcha/enterprise/webworker.js?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=12gauca4ue83
Cookie: _GRECAPTCHA=09AHJ_tr5twgO1bRbOnnLpP9mLtbC4w7DoddBV5I7s-crZu2xXJVcusYX9xoHfg3qtUIfgWViERMb1feZChZwoxHg
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Sat, 19 Aug 2023 11:44:49 GMT
date: Sat, 19 Aug 2023 11:44:49 GMT
cache-control: private, max-age=300
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js

216.58.211.3

200 OK

186 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
ASCII text, with very long lines (679)
Size
186 kB (185519 bytes)
Hash
e346196cabbe1100839406d8f02a31c3
24f54bd82fdab0dc9bc5c6a71e33eefc02286aad
9dab174b3b1ef754d71d613162c1e1f5b88f9f317da8d1f14c146be9c6d9fd35

HTTP Headers

GET /recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 185519
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 21:44:58 GMT
expires: Fri, 16 Aug 2024 21:44:58 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 136791
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/logo_48.png

216.58.211.3

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mbG9rYmFieS5pdDo0NDM.&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=eaoit81ntzxz
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Aug 2023 14:42:45 GMT
expires: Fri, 25 Aug 2023 14:42:45 GMT
cache-control: public, max-age=604800
age: 75724
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

142.250.74.164

200 OK

1.2 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint6B:BC:50:D6:D8:AB:DE:2F:10:C5:BE:7D:98:41:FA:8E:F2:D8:34:C4
ValidityMon, 31 Jul 2023 08:16:44 GMT - Mon, 23 Oct 2023 08:16:43 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3, ASCII text
Size
1.2 kB (1162 bytes)
Hash
d63a9e9175ca01b49f21eac23528147e
a2a2487d8229d1b2ba113a86ee6f8a1c4bb96e1d
5e46bc712ea5101c4aee544fb3e97156e98fbde8dc981b706d4b57074122de9c

HTTP Headers

GET /recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Cookie: _GRECAPTCHA=09AHJ_tr5twgO1bRbOnnLpP9mLtbC4w7DoddBV5I7s-crZu2xXJVcusYX9xoHfg3qtUIfgWViERMb1feZChZwoxHg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 19 Aug 2023 11:44:49 GMT
content-security-policy: script-src 'nonce-_-TMQ7wdQ9_Yq9Iaj7WaGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1162
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css

216.58.211.3

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
ASCII text, with very long lines (56403), with no line terminators
Size
25 kB (24605 bytes)
Hash
83f90c5a4c20afb44429fa346fbadc10
7c278ec721d3880fbafaadeba9ee80bdf294b014
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

HTTP Headers

GET /recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Aug 2023 06:13:40 GMT
expires: Sun, 18 Aug 2024 06:13:40 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
content-type: text/css
vary: Accept-Encoding
age: 19869
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js

216.58.211.3

200 OK

186 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
ASCII text, with very long lines (679)
Size
186 kB (185519 bytes)
Hash
e346196cabbe1100839406d8f02a31c3
24f54bd82fdab0dc9bc5c6a71e33eefc02286aad
9dab174b3b1ef754d71d613162c1e1f5b88f9f317da8d1f14c146be9c6d9fd35

HTTP Headers

GET /recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 185519
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 21:44:58 GMT
expires: Fri, 16 Aug 2024 21:44:58 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 136791
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

142.250.74.164

200 OK

25 kB

URL POST HTTP/3
www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint6B:BC:50:D6:D8:AB:DE:2F:10:C5:BE:7D:98:41:FA:8E:F2:D8:34:C4
ValidityMon, 31 Jul 2023 08:16:44 GMT - Mon, 23 Oct 2023 08:16:43 GMT

File type
ASCII text, with very long lines (41092)
Size
25 kB (24911 bytes)
Hash
f897c171bfa245f4154d03f4db4e988c
92bca0b0b60b4101970da5a4d6b25cb82c0b89ee
808d55476c34c533f61653d9da077247ed152147efb3d4ce607a85767a0ad473

HTTP Headers

POST /recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuffer
Content-Length: 7042
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Cookie: _GRECAPTCHA=09AHJ_tr5twgO1bRbOnnLpP9mLtbC4w7DoddBV5I7s-crZu2xXJVcusYX9xoHfg3qtUIfgWViERMb1feZChZwoxHg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
date: Sat, 19 Aug 2023 11:44:50 GMT
expires: Sat, 19 Aug 2023 11:44:50 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 24911
server: GSE
set-cookie: _GRECAPTCHA=09AHJ_tr4rkpNTLY5OydrsNPsarOv32sHrSBP_hp40xgbBf5IT2GfvxSU_M-KwPBqvhixb76EehRjX70dbHsl0Eqg;Path=/recaptcha;Expires=Thu, 15-Feb-2024 11:44:50 GMT;Secure;HttpOnly;Priority=HIGH;SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mbG9rYmFieS5pdDo0NDM.&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=eaoit81ntzxz
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 15:24:26 GMT
expires: Fri, 16 Aug 2024 15:24:26 GMT
cache-control: public, max-age=31536000
age: 159624
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

16 kB

URL GET
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Aug 2023 22:56:18 GMT
expires: Wed, 14 Aug 2024 22:56:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 305312
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15340, version 1.0\012- data
Size
15 kB (15340 bytes)
Hash
19b7a0adfdd4f808b53af7e2ce2ad4e5
81d5d4c7b5035ad10cce63cf7100295e0c51fdda
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 15:15:27 GMT
expires: Fri, 16 Aug 2024 15:15:27 GMT
cache-control: public, max-age=31536000
age: 160163
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/payload?p=06ADUVZwBkrO_8e2N7jMmm6ECZwnU4ElYOWW-r4Rm_KIoBtWBGIL8Z_e-DVGaMvfD3lq8LArXghfJNVTrmvAIE3BG7akaFMl4rLpRlV7LHA7t3LEWtgXBJximq1kGZadPkVEbRCl4nQC93H7bJRJNDunRDIZNR6rMKeZNEYfDj3tDCX7eyHTzLPjqViXekPWLPWzXB40HvSviH&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

142.250.74.164

41 kB

URL
www.google.com/recaptcha/enterprise/payload?p=06ADUVZwBkrO_8e2N7jMmm6ECZwnU4ElYOWW-r4Rm_KIoBtWBGIL8Z_e-DVGaMvfD3lq8LArXghfJNVTrmvAIE3BG7akaFMl4rLpRlV7LHA7t3LEWtgXBJximq1kGZadPkVEbRCl4nQC93H7bJRJNDunRDIZNR6rMKeZNEYfDj3tDCX7eyHTzLPjqViXekPWLPWzXB40HvSviH&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
142.250.74.164:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint6B:BC:50:D6:D8:AB:DE:2F:10:C5:BE:7D:98:41:FA:8E:F2:D8:34:C4
ValidityMon, 31 Jul 2023 08:16:44 GMT - Mon, 23 Oct 2023 08:16:43 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Size
41 kB (40962 bytes)
Hash
c65c0ce81f52bd9eca68a6f212208d9d
67bd0697683da3d09607352ff6512f73ec7d56f4
1d28cb36578780e65fe9fc4cd69d3d165c11e61f369f6ab69e81c061efc95617

HTTP Headers

GET /recaptcha/enterprise/payload?p=06ADUVZwBkrO_8e2N7jMmm6ECZwnU4ElYOWW-r4Rm_KIoBtWBGIL8Z_e-DVGaMvfD3lq8LArXghfJNVTrmvAIE3BG7akaFMl4rLpRlV7LHA7t3LEWtgXBJximq1kGZadPkVEbRCl4nQC93H7bJRJNDunRDIZNR6rMKeZNEYfDj3tDCX7eyHTzLPjqViXekPWLPWzXB40HvSviH&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Cookie: _GRECAPTCHA=09AHJ_tr4rkpNTLY5OydrsNPsarOv32sHrSBP_hp40xgbBf5IT2GfvxSU_M-KwPBqvhixb76EehRjX70dbHsl0Eqg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Sat, 19 Aug 2023 11:44:50 GMT
date: Sat, 19 Aug 2023 11:44:50 GMT
cache-control: private, max-age=30
content-type: image/jpeg
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 40962
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/refresh_2x.png

216.58.211.3

200 OK

600 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/refresh_2x.png
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://flokbaby.it/mymet/b928e/meta/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
600 B (600 bytes)
Hash
0f2a4639b8a4cb30c76e8333c00d30a6
57e273a270bb864970d747c74b3f0a7c8e515b13
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

HTTP Headers

GET /recaptcha/api2/refresh_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 15:12:23 GMT
expires: Thu, 24 Aug 2023 15:12:23 GMT
cache-control: public, max-age=604800
age: 160347
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/audio_2x.png

216.58.211.3

200 OK

530 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/audio_2x.png
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
530 B (530 bytes)
Hash
88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

HTTP Headers

GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 04:54:45 GMT
expires: Thu, 24 Aug 2023 04:54:45 GMT
cache-control: public, max-age=604800
age: 197405
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/info_2x.png

216.58.211.3

200 OK

665 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/info_2x.png
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://flokbaby.it/mymet/b928e/meta/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
665 B (665 bytes)
Hash
07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

HTTP Headers

GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Aug 2023 11:00:47 GMT
expires: Sat, 26 Aug 2023 11:00:47 GMT
cache-control: public, max-age=604800
age: 2643
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/canonical_car.png

216.58.211.3

11 kB

URL
www.gstatic.com/recaptcha/api2/canonical_car.png
IP
216.58.211.3:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
PNG image data, 98 x 90, 8-bit/color RGB, non-interlaced\012- data
Size
11 kB (11174 bytes)
Hash
a4741c6089e163f0e5c0cdb2c698a03e
03b190c8d9350802cbabbccd2757cff1fb7115f0
c9685b413894b0647b42edf9cac1fc0b2ed044c1fe238d843b9ca3d29db1b805

HTTP Headers

GET /recaptcha/api2/canonical_car.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 11174
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Aug 2023 07:19:55 GMT
expires: Wed, 23 Aug 2023 07:19:55 GMT
cache-control: public, max-age=604800
age: 275095
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

flokbaby.it/mymet/b928e/meta/anchor.html

77.83.64.33

200 OK

25 kB

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/anchor.html
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (33133)
Size
25 kB (24873 bytes)
Hash
a03e5a8ddfb42a8a60384d788266a807
f549963001ef8b92e0e04ff3890989d50b91dbf5
48e0975bfc5d24b4afb177af183ef6ac96c1645607059ab2df2bc1849f02f630

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mymet/b928e/meta/anchor.html HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:53 GMT
content-type: text/html
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
vary: Accept-Encoding
etag: W/"64dc62ed-a636"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

flokbaby.it/mymet/b928e/secure.html

77.83.64.33

200 OK

37 kB

URL User Request GET HTTP/2
flokbaby.it/mymet/b928e/secure.html
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1843)
Size
37 kB (37112 bytes)
Hash
e4447bfc84bbb82b203d6c911d4cad0f
7cfe82cb7e4a87bf4eeaac26bdebe47abce944c8
1979ec31d9d2ce35070f0f25c477deb34156fbdee9dbf2d8f6ff6b3e56abd1f1

HTTP Headers

GET /mymet/b928e/secure.html HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1; wp_woocommerce_session_b225a3e1d791aefc99bcf5f3eeeb78ae=t_99e0bb14513f2b7e6ba1932c535add%7C%7C1692618279%7C%7C1692614679%7C%7C55f7c0a2d23c5c0f4aead8c27e9524bb; woocommerce_recently_viewed=4638
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:45 GMT
content-type: text/html
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
vary: Accept-Encoding
etag: W/"64dc62ed-5177"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

flokbaby.it/mymet/b928e/meta/webflow.js.download

77.83.64.33

200 OK

601 kB

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/webflow.js.download
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type

Size
601 kB (601104 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mymet/b928e/meta/webflow.js.download HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/secure.html
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1; wp_woocommerce_session_b225a3e1d791aefc99bcf5f3eeeb78ae=t_99e0bb14513f2b7e6ba1932c535add%7C%7C1692618279%7C%7C1692614679%7C%7C55f7c0a2d23c5c0f4aead8c27e9524bb; woocommerce_recently_viewed=4638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:46 GMT
content-type: application/javascript
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
vary: Accept-Encoding
etag: W/"64dc62ed-92c10"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

flokbaby.it/mymet/b928e/meta/normalize.css

77.83.64.33

200 OK

7.8 kB

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/normalize.css
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
ASCII text, with very long lines (8147), with no line terminators
Size
7.8 kB (7772 bytes)
Hash
21240e0cead3210a28555c3fa89acab0
486fbbc9a997da04985e8ffb5b52e74e0a6f35ea
2881f1b580116868946ef393e44e46ce9ec94fda36f6d1eb840290671830db6a

HTTP Headers

GET /mymet/b928e/meta/normalize.css HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/secure.html
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1; wp_woocommerce_session_b225a3e1d791aefc99bcf5f3eeeb78ae=t_99e0bb14513f2b7e6ba1932c535add%7C%7C1692618279%7C%7C1692614679%7C%7C55f7c0a2d23c5c0f4aead8c27e9524bb; woocommerce_recently_viewed=4638
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:46 GMT
content-type: text/css
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
vary: Accept-Encoding
etag: W/"64dc62ed-1e5c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=https%3A%2F%2Fflokbaby.it&site=88982875&env=prod&isCrossDomain=true

178.249.97.98

200 OK

40 kB

URL GET HTTP/2
lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=https%3A%2F%2Fflokbaby.it&site=88982875&env=prod&isCrossDomain=true
IP
178.249.97.98:443
ASN
#11054 LIVEPERSON

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerSectigo Limited
Subject*.lpsnmedia.net
Fingerprint50:71:62:B3:88:93:98:3D:CC:EF:A7:C6:82:00:2D:1E:44:64:14:BB
ValidityMon, 09 Jan 2023 00:00:00 GMT - Tue, 09 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32207)
Size
40 kB (39478 bytes)
Hash
e57f19d47b3b07b577d844ae827ea4b3
7fab7227b3a1fb72d016a40685952c4483909eb8
59f4843277d9aca1200c779c52318aadb380021a0051a6644b75274acb7fe158

HTTP Headers

GET /le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=https%3A%2F%2Fflokbaby.it&site=88982875&env=prod&isCrossDomain=true HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 19 Aug 2023 11:44:47 GMT
content-type: text/html
last-modified: Fri, 05 Nov 2021 13:34:15 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sun, 18 Aug 2024 11:44:47 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=4795067

104.17.210.243

200 OK

35 B

URL GET HTTP/3
perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=4795067
IP
104.17.210.243:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1E:9D:91:27:86:63:DC:7B:9D:15:4E:99:31:FC:AA:1D:DC:9E:06:3B
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=4795067 HTTP/1.1
Host: perf.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Aug 2023 11:44:47 GMT
content-type: image/gif
content-length: 35
x-trace: 2B27C729A1C76414F78C921279C434556FDD510D72000000000000000000
cache-control: max-age=0, no-cache, no-store
vary: origin, Accept-Encoding
access-control-allow-credentials: false
x-content-type-options: nosniff
access-control-expose-headers: X-Origin-Hublet
x-robots-tag: none
x-envoy-upstream-service-time: 1
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-d2gnr
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-hubspot-correlation-id: aa66843d-6554-4210-9db9-317b915123d4
x-request-id: aa66843d-6554-4210-9db9-317b915123d4
last-modified: Sat, 19 Aug 2023 11:44:47 GMT
cf-cache-status: MISS
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7f92258a7a05b51d-OSL
alt-svc: h3=":443"; ma=86400

flokbaby.it/mymet/b928e/meta/analytics.js.download

77.83.64.33

200 OK

50 kB

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/analytics.js.download
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
ASCII text, with very long lines (1325)
Size
50 kB (50205 bytes)
Hash
d40531c5e99a6f84e42535859476fe35
a901817d77b2fe5259c298c91bc65c54d7f8a1a9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mymet/b928e/meta/analytics.js.download HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/secure.html
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1; wp_woocommerce_session_b225a3e1d791aefc99bcf5f3eeeb78ae=t_99e0bb14513f2b7e6ba1932c535add%7C%7C1692618279%7C%7C1692614679%7C%7C55f7c0a2d23c5c0f4aead8c27e9524bb; woocommerce_recently_viewed=4638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:46 GMT
content-type: application/javascript
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
vary: Accept-Encoding
etag: W/"64dc62ed-c41d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

flokbaby.it/mymet/b928e/meta/v2.js.download

77.83.64.33

200 OK

579 kB

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/v2.js.download
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type

Size
579 kB (578833 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mymet/b928e/meta/v2.js.download HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/secure.html
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1; wp_woocommerce_session_b225a3e1d791aefc99bcf5f3eeeb78ae=t_99e0bb14513f2b7e6ba1932c535add%7C%7C1692618279%7C%7C1692614679%7C%7C55f7c0a2d23c5c0f4aead8c27e9524bb; woocommerce_recently_viewed=4638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:46 GMT
content-type: application/javascript
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
vary: Accept-Encoding
etag: W/"64dc62ed-8d511"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

flokbaby.it/mymet/b928e/meta/jquery-3.5.1.min.dc5e7f18c8.js.download

77.83.64.33

200 OK

90 kB

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/jquery-3.5.1.min.dc5e7f18c8.js.download
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
ASCII text, with very long lines (65451)
Size
90 kB (89476 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mymet/b928e/meta/jquery-3.5.1.min.dc5e7f18c8.js.download HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/secure.html
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1; wp_woocommerce_session_b225a3e1d791aefc99bcf5f3eeeb78ae=t_99e0bb14513f2b7e6ba1932c535add%7C%7C1692618279%7C%7C1692614679%7C%7C55f7c0a2d23c5c0f4aead8c27e9524bb; woocommerce_recently_viewed=4638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:46 GMT
content-type: application/javascript
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
vary: Accept-Encoding
etag: W/"64dc62ed-15d84"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=12gauca4ue83

142.250.74.164

200 OK

53 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=12gauca4ue83
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://js.hsforms.net/forms-next/shell-recaptcha
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint6B:BC:50:D6:D8:AB:DE:2F:10:C5:BE:7D:98:41:FA:8E:F2:D8:34:C4
ValidityMon, 31 Jul 2023 08:16:44 GMT - Mon, 23 Oct 2023 08:16:43 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (44327)
Size
53 kB (52815 bytes)
Hash
f8c8f73260d0b70c50869d04b7b58542
aac602dc9b8b234f56d5eb827aa52f152622be5a
15272bcda9c65fa6efb4513255f59e783a0eece282d91f33867eae2e0c59e267

HTTP Headers

GET /recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=12gauca4ue83 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Cookie: _GRECAPTCHA=09AHJ_tr7yRbmuE9-Bn6iSjct-34UnLC-snkJO5ZXeMlHfzOJfaA23Y9xsUXKajtSh6et83LKUfwedtitmrkTi0Lo
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 19 Aug 2023 11:44:48 GMT
content-security-policy: script-src 'nonce-xbyFdxlPNNph7dXqTYyLig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 28993
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

flokbaby.it/mymet/b928e/meta/styles__ltr.css

77.83.64.33

200 OK

52 kB

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/styles__ltr.css
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/meta/anchor.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
ASCII text, with very long lines (52368), with no line terminators
Size
52 kB (52368 bytes)
Hash
97c3d49b83dc004fcda822b1853b787b
a82fcfbd6b1cf4dd00f4a63d47b9119a69b40147
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

HTTP Headers

GET /mymet/b928e/meta/styles__ltr.css HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/meta/anchor.html
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1; wp_woocommerce_session_b225a3e1d791aefc99bcf5f3eeeb78ae=t_99e0bb14513f2b7e6ba1932c535add%7C%7C1692618279%7C%7C1692614679%7C%7C55f7c0a2d23c5c0f4aead8c27e9524bb; woocommerce_recently_viewed=4638
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:47 GMT
content-type: text/css
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
vary: Accept-Encoding
etag: W/"64dc62ed-cc90"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Changa+One:400,400italic

142.250.74.106

200 OK

800 B

URL GET HTTP/3
fonts.googleapis.com/css?family=Changa+One:400,400italic
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint2A:06:F9:5A:FD:FC:89:5C:D7:C5:CC:38:F0:25:78:FB:15:9F:5A:67
ValidityMon, 31 Jul 2023 08:22:19 GMT - Mon, 23 Oct 2023 08:22:18 GMT

File type
ASCII text, with very long lines (816), with no line terminators
Size
800 B (800 bytes)
Hash
2f92230730768af52990198bc458846a
f26e29dbf1a3501962b1393cd53951bd6e032519
d0d2059d5fd9b94252a2dd5974c5d65c015d3bc039c55e684294697c7e0cc788

HTTP Headers

GET /css?family=Changa+One:400,400italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 19 Aug 2023 11:44:46 GMT
date: Sat, 19 Aug 2023 11:44:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2

216.58.207.227

200 OK

7.9 kB

URL GET HTTP/3
fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Size
7.9 kB (7900 bytes)
Hash
61e86e7a20ecf3ba181ca4b9a9a1cdbd
482a65cffc69109af26669d64accbef71db3b836
fbd0536d5b92c0dbe6ad2637800ae8da10c20755b564a3575bd12bba57f73b18

HTTP Headers

GET /s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flokbaby.it
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Aug 2023 10:45:02 GMT
expires: Sun, 18 Aug 2024 10:45:02 GMT
cache-control: public, max-age=31536000
age: 3584
last-modified: Thu, 21 Apr 2022 17:15:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

216.58.207.227

200 OK

128 kB

URL GET HTTP/3
fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data
Size
128 kB (128352 bytes)
Hash
53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

HTTP Headers

GET /s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flokbaby.it
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 15:19:24 GMT
expires: Fri, 16 Aug 2024 15:19:24 GMT
cache-control: public, max-age=31536000
age: 159923
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

flokbaby.it/mymet/b928e/meta/saved_resource(2).html

77.83.64.33

200 OK

504 B

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/saved_resource(2).html
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/meta/anchor.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (514), with no line terminators
Size
504 B (504 bytes)
Hash
55cabfc95bb392f0e7c975fa4eebb8e1
7347d78527836042ef572f68127b2eb6d066ee67
0fb4d70036a3ea0d9a3999deb5da385b2d4de14447d25c6cf80fcc73db717d39

HTTP Headers

GET /mymet/b928e/meta/saved_resource(2).html HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/meta/anchor.html
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1; wp_woocommerce_session_b225a3e1d791aefc99bcf5f3eeeb78ae=t_99e0bb14513f2b7e6ba1932c535add%7C%7C1692618279%7C%7C1692614679%7C%7C55f7c0a2d23c5c0f4aead8c27e9524bb; woocommerce_recently_viewed=4638
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:47 GMT
content-type: text/html
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
etag: W/"1f8-60303d4884a1b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

flokbaby.it/mymet/b928e/meta/bframe.html

77.83.64.33

200 OK

12 kB

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/bframe.html
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type

Size
12 kB (11783 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mymet/b928e/meta/bframe.html HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/secure.html
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1; wp_woocommerce_session_b225a3e1d791aefc99bcf5f3eeeb78ae=t_99e0bb14513f2b7e6ba1932c535add%7C%7C1692618279%7C%7C1692614679%7C%7C55f7c0a2d23c5c0f4aead8c27e9524bb; woocommerce_recently_viewed=4638
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:47 GMT
content-type: text/html
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
vary: Accept-Encoding
etag: W/"64dc62ed-2e07"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

flokbaby.it/mymet/b928e/meta/Institutional-Illustration.png

77.83.64.33

200 OK

290 kB

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/Institutional-Illustration.png
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
PNG image data, 876 x 1040, 8-bit/color RGBA, non-interlaced\012- data
Size
290 kB (289564 bytes)
Hash
85607339bb7e3cc70e1b7568ed4d29b2
7c6301d70e1ab599857be6e9795b94418cef6079
5bdf1ea203497adb942fa639a322195c744910ae8980d625d986ddead1f8ed37

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mymet/b928e/meta/Institutional-Illustration.png HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/meta/metamask-staging-2.webflow.css
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1; wp_woocommerce_session_b225a3e1d791aefc99bcf5f3eeeb78ae=t_99e0bb14513f2b7e6ba1932c535add%7C%7C1692618279%7C%7C1692614679%7C%7C55f7c0a2d23c5c0f4aead8c27e9524bb; woocommerce_recently_viewed=4638
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:46 GMT
content-type: image/png
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
vary: Accept-Encoding
etag: W/"64dc62ed-46b1c"
x-powered-by: PleskLin
content-encoding: gzip
X-Firefox-Spdy: h2

flokbaby.it/mymet/b928e/meta/saved_resource.html

77.83.64.33

200 OK

56 kB

URL GET HTTP/2
flokbaby.it/mymet/b928e/meta/saved_resource.html
IP
77.83.64.33:443
ASN
#12637 SEEWEB s.r.l.

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerLet's Encrypt
Subjectflokbaby.it
FingerprintFE:D5:A8:4F:4F:0E:DB:A3:78:E1:0B:54:43:19:EE:CB:51:52:C0:99
ValidityMon, 10 Jul 2023 08:39:11 GMT - Sun, 08 Oct 2023 08:39:10 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32691)
Size
56 kB (55538 bytes)
Hash
de4ff6118374a4bdddaeafc4da59b95e
22c2418e29e43fead20844c0f7009372607acb0b
724ea951d695f615e5c02d58973836560baef3341aa9eddc05824f82809e7834

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mymet/b928e/meta/saved_resource.html HTTP/1.1
Host: flokbaby.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/mymet/b928e/secure.html
Cookie: _ga=GA1.2.1156673305.1692445471; _gid=GA1.2.1442261695.1692445471; _gat_gtag_UA_37075177_6=1; wp_woocommerce_session_b225a3e1d791aefc99bcf5f3eeeb78ae=t_99e0bb14513f2b7e6ba1932c535add%7C%7C1692618279%7C%7C1692614679%7C%7C55f7c0a2d23c5c0f4aead8c27e9524bb; woocommerce_recently_viewed=4638
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 19 Aug 2023 11:44:47 GMT
content-type: text/html
last-modified: Wed, 16 Aug 2023 05:47:25 GMT
vary: Accept-Encoding
etag: W/"64dc62ed-d8f2"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

js.hsforms.net/forms-next/shell-recaptcha

104.16.187.65

200 OK

852 B

URL GET HTTP/3
js.hsforms.net/forms-next/shell-recaptcha
IP
104.16.187.65:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flokbaby.it/mymet/b928e/meta/saved_resource.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint16:1A:D5:A1:BC:62:B5:09:33:E2:A8:32:88:88:60:DE:BD:00:B5:F3
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (882), with no line terminators
Size
852 B (852 bytes)
Hash
440ce01c33f34fd2d411740a08afbefc
5430ee8be61e7637b762df165949e960bf4665c6
4b6998d625f78ce81d67272fc34ca2959491f21f8f858c80f69b0e405fef691f

HTTP Headers

GET /forms-next/shell-recaptcha HTTP/1.1
Host: js.hsforms.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 19 Aug 2023 11:44:48 GMT
content-type: text/html; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Wed, 16 Aug 2023 09:56:43 UTC
x-amz-server-side-encryption: AES256
x-amz-meta-ao: {}
x-amz-version-id: 8yyDE00JrweEB5l0ZuAtAeUVOXeu_b0H
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9dc566ff42777d2cad8483451738f334.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: XLrHI6X4n9OigmJEgxheqlbwZlxW9eHO86OuG8KaS8N7ishF3Tfl7w==
age: 966
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: FormsNext/static-5.658/html/recaptcha.html
x-content-type-options: nosniff
access-control-allow-origin: *
x-hs-cache-status: MISS
x-envoy-upstream-service-time: 3
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-2zr9h
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-hubspot-correlation-id: de99a08a-9b23-4f23-a189-13decd31d26f
x-request-id: de99a08a-9b23-4f23-a189-13decd31d26f
cache-tag: staticjsapp-FormsNext-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QaiQcH6Cz10vbHSx0hg%2BdkLSu6imdjEzWTVVQMsok477Xw7FHPakq6bQmXWBWKx1BqbqzLsSfq7BSstriIsdrw7iOaD2hlOVIYagaeLB3fzEQkR4tWggCh1p5XKSDdBF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7f92258dda5db4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

accdn.lpsnmedia.net/api/account/88982875/configuration/setting/accountproperties/?cb=lpCb25449x5771

178.249.97.99

200 OK

6.7 kB

URL GET HTTP/2
accdn.lpsnmedia.net/api/account/88982875/configuration/setting/accountproperties/?cb=lpCb25449x5771
IP
178.249.97.99:443
ASN
#11054 LIVEPERSON

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerSectigo Limited
Subject*.lpsnmedia.net
Fingerprint50:71:62:B3:88:93:98:3D:CC:EF:A7:C6:82:00:2D:1E:44:64:14:BB
ValidityMon, 09 Jan 2023 00:00:00 GMT - Tue, 09 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (7521), with no line terminators
Size
6.7 kB (6701 bytes)
Hash
3d5f190d65cfe2331dbcc8a96ae0eaff
6e44d78e0bfc66a2bd1847310494f3c274de7e19
c287178b9a80a3b13dbbbaae9d68a85385c2f7753f140a1ec97068005bbda713

HTTP Headers

GET /api/account/88982875/configuration/setting/accountproperties/?cb=lpCb25449x5771 HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 19 Aug 2023 11:44:47 GMT
content-type: application/javascript
vary: Accept
expires: Sat, 19 Aug 2023 11:45:26 GMT
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: HIT
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js

216.58.211.3

404 Not Found

0 B

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://flokbaby.it/mymet/b928e/secure.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flokbaby.it
DNT: 1
Connection: keep-alive
Referer: https://flokbaby.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Sat, 19 Aug 2023 11:44:47 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

accdn.lpsnmedia.net/api/account/88982875/configuration/domainprotection/refererrestrictions?cb=lpCb41938x70017

178.249.97.99

200 OK

113 B

URL GET HTTP/2
accdn.lpsnmedia.net/api/account/88982875/configuration/domainprotection/refererrestrictions?cb=lpCb41938x70017
IP
178.249.97.99:443
ASN
#11054 LIVEPERSON

Requested by
https://lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=https%3A%2F%2Fflokbaby.it&site=88982875&env=prod&isCrossDomain=true
Certificate
IssuerSectigo Limited
Subject*.lpsnmedia.net
Fingerprint50:71:62:B3:88:93:98:3D:CC:EF:A7:C6:82:00:2D:1E:44:64:14:BB
ValidityMon, 09 Jan 2023 00:00:00 GMT - Tue, 09 Jan 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
113 B (113 bytes)
Hash
95705a378e4ff6df45fd57ec8e861b1f
3d22abf8837bc9b659810a6a751ac78d2eb3a1b9
936670f959a11bc3e6842c897245c38ed919b57d3da7fa47f3da128539b92fd1

HTTP Headers

GET /api/account/88982875/configuration/domainprotection/refererrestrictions?cb=lpCb41938x70017 HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lpcdn.lpsnmedia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 19 Aug 2023 11:44:47 GMT
content-type: application/javascript
cache-control: no-store
x-envoy-upstream-service-time: 87
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: MISS
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (56)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by