urlscan.io logo urlscan.io
SecurityTrails logo

www.metabaseq.com Open in urlscan Pro
141.193.213.10  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.metabaseq.com/ta588/
Effective URL: https://www.metabaseq.com/threat/ta588/
Submission: On December 26 via api from US — Scanned from DK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 16 domains to perform 80 HTTP transactions. The main IP is 141.193.213.10, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare London, LLC, US. The main domain is www.metabaseq.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 15th 2024. Valid for: a year.
This is the only time www.metabaseq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 51 141.193.213.10 209242 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 34.107.133.146 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
80 19
51    141.193.213.10 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)
www.metabaseq.com
2    2606:4700::6810:89d1 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
6    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:10::ac43:29b (United States)

ASN13335 (CLOUDFLARENET, US)
assets.apollo.io
2    34.107.133.146 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 146.133.107.34.bc.googleusercontent.com
aplo-evnt.com
1    2606:4700::6811:f07c (United States)

ASN13335 (CLOUDFLARENET, US)
js.hubspotfeedback.com
3    2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hubspot.com
cta-service-cms2.hubspot.com
track.hubspot.com
1    2606:4700::6811:df98 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
1    2606:4700::6811:afc9 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
3    2606:4700:4400::ac40:9310 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.dk
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700::6812:50cc (United States)

ASN13335 (CLOUDFLARENET, US)
perf-na1.hsforms.com
1    2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)
app.hubspot.com
Apex Domain
Subdomains		 Transfer
51 metabaseq.com
www.metabaseq.com
3 MB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
561 KB
4 hubspot.com
js.hubspot.com — Cisco Umbrella Rank: 3653
cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 3677
app.hubspot.com — Cisco Umbrella Rank: 5921
track.hubspot.com — Cisco Umbrella Rank: 2477
27 KB
3 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2343
30 KB
2 gstatic.com
fonts.gstatic.com
36 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
region1.analytics.google.com — Cisco Umbrella Rank: 4108
2 aplo-evnt.com
aplo-evnt.com — Cisco Umbrella Rank: 30175
2 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2580
2 KB
1 hsforms.com
perf-na1.hsforms.com — Cisco Umbrella Rank: 3819
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 google.dk
www.google.dk — Cisco Umbrella Rank: 37004
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
555 B
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2358
25 KB
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3341
4 KB
1 hubspotfeedback.com
js.hubspotfeedback.com — Cisco Umbrella Rank: 15701
9 KB
1 apollo.io
assets.apollo.io — Cisco Umbrella Rank: 29527
2 KB
80 16
Domain Requested by
51 www.metabaseq.com 1 redirects www.metabaseq.com
6 www.googletagmanager.com www.metabaseq.com
www.googletagmanager.com
3 js.hs-banner.com js.hs-scripts.com
js.hs-banner.com
2 fonts.gstatic.com fonts.googleapis.com
2 aplo-evnt.com assets.apollo.io
2 js.hs-scripts.com www.metabaseq.com
1 track.hubspot.com
1 app.hubspot.com js.hubspotfeedback.com
1 perf-na1.hsforms.com www.metabaseq.com
1 cta-service-cms2.hubspot.com js.hubspot.com
1 fonts.googleapis.com js.hs-banner.com
1 www.google.dk www.metabaseq.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 www.google.com www.googletagmanager.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hsadspixel.net js.hs-scripts.com
1 js.hubspot.com js.hs-scripts.com
1 js.hubspotfeedback.com js.hs-scripts.com
1 assets.apollo.io www.metabaseq.com
80 20
Subject Issuer Validity Valid
*.metabaseq.com
Sectigo RSA Domain Validation Secure Server CA		 2024-11-15 -
2025-12-16		 a year crt.sh
hs-scripts.com
WE1		 2024-11-24 -
2025-02-22		 3 months crt.sh
*.google-analytics.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
apollo.io
E6		 2024-10-30 -
2025-01-28		 3 months crt.sh
aplo-evnt.com
R10		 2024-11-05 -
2025-02-03		 3 months crt.sh
hubspotfeedback.com
WE1		 2024-11-26 -
2025-02-24		 3 months crt.sh
hubspot.com
WE1		 2024-12-01 -
2025-03-01		 3 months crt.sh
hsadspixel.net
WE1		 2024-12-08 -
2025-03-08		 3 months crt.sh
hs-analytics.net
WE1		 2024-12-05 -
2025-03-05		 3 months crt.sh
hs-banner.com
WE1		 2024-11-22 -
2025-02-20		 3 months crt.sh
*.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.google.dk
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
upload.video.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.gstatic.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
hsforms.com
WE1		 2024-12-08 -
2025-03-08		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.metabaseq.com/threat/ta588/
Frame ID: F9FF796592F9276492261A7BB0A5BA51
Requests: 77 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fwww.metabaseq.com
Frame ID: 249D421B6E81E76BC113719822A7F7FD
Requests: 1 HTTP requests in this frame

Frame: https://app.hubspot.com/feedback-web-fetcher
Frame ID: 534A72E8CCC45494015815883DFE0616
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TA558 group attacking legacy systems in LATAM - Metabase Q

Page URL History Show full URLs

  1. https://www.metabaseq.com/ta588/ HTTP 301
    https://www.metabaseq.com/threat/ta588/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Page Statistics

80
Requests

99 %
HTTPS

89 %
IPv6

16
Domains

20
Subdomains

19
IPs

3
Countries

3771 kB
Transfer

5945 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.metabaseq.com/ta588/ HTTP 301
    https://www.metabaseq.com/threat/ta588/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

80 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.metabaseq.com/threat/ta588/
Redirect Chain
  • https://www.metabaseq.com/ta588/
  • https://www.metabaseq.com/threat/ta588/
83 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.metabaseq.com/threat/ta588/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
4e6ea2b07426be2b281f147b2611b80151f05a2fbe71dfa0d71be8434fb6ff90

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8f7fc5e67b109984-CPH
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 26 Dec 2024 08:41:40 GMT
link
<https://www.metabaseq.com/wp-json/>; rel="https://api.w.org/" <https://www.metabaseq.com/wp-json/wp/v2/threat/15242>; rel="alternate"; title="JSON"; type="application/json" <https://www.metabaseq.com/?p=15242>; rel=shortlink
server
cloudflare
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
MISS
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8f7fc5df1d9f9984-CPH
content-type
text/html; charset=UTF-8
date
Thu, 26 Dec 2024 08:41:39 GMT
expires
Thu, 26 Dec 2024 09:41:39 GMT
location
https://www.metabaseq.com/threat/ta588/
server
cloudflare
x-cache
MISS
x-cache-group
normal
x-cacheable
non200
x-powered-by
WP Engine
x-redirect-by
WordPress
style.min.css
www.metabaseq.com/wp-includes/css/dist/block-library/ 		112 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.metabaseq.com/wp-includes/css/dist/block-library/style.min.css?ver=6.7.1
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"674605e5-1c012"
age
125037
cf-ray
8f7fc5eaaf131d06-CPH
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Tue, 26 Nov 2024 17:31:17 GMT
priority
u=0,i=?0
bootstrap.css
www.metabaseq.com/wp-content/themes/metabaseq/assets/build/ 		191 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.metabaseq.com/wp-content/themes/metabaseq/assets/build/bootstrap.css?ver=1.0.173
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6614a2130355e0bdbe57a023f61c321190021996b4b5cce63e6f24e414778403

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"6728e03b-2fc4d"
age
125037
cf-ray
8f7fc5eaaf151d06-CPH
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 04 Nov 2024 14:54:51 GMT
priority
u=0,i=?0
main.css
www.metabaseq.com/wp-content/themes/metabaseq/assets/build/ 		235 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.metabaseq.com/wp-content/themes/metabaseq/assets/build/main.css?ver=1.0.173
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b90b977fb148072a174455104fa11dcc671845c24cc6fac1d4992e6749216ee7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"676464b0-3ab48"
age
500299
cf-ray
8f7fc5eaaf161d06-CPH
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Thu, 19 Dec 2024 18:23:44 GMT
priority
u=0,i=?0
main.min.js
www.metabaseq.com/wp-content/themes/metabaseq/assets/build/ 		386 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.metabaseq.com/wp-content/themes/metabaseq/assets/build/main.min.js?ver=1.0.173
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05faaf20b930b90275c4a1fb7a25c01bd60f338ae23f6a0ccad80af441451430

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"6728e03b-608ed"
age
500299
cf-ray
8f7fc5eaaf171d06-CPH
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 04 Nov 2024 14:54:51 GMT
priority
u=1,i=?0
20455591.js
js.hs-scripts.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/20455591.js
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:89d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4efa4c93a93272a913b16a6e14e61130b5f8b9186d7c7c3cd057241e46f13ee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/

Response headers

access-control-max-age
3600
content-encoding
gzip
cf-cache-status
EXPIRED
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 08:43:10 GMT
date
Thu, 26 Dec 2024 08:41:40 GMT
x-hubspot-correlation-id
59859c06-2f84-469e-aa43-5991d0e5135b
content-type
application/javascript;charset=utf-8
vary
origin, Accept-Encoding
last-modified
Thu, 26 Dec 2024 08:41:40 GMT
cache-control
public, max-age=90
access-control-allow-credentials
true
cf-ray
8f7fc5ebdc4d0a40-ARN
accept-ranges
bytes
access-control-allow-origin
https://www.metabaseq.com
content-length
681
server
cloudflare
js
www.googletagmanager.com/gtag/ 		418 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YK2SFSQJSP
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2b03614b39fdb04a9f747b7b5309d06264bcafce75cc8123b48cdc339499bc56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 26 Dec 2024 08:41:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
136859
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		288 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11483877270
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6375ba771e90f67bd9fecb5d4671d01cb8ada8c9659876f37f71afa82ed89e0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 26 Dec 2024 08:41:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 26 Dec 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
101247
x-xss-protection
0
server
Google Tag Manager
metabaseq-logo-white.svg
www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/metabaseq-logo-white.svg
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c73c40a48cadeaf85e25fa13a2cf128ae9f2c4233df319a2ab56ab46e9ea8f0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"6728e03b-21b3"
age
125037
cf-ray
8f7fc5eaaf181d06-CPH
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 04 Nov 2024 14:54:51 GMT
priority
u=2,i
metabaseq-logo-white-mobile-reduced.svg
www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/ 		1 KB
792 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/metabaseq-logo-white-mobile-reduced.svg
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9b636a3da03243745631637acf58b451b0cfd4796821ea0c02bde692a5f4cf4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"6728e03b-412"
age
500299
cf-ray
8f7fc5eaaf191d06-CPH
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 04 Nov 2024 14:54:51 GMT
priority
u=2,i
platform-inner-icon-3.svg
www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/mega-menu/ 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/mega-menu/platform-inner-icon-3.svg
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d58a261c763cb81460aafc88ab53ddd7d98060262c015160285ecb97f0500bde

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"6728e03b-1a8b"
age
125036
cf-ray
8f7fc5eadf341d06-CPH
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 04 Nov 2024 14:54:51 GMT
priority
u=2,i
platform-inner-icon-1.svg
www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/mega-menu/ 		1 KB
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/mega-menu/platform-inner-icon-1.svg
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fe36f9024db7c7418ce44834ff87011a47d85a26ed2e24aef04644d902153a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"6728e03b-49f"
age
125036
cf-ray
8f7fc5eaef3a1d06-CPH
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 04 Nov 2024 14:54:51 GMT
priority
u=2,i
platform-inner-icon-4.svg
www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/mega-menu/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/mega-menu/platform-inner-icon-4.svg
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc982b0da18e704979293cd699ce6c856c6e484f85c3bc0b925a9c06d506e103

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"6728e03b-12d9"
age
500299
cf-ray
8f7fc5eb5f7c1d06-CPH
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 04 Nov 2024 14:54:51 GMT
priority
u=2,i
platform-inner-icon-2.svg
www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/mega-menu/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/mega-menu/platform-inner-icon-2.svg
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e43104a668b50cb58fd59ca50e84b9c44619b1aac9cb72c6da15aba019931b16

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"6728e03b-cad"
age
500299
cf-ray
8f7fc5eb7f971d06-CPH
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 04 Nov 2024 14:54:51 GMT
priority
u=3,i
use-cases.webp
www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/mega-menu/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/mega-menu/use-cases.webp
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
555e3df99ce1298cf97adef333b2cc1ae5926a6eafd85c20874c4d02883532bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cf-cache-status
HIT
etag
"6728e03b-47da"
age
125036
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/webp
last-modified
Mon, 04 Nov 2024 14:54:51 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=31536000
cf-ray
8f7fc5eb7f981d06-CPH
accept-ranges
bytes
access-control-allow-origin
*
content-length
18394
server
cloudflare
threat-intel-transparent.svg
www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/mega-menu/ 		11 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/mega-menu/threat-intel-transparent.svg
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22c8ed8b94324a328b77c9a5509876750e5e475b1de286f32c446c721cdb57e0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"6728e03b-2d7a"
age
500299
cf-ray
8f7fc5eb7f991d06-CPH
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 04 Nov 2024 14:54:51 GMT
priority
u=3,i
blog-transparent.svg
www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/mega-menu/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/mega-menu/blog-transparent.svg
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4913da40027e0f0cc440af7661b45fe0b0b6d3fae61dbc54fdf6584eeddffeaf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"6728e03b-7f7"
age
125036
cf-ray
8f7fc5eb7f9a1d06-CPH
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 04 Nov 2024 14:54:51 GMT
priority
u=3,i
batuta-data-sheet.webp
www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/mega-menu/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/mega-menu/batuta-data-sheet.webp
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a24315b89689f41924af9fab8499de5ab346ee245cb56e1b98bff61130b91f71

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cf-cache-status
HIT
etag
"6728e03b-231c"
age
500299
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/webp
last-modified
Mon, 04 Nov 2024 14:54:51 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=31536000
cf-ray
8f7fc5eb7f9b1d06-CPH
accept-ranges
bytes
access-control-allow-origin
*
content-length
8988
server
cloudflare
unified-cyber-resilience-cropped.webp
www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/mega-menu/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/mega-menu/unified-cyber-resilience-cropped.webp
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7c74c81f5807eba9302371665955fbeb4712839560b59e5b4a5e7b99e3812b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cf-cache-status
HIT
etag
"6728e03b-2eae"
age
125036
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/webp
last-modified
Mon, 04 Nov 2024 14:54:51 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=31536000
cf-ray
8f7fc5eb7f9c1d06-CPH
accept-ranges
bytes
access-control-allow-origin
*
content-length
11950
server
cloudflare
TA558-01.png
www.metabaseq.com/wp-content/uploads/2023/10/ 		260 KB
260 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/uploads/2023/10/TA558-01.png
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7159cca10ea3445f24d74f11cd075a8ac57cfb372ca713acbeb54924d766dcaa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

server
cloudflare
cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"6722a2ce-41017"
cf-ray
8f7fc5eb7f9d1d06-CPH
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
266263
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/png
last-modified
Wed, 30 Oct 2024 21:19:10 GMT
vary
Accept-Encoding
priority
u=3,i
TA558-02.png
www.metabaseq.com/wp-content/uploads/2023/10/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/uploads/2023/10/TA558-02.png
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
869d348a8f6eb6166372ca4dc6ad6f16f491e57c24be240a9f9988cbaecd55d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6722a2ce-500b7"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=327863
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/webp
content-disposition
inline; filename="TA558-02.webp"
vary
Accept
last-modified
Wed, 30 Oct 2024 21:19:10 GMT
priority
u=3,i
cache-control
public, max-age=31536000
cf-ray
8f7fc5eb7f9e1d06-CPH
accept-ranges
bytes
access-control-allow-origin
*
content-length
88052
server
cloudflare
TA558-03.png
www.metabaseq.com/wp-content/uploads/2023/10/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/uploads/2023/10/TA558-03.png
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a41b0d416e030fee3edb91966e9b0d0d65cdaddd78c04f412841636cc6e89c53

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6722a2ce-31bfb"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=203771
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/webp
content-disposition
inline; filename="TA558-03.webp"
vary
Accept
last-modified
Wed, 30 Oct 2024 21:19:10 GMT
priority
u=3,i
cache-control
public, max-age=31536000
cf-ray
8f7fc5eb7f9f1d06-CPH
accept-ranges
bytes
access-control-allow-origin
*
content-length
58116
server
cloudflare
TA558-04.png
www.metabaseq.com/wp-content/uploads/2023/10/ 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/uploads/2023/10/TA558-04.png
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fa95a2a8d3439c6a967f5249762b4e95f29b70d51fc6fb68b09aa534fca42da

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

server
cloudflare
cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"6722a2ce-24cb3"
cf-ray
8f7fc5eb7fa01d06-CPH
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
150707
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/png
last-modified
Wed, 30 Oct 2024 21:19:10 GMT
vary
Accept-Encoding
priority
u=3,i
TA558-05.png
www.metabaseq.com/wp-content/uploads/2023/10/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/uploads/2023/10/TA558-05.png
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abc96e867cf82a2020f7787772a10b861499c7e6d5882f1a0594f2eab577161a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

server
cloudflare
cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"6722a2ce-9db0"
cf-ray
8f7fc5eb7fa11d06-CPH
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
40368
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/png
last-modified
Wed, 30 Oct 2024 21:19:10 GMT
vary
Accept-Encoding
priority
u=3,i
TA558-06.png
www.metabaseq.com/wp-content/uploads/2023/10/ 		120 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/uploads/2023/10/TA558-06.png
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7af290076f62703901c86c5a02ec33ff91547300b1f60307f2504a79f2372e1b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6722a2cf-30925"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=198949
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/webp
content-disposition
inline; filename="TA558-06.webp"
vary
Accept
last-modified
Wed, 30 Oct 2024 21:19:11 GMT
priority
u=3,i
cache-control
public, max-age=31536000
cf-ray
8f7fc5eb7fa21d06-CPH
accept-ranges
bytes
access-control-allow-origin
*
content-length
123358
server
cloudflare
TA558-07.png
www.metabaseq.com/wp-content/uploads/2023/10/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/uploads/2023/10/TA558-07.png
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d753bde267edee14c5a42978d120729c58c5300f0c5a896a0fbed2da7733e402

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6722a2ce-e2a2"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=58018
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/webp
content-disposition
inline; filename="TA558-07.webp"
vary
Accept
last-modified
Wed, 30 Oct 2024 21:19:10 GMT
priority
u=3,i
cache-control
public, max-age=31536000
cf-ray
8f7fc5eb7fa31d06-CPH
accept-ranges
bytes
access-control-allow-origin
*
content-length
19958
server
cloudflare
6d7166c4-e97c-4b82-953f-8adc8cf123b6
https://www.metabaseq.com/ Frame 		0
0
TA558-08.png
www.metabaseq.com/wp-content/uploads/2023/10/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/uploads/2023/10/TA558-08.png
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
627ceccbcfe73a7f4dbfed260a6e29096a729e1878c4dd2217487b22afb897ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6722a2ce-ccee"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=52462
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/webp
content-disposition
inline; filename="TA558-08.webp"
vary
Accept
last-modified
Wed, 30 Oct 2024 21:19:10 GMT
priority
u=3,i
cache-control
public, max-age=31536000
cf-ray
8f7fc5eb7fa41d06-CPH
accept-ranges
bytes
access-control-allow-origin
*
content-length
9010
server
cloudflare
TA558-09.png
www.metabaseq.com/wp-content/uploads/2023/10/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/uploads/2023/10/TA558-09.png
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8477581296b3aa303c191f51220060b21b46504389f37693f07704ff7177f900

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6722a2ce-8f38"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=36664
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/webp
content-disposition
inline; filename="TA558-09.webp"
vary
Accept
last-modified
Wed, 30 Oct 2024 21:19:10 GMT
priority
u=3,i
cache-control
public, max-age=31536000
cf-ray
8f7fc5eb7fa51d06-CPH
accept-ranges
bytes
access-control-allow-origin
*
content-length
10370
server
cloudflare
TA558-10.png
www.metabaseq.com/wp-content/uploads/2023/10/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/uploads/2023/10/TA558-10.png
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21f64e43fc8b0c53258c26017429c20bd6254d968de1a8a083cf061405603fff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6722a2ce-afa"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=2810
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/webp
content-disposition
inline; filename="TA558-10.webp"
vary
Accept
last-modified
Wed, 30 Oct 2024 21:19:10 GMT
priority
u=3,i
cache-control
public, max-age=31536000
cf-ray
8f7fc5eb7fa61d06-CPH
accept-ranges
bytes
access-control-allow-origin
*
content-length
1092
server
cloudflare
TA558-11.png
www.metabaseq.com/wp-content/uploads/2023/10/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/uploads/2023/10/TA558-11.png
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9ed78174e596221aee577cabff69bc9ef03cdf829c6b16790108e45f740efff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6722a2ce-1524"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=5412
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/webp
content-disposition
inline; filename="TA558-11.webp"
vary
Accept
last-modified
Wed, 30 Oct 2024 21:19:10 GMT
priority
u=3,i
cache-control
public, max-age=31536000
cf-ray
8f7fc5eb7fa71d06-CPH
accept-ranges
bytes
access-control-allow-origin
*
content-length
1518
server
cloudflare
TA558-12.png
www.metabaseq.com/wp-content/uploads/2023/10/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/uploads/2023/10/TA558-12.png
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
041ae2b1dca737a4145d456e844d17b5a3b0874627439437903a49c5d0d14286

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6722a2ce-e406"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=58374
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/webp
content-disposition
inline; filename="TA558-12.webp"
vary
Accept
last-modified
Wed, 30 Oct 2024 21:19:10 GMT
priority
u=3,i
cache-control
public, max-age=31536000
cf-ray
8f7fc5eb7fa81d06-CPH
accept-ranges
bytes
access-control-allow-origin
*
content-length
28018
server
cloudflare
TA558-13.png
www.metabaseq.com/wp-content/uploads/2023/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/uploads/2023/10/TA558-13.png
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
870e957482afc0057fe08f746e1d44d1636ce3de1f092acabec97521259180b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6722a2ce-11f0"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=4592
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/webp
content-disposition
inline; filename="TA558-13.webp"
vary
Accept
last-modified
Wed, 30 Oct 2024 21:19:10 GMT
priority
u=3,i
cache-control
public, max-age=31536000
cf-ray
8f7fc5eb7fa91d06-CPH
accept-ranges
bytes
access-control-allow-origin
*
content-length
2690
server
cloudflare
TA558-14.png
www.metabaseq.com/wp-content/uploads/2023/10/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/uploads/2023/10/TA558-14.png
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8edbc084603e1886175b78e0288ed0e9fd99f4f5919e24296ac1471ba9d65bc2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6722a2ce-18fd"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=6397
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/webp
content-disposition
inline; filename="TA558-14.webp"
vary
Accept
last-modified
Wed, 30 Oct 2024 21:19:10 GMT
priority
u=3,i
cache-control
public, max-age=31536000
cf-ray
8f7fc5eb7faa1d06-CPH
accept-ranges
bytes
access-control-allow-origin
*
content-length
3572
server
cloudflare
TA558-15.png
www.metabaseq.com/wp-content/uploads/2023/10/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/uploads/2023/10/TA558-15.png
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f3e5777f892cd37c65a92aff6889189700fbfa59a524c1035fe7e9e25411eeb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6722a2ce-107e"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=4222
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/webp
content-disposition
inline; filename="TA558-15.webp"
vary
Accept
last-modified
Wed, 30 Oct 2024 21:19:10 GMT
priority
u=3,i
cache-control
public, max-age=31536000
cf-ray
8f7fc5eb7fab1d06-CPH
accept-ranges
bytes
access-control-allow-origin
*
content-length
2520
server
cloudflare
TA558-16.png
www.metabaseq.com/wp-content/uploads/2023/10/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/uploads/2023/10/TA558-16.png
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fef26cd2b4ff104f27d3b03420407944a6bc8d3121d18f34dec4eb680d7189c2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6722a2ce-c3c"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=3132
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/webp
content-disposition
inline; filename="TA558-16.webp"
vary
Accept
last-modified
Wed, 30 Oct 2024 21:19:10 GMT
priority
u=3,i
cache-control
public, max-age=31536000
cf-ray
8f7fc5eb7fac1d06-CPH
accept-ranges
bytes
access-control-allow-origin
*
content-length
1928
server
cloudflare
TA558-17.png
www.metabaseq.com/wp-content/uploads/2023/10/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/uploads/2023/10/TA558-17.png
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fad0c40ca0ca3ef6da2b34fa0bcd6bfc75b62dfdfc1941dfb1f6601f77a84d3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6722a2ce-c5f"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=3167
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/webp
content-disposition
inline; filename="TA558-17.webp"
vary
Accept
last-modified
Wed, 30 Oct 2024 21:19:10 GMT
priority
u=3,i
cache-control
public, max-age=31536000
cf-ray
8f7fc5eb7fad1d06-CPH
accept-ranges
bytes
access-control-allow-origin
*
content-length
1936
server
cloudflare
TA558-18.png
www.metabaseq.com/wp-content/uploads/2023/10/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/uploads/2023/10/TA558-18.png
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc215182f2d2bb9d3fecce55d102c5e94546e4d45d00323b0f470b535ab626de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6722a2cf-1e490"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=124048
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/webp
content-disposition
inline; filename="TA558-18.webp"
vary
Accept
last-modified
Wed, 30 Oct 2024 21:19:11 GMT
priority
u=3,i
cache-control
public, max-age=31536000
cf-ray
8f7fc5eb7fae1d06-CPH
accept-ranges
bytes
access-control-allow-origin
*
content-length
33332
server
cloudflare
TA558-19.png
www.metabaseq.com/wp-content/uploads/2023/10/ 		643 KB
643 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/uploads/2023/10/TA558-19.png
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb3cd8a36749a022a1430e73f36b458601af0f0b5f169d907f9b888173d98206

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6722a2cf-c7ce1"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=818401
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/webp
content-disposition
inline; filename="TA558-19.webp"
vary
Accept
last-modified
Wed, 30 Oct 2024 21:19:11 GMT
priority
u=3,i
cache-control
public, max-age=31536000
cf-ray
8f7fc5eb7faf1d06-CPH
accept-ranges
bytes
access-control-allow-origin
*
content-length
658350
server
cloudflare
TA558-20.png
www.metabaseq.com/wp-content/uploads/2023/10/ 		715 KB
715 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/uploads/2023/10/TA558-20.png
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aa99c543eb96c768bbc0cde024bee9c9e29cfd9f2517c448ae64073c5a75657

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6722a2cf-141d05"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=1318149
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/webp
content-disposition
inline; filename="TA558-20.webp"
vary
Accept
last-modified
Wed, 30 Oct 2024 21:19:11 GMT
priority
u=3,i
cache-control
public, max-age=31536000
cf-ray
8f7fc5eb7fb01d06-CPH
accept-ranges
bytes
access-control-allow-origin
*
content-length
731672
server
cloudflare
TA558-21-v2.png
www.metabaseq.com/wp-content/uploads/2023/10/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/uploads/2023/10/TA558-21-v2.png
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e8f04f11489601633bf8dd81ba8de20c4cc124683cf9ab4c4d2b63dc9ed90d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

server
cloudflare
cache-control
public, max-age=31536000
cf-cache-status
MISS
etag
"6722a2ce-fb6c"
cf-ray
8f7fc5eb7fb11d06-CPH
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
64364
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/png
last-modified
Wed, 30 Oct 2024 21:19:10 GMT
vary
Accept-Encoding
priority
u=3,i
TA558-22.png
www.metabaseq.com/wp-content/uploads/2023/10/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/uploads/2023/10/TA558-22.png
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9aa79bfb7d1221c68ae1073e3d66cc65f33b0a25e76701266917df0840d24d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6722a2ce-3c104"
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=246020
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/webp
content-disposition
inline; filename="TA558-22.webp"
vary
Accept
last-modified
Wed, 30 Oct 2024 21:19:10 GMT
priority
u=3,i
cache-control
public, max-age=31536000
cf-ray
8f7fc5eb7fb21d06-CPH
accept-ranges
bytes
access-control-allow-origin
*
content-length
93200
server
cloudflare
bn004-batuta-experts-new.webp
www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/bn004-batuta-experts-new.webp
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c883a9a9db887b58db3cfb13e6c0492f648ae103097f60a019400cea08ba44c4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cf-cache-status
HIT
etag
"6728e03b-11c0"
age
125036
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/webp
last-modified
Mon, 04 Nov 2024 14:54:51 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=31536000
cf-ray
8f7fc5eb7fb31d06-CPH
accept-ranges
bytes
access-control-allow-origin
*
content-length
4544
server
cloudflare
bn004-wand.svg
www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/ 		13 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/bn004-wand.svg
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd3be6596541c58e09804700fdcdce86cc59d594af4e07701656fbf89aaedf2c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"6728e03b-3387"
age
125036
cf-ray
8f7fc5eb7fb51d06-CPH
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 04 Nov 2024 14:54:51 GMT
priority
u=3,i
x.svg
www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/footer/ 		504 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/footer/x.svg
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4bd686131c035e152ea1fa0cfc4be422cf51c55b6537c1112da0854118f85c4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"6728e03b-1f8"
age
500299
cf-ray
8f7fc5eb7fb61d06-CPH
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 04 Nov 2024 14:54:51 GMT
priority
u=3,i
instagram.svg
www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/footer/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/footer/instagram.svg
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fac945f8874cb418b1a2e02638864031b68c52cb5d3c42c6a669123108f5456

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"6728e03b-101f"
age
500299
cf-ray
8f7fc5eb7fb81d06-CPH
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 04 Nov 2024 14:54:51 GMT
priority
u=3,i
linkedin.svg
www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/footer/ 		813 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.metabaseq.com/wp-content/themes/metabaseq/assets/src/img/footer/linkedin.svg
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da0031001c07f5c6478c8a687914c0dd5a03056c71957412797cf42568501edd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"6728e03b-32d"
age
125036
cf-ray
8f7fc5eb7fb91d06-CPH
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 04 Nov 2024 14:54:51 GMT
priority
u=3,i
20455591.js
js.hs-scripts.com/ 		3 KB
976 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/20455591.js?integration=WordPress&ver=11.1.75
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:89d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d425120fa8d3f8700d1263f7b4b3828a749b9cd1496d2215b9d1e5090384d9f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/

Response headers

access-control-max-age
3600
content-encoding
gzip
cf-cache-status
EXPIRED
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 08:43:10 GMT
date
Thu, 26 Dec 2024 08:41:40 GMT
x-hubspot-correlation-id
f120c72f-0208-4cd8-8160-247e51f4f724
content-type
application/javascript;charset=utf-8
vary
origin, Accept-Encoding
last-modified
Thu, 26 Dec 2024 08:41:40 GMT
cache-control
public, max-age=90
access-control-allow-credentials
true
cf-ray
8f7fc5ebdc4a0a40-ARN
accept-ranges
bytes
access-control-allow-origin
https://www.metabaseq.com
content-length
682
server
cloudflare
navigation.js
www.metabaseq.com/wp-content/themes/metabaseq/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.metabaseq.com/wp-content/themes/metabaseq/js/navigation.js?ver=1.0.173
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ee0654259fda0bbfeab4305b895e740659613080d90352bd36c1452fd426ef6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"6728e03b-ba4"
age
500299
cf-ray
8f7fc5eb6f931d06-CPH
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 04 Nov 2024 14:54:51 GMT
priority
u=2,i=?0
bootstrap.min.js
www.metabaseq.com/wp-content/themes/metabaseq/assets/build/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.metabaseq.com/wp-content/themes/metabaseq/assets/build/bootstrap.min.js?ver=1.0.173
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bb724a48d9a8465700c838cd9b9cddfcd3fad7cb07dfb46fc33084af29c6a6f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"6728e03b-13b1f"
age
500299
cf-ray
8f7fc5eb6f961d06-CPH
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 04 Nov 2024 14:54:51 GMT
priority
u=2,i=?0
gtm.js
www.googletagmanager.com/ 		267 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PFXTS8MV
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5a29f2603cf857ad375c8e1219542c1baa9c27394ee66026d7b310e97db41ba6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Thu, 26 Dec 2024 08:41:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 26 Dec 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96699
x-xss-protection
0
server
Google Tag Manager
tracker.iife.js
assets.apollo.io/micro/website-tracker/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.apollo.io/micro/website-tracker/tracker.iife.js?nocache=r1w8f
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:29b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2039d204f18247df88a0f132f35fe67f9e52ee7268515ead1647c611f737ba07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=I3tUEw==, md5=SC6zvnW2DshviOm8MzN+iA==
etag
"482eb3be75b60ec86f88e9bc33337e88"
age
28916
cf-cache-status
HIT
x-goog-stored-content-encoding
gzip
expires
Thu, 25 Dec 2025 04:44:44 GMT
x-goog-stored-content-length
1168
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
application/javascript
last-modified
Mon, 12 Feb 2024 19:05:14 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFiumC5RcsZyXJMUDB4Ejtxeriy8tX2r9TKFh5eRLECv9Cr711oBkOzw6LcGY6e5HMTpJExRd2rtG0wiYg
cache-control
public, max-age=31435384
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8f7fc5ec0ffd9902-ARN
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1707764714580510
content-length
1168
server
cloudflare
truncated
/ 		738 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90756ec6163fa4072d3180d2446e34357a7e0688d75c9905c56e9167c264f415

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97f4e573444b45973c1fccf3ea98bdad4e80fbea13ba2e511c904a4b76316f5d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
Roboto-Regular.ttf
www.metabaseq.com/wp-content/themes/metabaseq/assets/build/fonts/ 		167 KB
168 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.metabaseq.com/wp-content/themes/metabaseq/assets/build/fonts/Roboto-Regular.ttf
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/wp-content/themes/metabaseq/assets/build/main.css?ver=1.0.173
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.metabaseq.com
Referer
https://www.metabaseq.com/wp-content/themes/metabaseq/assets/build/main.css?ver=1.0.173

Response headers

cf-cache-status
HIT
etag
"6728e03b-29d08"
age
125036
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
application/octet-stream
last-modified
Mon, 04 Nov 2024 14:54:51 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=31536000
cf-ray
8f7fc5eb9fc31d06-CPH
accept-ranges
bytes
access-control-allow-origin
*
content-length
171272
server
cloudflare
Roboto-Bold.ttf
www.metabaseq.com/wp-content/themes/metabaseq/assets/build/fonts/ 		166 KB
167 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.metabaseq.com/wp-content/themes/metabaseq/assets/build/fonts/Roboto-Bold.ttf
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/wp-content/themes/metabaseq/assets/build/main.css?ver=1.0.173
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9cc991deb5d27f267830a19f2301eb164d9e61ec08669c1a1a291c5620ff40a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.metabaseq.com
Referer
https://www.metabaseq.com/wp-content/themes/metabaseq/assets/build/main.css?ver=1.0.173

Response headers

cf-cache-status
HIT
etag
"6728e03b-2996c"
age
125036
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
application/octet-stream
last-modified
Mon, 04 Nov 2024 14:54:51 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=31536000
cf-ray
8f7fc5eb9fc51d06-CPH
accept-ranges
bytes
access-control-allow-origin
*
content-length
170348
server
cloudflare
NeueMachina-Regular.ttf
www.metabaseq.com/wp-content/themes/metabaseq/assets/build/fonts/ 		77 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.metabaseq.com/wp-content/themes/metabaseq/assets/build/fonts/NeueMachina-Regular.ttf
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/wp-content/themes/metabaseq/assets/build/main.css?ver=1.0.173
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb350e6f601fb6178300b0870ff37e7cccd5e08e31b14429cfa4cb98499c318d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.metabaseq.com
Referer
https://www.metabaseq.com/wp-content/themes/metabaseq/assets/build/main.css?ver=1.0.173

Response headers

cf-cache-status
HIT
etag
"6728e03b-1356c"
age
125036
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
application/octet-stream
last-modified
Mon, 04 Nov 2024 14:54:51 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=31536000
cf-ray
8f7fc5eb9fc61d06-CPH
accept-ranges
bytes
access-control-allow-origin
*
content-length
79212
server
cloudflare
track_request
aplo-evnt.com/api/v1/intent_pixel/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://aplo-evnt.com/api/v1/intent_pixel/track_request?app_id=6631216b259f49043a735143
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.133.146 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
146.133.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.metabaseq.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
7200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache
content-length
0
date
Thu, 26 Dec 2024 08:41:40 GMT
server
nginx
status
200 OK
via
1.1 google
track_request
aplo-evnt.com/api/v1/intent_pixel/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aplo-evnt.com/api/v1/intent_pixel/track_request?app_id=6631216b259f49043a735143
Requested by
Host: assets.apollo.io
URL: https://assets.apollo.io/micro/website-tracker/tracker.iife.js?nocache=r1w8f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.133.146 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
146.133.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' chrome-extension://alhgpfoeiimagjlnfekdhkjlkiomcapa chrome-extension://ececkagaccnfmkopaiemklekhoimmgpn *.salesforce.com *.lightning.force.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.metabaseq.com/

Response headers

strict-transport-security
max-age=31536000
x-transaction-id
998e1b0f928449ed5894700e22c34a67
access-control-max-age
7200
cache-control
no-cache
content-security-policy
frame-ancestors 'self' chrome-extension://alhgpfoeiimagjlnfekdhkjlkiomcapa chrome-extension://ececkagaccnfmkopaiemklekhoimmgpn *.salesforce.com *.lightning.force.com
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
x-content-type-options
nosniff
via
1.1 google
status
204 No Content
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Dec 2024 08:41:40 GMT
vary
Origin
server
nginx
x-frame-options
ALLOWALL
feedbackweb-new.js
js.hubspotfeedback.com/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hubspotfeedback.com/feedbackweb-new.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20455591.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f07c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65d5c5184bf129b3308f9b8247ddc9e17c88c893d64a7bc08a982086c4236a56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.metabaseq.com
Referer
https://www.metabaseq.com/

Response headers

x-request-id
cd473f9e-8ae5-492a-866d-0d8241354e09
content-encoding
gzip
cf-cache-status
EXPIRED
x-amz-version-id
hpig.9CBCRqKyIZ3Im8F7O1eHW.VVBMr
etag
W/"86969c5c5fc1c57ed3ae3fb8f6d6f7b3"
cache-tag
staticjsapp-feedback-web-renderer-script-web-prod,staticjsapp-prod
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-evy-trace-listener
listener_https
x-amz-cf-id
bKyMsfmM4okBtb5Go1maJOl_BuMd7o7q2lbZ4FbnPcaFaDR_FqGBcg==
x-hubspot-correlation-id
cd473f9e-8ae5-492a-866d-0d8241354e09
content-type
application/javascript; charset=utf-8
last-modified
Mon, 23 Dec 2024 13:49:06 UTC
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-856d8787d5-zzrjc
x-envoy-upstream-service-time
29
x-hs-target-asset
feedback-web-renderer-ui/static-1.23119/bundles/popupInjector.js
server
cloudflare
x-evy-trace-virtual-host
all
x-amz-server-side-encryption
AES256
access-control-max-age
3000
access-control-allow-methods
GET
x-hs-cache-status
MISS
date
Thu, 26 Dec 2024 08:41:40 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=feedback-web-renderer-ui/static-1.23119/bundles/popupInjector.js&cfRay=8f7fc5ede9cc5f16-ARN
via
1.1 58f689028f521999dd25fa234ad8a3f4.cloudfront.net (CloudFront)
cf-ray
8f7fc5ede9cc5f16-ARN
access-control-allow-origin
*
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
IAD55-P7
web-interactives-embed.js
js.hubspot.com/ 		84 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hubspot.com/web-interactives-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20455591.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
674d5ab1e2c5a783115e67fabc4805ac2e8a83d48eb6a1ad3535c23a959a1801
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.metabaseq.com
Referer
https://www.metabaseq.com/

Response headers

x-request-id
30d2ecb4-5611-4eb2-9519-15506885372b
content-encoding
gzip
cf-cache-status
EXPIRED
x-amz-version-id
_83IngeMtzUuERab6QgcByX86005NyG0
etag
W/"03686003e4860757c17ae65c11ab8ea4"
cache-tag
staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9TaeT4mXrQ9vZZxBNUIdUrdhirCdqJjNT8X9zjXUzjzDi6QvJI8mcUyNhtlmYDwB5pq3jUwOL3h8mjoGqUO85kVVrj2znL064vtcXNeNzhFha%2BCwRP6HKpaS0oOah2CCtD4lrIJOcorFCest"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-evy-trace-listener
listener_https
x-amz-cf-id
Ub53AMg-wJdBB_DwVb1d1TsfYMzCHl8X1TVlvOpZ50_CQ4hDCr-tFQ==
x-hubspot-correlation-id
30d2ecb4-5611-4eb2-9519-15506885372b
content-type
application/javascript; charset=utf-8
last-modified
Fri, 13 Dec 2024 12:10:35 UTC
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-856d8787d5-xkq4z
x-envoy-upstream-service-time
34
x-hs-target-asset
web-interactives-embed/static-2.1996/bundles/project.js
server
cloudflare
x-evy-trace-virtual-host
all
x-amz-server-side-encryption
AES256
access-control-max-age
3000
access-control-allow-methods
GET
x-hs-cache-status
MISS
date
Thu, 26 Dec 2024 08:41:40 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1996/bundles/project.js&cfRay=8f7fc5eddd4195e2-FRA
via
1.1 ec6ab86695d018f9e87cce7df2ae9964.cloudfront.net (CloudFront)
cf-ray
8f7fc5eddd4195e2-ARN
access-control-allow-origin
*
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
IAD55-P7
fb.js
js.hsadspixel.net/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20455591.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:df98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94c33d6b7a8a3ec1b2fa2f21d8d13e760f5a2b1d0bcd6bc79040eaf8fc3db99a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/

Response headers

x-evy-trace-virtual-host
all
x-request-id
fbfa1bec-31a3-47b7-a78f-338cb297740e
content-encoding
gzip
cf-cache-status
HIT
etag
W/"ca248d7a7c6bd2f9377cb66156837d10"
x-amz-version-id
z1RV9ixsN0LmI92PbMVbn7sOiIZi0lq8
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
age
195
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-hs-cache-status
HIT
x-amz-cf-id
gvaQJh9ggxV4IXvuLNzQU79AOWCqXNBQJzE6hco-rbYO_p1lYy22Yg==
date
Thu, 26 Dec 2024 08:41:40 GMT
x-hubspot-correlation-id
fbfa1bec-31a3-47b7-a78f-338cb297740e
content-type
application/javascript; charset=utf-8
last-modified
Fri, 20 Dec 2024 17:34:20 UTC
vary
accept-encoding
x-evy-trace-listener
listener_https
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-856d8787d5-96tlk
x-envoy-upstream-service-time
0
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.1043/bundles/pixels-release.js&cfRay=8f5170bb0b5a9f40-WAW
via
1.1 a4f9ca051b97c1ac09e2af244690d376.cloudfront.net (CloudFront)
cf-ray
8f7fc5eddd289900-ARN
x-evy-trace-route-configuration
listener_https/all
x-hs-target-asset
adsscriptloaderstatic/static-1.1043/bundles/pixels-release.js
x-amz-cf-pop
IAD12-P3
server
cloudflare
x-amz-server-side-encryption
AES256
20455591.js
js.hs-analytics.net/analytics/1735202400000/ 		68 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1735202400000/20455591.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20455591.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:afc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8aea58603a4a5587639b885a128584b599dd618cfc4973d019ef6e8a46d8c8c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/

Response headers

x-amz-server-side-encryption
AES256
x-request-id
710bbd94-12df-4101-838e-a7f0a18671af
content-encoding
gzip
cf-cache-status
MISS
etag
W/"d36ff2c95efff2ff8a230e631e7db84e"
x-amz-version-id
null
expires
Thu, 26 Dec 2024 08:46:41 GMT
x-evy-trace-listener
listener_https
date
Thu, 26 Dec 2024 08:41:41 GMT
x-hubspot-correlation-id
710bbd94-12df-4101-838e-a7f0a18671af
content-type
text/javascript
last-modified
Mon, 25 Nov 2024 19:53:04 GMT
vary
origin, Accept-Encoding
x-amz-id-2
LHusO3uge7A2rTB80m5uw4olA2EQMdwSuj4qCjlaOR+v4REl4LeBrFp6uc+/9uE5cU/H+HfUItQ=
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=300,public
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-8586d94f84-742j9
x-envoy-upstream-service-time
32
access-control-allow-credentials
false
x-amz-request-id
CYA0DS4WAQMSM24R
cf-ray
8f7fc5edce1782ac-ARN
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
banner.js
js.hs-banner.com/v2/20455591/ 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/20455591/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20455591.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9310 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e973782294514444a9da4c0d6f6c997544948f4164bfd7c8ac6630e89e447789

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/

Response headers

x-evy-trace-virtual-host
all
access-control-max-age
604800
x-request-id
32d8da30-d903-4a18-af2d-2e661ef9d5f5
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"da9f8cbb42b7bc3df996825165cf3f8f"
x-amz-version-id
qupJzV_7vA883ZIIrpUAFIscf9L9aX1K
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires
Thu, 26 Dec 2024 08:46:40 GMT
x-evy-trace-listener
listener_https
date
Thu, 26 Dec 2024 08:41:40 GMT
x-hubspot-correlation-id
32d8da30-d903-4a18-af2d-2e661ef9d5f5
content-type
text/javascript; charset=UTF-8
last-modified
Mon, 25 Nov 2024 19:53:00 GMT
vary
origin, Accept-Encoding
x-amz-id-2
jen7o/9AH/+C4d0vCJs0g4++OLxuebDZthBfI8hI3mUU5e/WWA4kx8X8l37ql4gKxS006zqK8fQ=
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=300,public
timing-allow-origin
*
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-8586d94f84-ng79d
x-envoy-upstream-service-time
96
access-control-allow-credentials
true
x-amz-request-id
JKWF4CZ7SZPQB7JA
cf-ray
8f7fc5edcc27f8a8-ARN
access-control-allow-origin
https://www.batuta.com
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-amz-server-side-encryption
AES256
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.metabaseq.com%2Fthreat%2Fta588%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1623831720.1735202501&dt=TA558%20group%20attacking%20legacy%20systems%20in%20LATAM%20-%20Metabase%20Q&auid=539209407.1735202501&navt=n&npa=1&gtm=45He4cc1v9178609422za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1735202500757&tfd=2516&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFXTS8MV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/

Response headers
js
www.googletagmanager.com/gtag/ 		288 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11483877270&l=dataLayer&cx=c&gtm=45He4cc1v9178609422za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFXTS8MV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0d3ae8ce92e268d8c0762981691cbc2aa1a2bfd28bdc175ed93cfcad4559bdc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 26 Dec 2024 08:41:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 26 Dec 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
101267
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		418 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YK2SFSQJSP&l=dataLayer&cx=c&gtm=45He4cc1v9178609422za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFXTS8MV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fb023f642aa2583dbe87cb72d308cebe1a1823645141f4396e0b6f5b9b69d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 26 Dec 2024 08:41:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
136877
x-xss-protection
0
server
Google Tag Manager
sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 249D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fwww.metabaseq.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFXTS8MV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Thu, 26 Dec 2024 08:41:40 GMT
expires
Fri, 26 Dec 2025 08:41:40 GMT
last-modified
Thu, 12 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-YK2SFSQJSP&gtm=45je4cc1v880428531za200zb9178609422&_p=1735202500378&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1491037028.1735202501&ecid=1653005331&ul=da-dk&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1735202500&sct=1&seg=0&dl=https%3A%2F%2Fwww.metabaseq.com%2Fthreat%2Fta588%2F&dt=TA558%20group%20attacking%20legacy%20systems%20in%20LATAM%20-%20Metabase%20Q&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2568
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YK2SFSQJSP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.metabaseq.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
555 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YK2SFSQJSP&cid=1491037028.1735202501&gtm=45je4cc1v880428531za200zb9178609422&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YK2SFSQJSP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.metabaseq.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.dk/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.dk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YK2SFSQJSP&cid=1491037028.1735202501&gtm=45je4cc1v880428531za200zb9178609422&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1223558373
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 26 Dec 2024 08:41:40 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
wp-emoji-release.min.js
www.metabaseq.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.metabaseq.com/wp-includes/js/wp-emoji-release.min.js?ver=6.7.1
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"6722a2cb-4926"
age
67996
cf-ray
8f7fc5eeb9ef1d06-CPH
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:40 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 30 Oct 2024 21:19:07 GMT
priority
u=3,i=?0
view
js.hs-banner.com/v2/activity/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/activity/view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9310 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.metabaseq.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://www.metabaseq.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age
604800
cf-cache-status
DYNAMIC
cf-ray
8f7fc5ef99adecde-ARN
content-length
0
content-type
application/octet-stream
date
Thu, 26 Dec 2024 08:41:41 GMT
server
cloudflare
timing-allow-origin
*
vary
origin
x-envoy-upstream-service-time
0
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-8586d94f84-vkszw
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
602d64d5-fd11-4494-96fa-739fbecad396
x-request-id
602d64d5-fd11-4494-96fa-739fbecad396
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,400&display=swap
Requested by
Host: js.hs-banner.com
URL: https://js.hs-banner.com/v2/20455591/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0ec296468d76de22a3e834179b4aa57563b76b2946487169ab7726ac98c668c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 08:41:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Dec 2024 08:41:41 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 26 Dec 2024 07:17:43 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
view
js.hs-banner.com/v2/activity/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/activity/view
Requested by
Host: js.hs-banner.com
URL: https://js.hs-banner.com/v2/20455591/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9310 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.metabaseq.com/

Response headers

access-control-max-age
604800
x-request-id
80cf1b4f-97e4-4992-8f28-76c7c3079e81
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-evy-trace-listener
listener_http, listener_https
date
Thu, 26 Dec 2024 08:41:41 GMT
x-hubspot-correlation-id
80cf1b4f-97e4-4992-8f28-76c7c3079e81
vary
origin
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name
envoyset-translator, envoyset-translator
x-evy-trace-served-by-pod
iad02/private-hubapi-td/envoy-proxy-5f9df65f7b-p2s9g, iad02/analytics-js-proxy-td/envoy-proxy-8586d94f84-dc4x5
timing-allow-origin
*
x-envoy-upstream-service-time
21
access-control-allow-credentials
true
cf-ray
8f7fc5f1ce48ecde-ARN
access-control-allow-origin
https://www.metabaseq.com
x-evy-trace-route-configuration
listener_http/all, listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all, all
combinedConfigs
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 		61 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=20455591&currentUrl=https%3A%2F%2Fwww.metabaseq.com%2Fthreat%2Fta588%2F
Requested by
Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/

Response headers

x-robots-tag
noindex, follow
access-control-max-age
180
x-request-id
2031ecc7-4c91-42e2-b2fc-2400b9b024e2
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2%2FJSkXyt2aladlf02oFWq6aOVCibhCzUQbRO87571h2Zj%2FvODR5ZzeW7rVWnbtojy%2FfJdugpdEXiVD4ZRNL77gw39VGFHwry0o3VAR0jgAjdioqc1qyy7DyRtepijQjszKtlOI0rvHcJEmkg5qc%2FsJ3f3BC3NbU%2BFWA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
access-control-allow-methods
OPTIONS, GET
x-evy-trace-listener
listener_https
date
Thu, 26 Dec 2024 08:41:41 GMT
x-hubspot-correlation-id
2031ecc7-4c91-42e2-b2fc-2400b9b024e2
content-type
application/json;charset=utf-8
vary
origin
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=0, no-cache, no-store
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-b967ccf5d-6w44x
x-envoy-upstream-service-time
12
access-control-allow-credentials
true
cf-ray
8f7fc5ef3e1395e2-ARN
access-control-allow-origin
https://www.metabaseq.com
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,400&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.metabaseq.com
Referer
https://fonts.googleapis.com/

Response headers

age
171323
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 24 Dec 2025 09:06:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 09:06:18 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,400&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.metabaseq.com
Referer
https://fonts.googleapis.com/

Response headers

age
81035
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 25 Dec 2025 10:11:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Dec 2024 10:11:06 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
counters.gif
perf-na1.hsforms.com/embed/v3/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1
Requested by
Host: www.metabaseq.com
URL: https://www.metabaseq.com/threat/ta588/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:50cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/

Response headers

x-robots-tag
none
x-request-id
bea59d1a-acf9-4e9e-ac64-06f5def1658b
access-control-expose-headers
X-Origin-Hublet
CF-Cache-Status
MISS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
Date
Thu, 26 Dec 2024 08:41:41 GMT
x-hubspot-correlation-id
bea59d1a-acf9-4e9e-ac64-06f5def1658b
Content-Type
image/gif
vary
origin, Accept-Encoding
Last-Modified
Thu, 26 Dec 2024 08:41:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
Cache-Control
max-age=0, no-cache, no-store
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-b967ccf5d-8gtsz
x-envoy-upstream-service-time
2
Connection
keep-alive
access-control-allow-credentials
false
CF-RAY
8f7fc5f0c81b2e0d-ARN
Accept-Ranges
bytes
x-evy-trace-route-configuration
listener_https/all
Content-Length
35
Server
cloudflare
x-evy-trace-virtual-host
all
feedback-web-fetcher
app.hubspot.com/ Frame 534A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://app.hubspot.com/feedback-web-fetcher
Requested by
Host: js.hubspotfeedback.com
URL: https://js.hubspotfeedback.com/feedbackweb-new.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options no-sniff

Request headers

Referer
https://www.metabaseq.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
69470
cache-control
max-age=0, no-cache, no-store
cf-cache-status
HIT
cf-ray
8f7fc5f26de22df5-ARN
content-encoding
br
content-security-policy-report-only
script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: *.fullstory.com fullstory.com apis.google.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=feedback-web-renderer-ui/static-1.23119/html/fetcher.html&cfRay=8f7fc5f26de22df5&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Ffeedback-web-fetcher&referrer=https%3A%2F%2Fwww.metabaseq.com%2F&cfenv=prod&pdt=2024-12-26&csp=ro
content-type
text/html; charset=utf-8
date
Thu, 26 Dec 2024 08:41:41 GMT
etag
W/"87cd880c3252391625d21a7a26638eb6"
expires
Fri, 27 Dec 2024 08:41:41 GMT
last-modified
Mon, 23 Dec 2024 11:14:51 GMT
nel
{"report_to":"nel","max_age":86400}
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]} {"group":"nel","max_age":86400,"endpoints":[{"url":"https://nel.hsbrowserreports.com/browser/reporting/reports"}]}
reporting-endpoints
default="https://send.hsbrowserreports.com/csp/reports?cfRay=8f7fc5f26de22df5&resource=feedback-web-renderer-ui/static-1.23119/html/fetcher.html"
server
cloudflare
server-timing
cfr;desc=8f7fc5f26de22df5, d;desc="feedback-web-renderer-ui#698b23da-3128-452f-8f96-979f3177de95"
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
accept-encoding
via
1.1 476b5932e94d78f0c3734e15c13a5018.cloudfront.net (CloudFront)
x-amz-cf-id
cAyBle0f6UpvBcP8M9GgX9c_DjEf5McETRD4JVPvmRb8TMxWMd7Pxg==
x-amz-cf-pop
FRA60-P11
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
CF4.KJFBfVaQgGltdPJyIEY3kNNDCvpC
x-cache
Miss from cloudfront
x-content-type-options
no-sniff
x-hs-target-asset
feedback-web-renderer-ui/static-1.23119/html/fetcher.html
x-hs-worker-debug-mode
false
__ptq.gif
track.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=da-dk&bfp=147292737&v=1.1&a=20455591&ct=blog-post&rcu=https%3A%2F%2Fwww.metabaseq.com%2Fthreat%2Fta588%2F&pu=https%3A%2F%2Fwww.metabaseq.com%2Fthreat%2Fta588%2F&t=TA558+group+attacking+legacy+systems+in+LATAM+-+Metabase+Q&cts=1735202501394&rv=1&vi=7f6382cdfbce1933bc16c9726299c137&nc=true&ce=false&cc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/

Response headers

x-robots-tag
none
x-request-id
fd18e383-b92f-4b69-ac7e-c629132d2127
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RFoVZtaYc1wmnA2iEeNr1MjhN%2FSjOJCx9b0o5JtFkOnYodtpIAgYeOkhGfFiCILhIM8lSeedslqr%2BcXP8ygE6CxwGuLQdRB0pFw7Jr6A47KIhmmJ45LHY35fRfFSe20TXGjkan5FAnOu%2FWQY33MZ"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Thu, 26 Dec 2024 08:41:41 GMT
x-hubspot-correlation-id
fd18e383-b92f-4b69-ac7e-c629132d2127
content-type
image/gif
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-c658cb6d4-rkp6r
x-envoy-upstream-service-time
8
access-control-allow-credentials
false
cf-ray
8f7fc5f25f06f8a4-ARN
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
cropped-Metabase-Q-Logo-36x36.png
www.metabaseq.com/wp-content/uploads/2023/01/ 		864 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.metabaseq.com/wp-content/uploads/2023/01/cropped-Metabase-Q-Logo-36x36.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55cc3fc986c982eacada60db5d0f493bddb18f6bcc0a7d7cf30c10f0c7ffd0da

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.metabaseq.com/threat/ta588/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6722a2d2-75c"
age
500300
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=1884
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 26 Dec 2024 08:41:41 GMT
content-type
image/webp
content-disposition
inline; filename="cropped-Metabase-Q-Logo-36x36.webp"
vary
Accept
last-modified
Wed, 30 Oct 2024 21:19:14 GMT
priority
u=1,i
cache-control
public, max-age=31536000
cf-ray
8f7fc5f42cc41d06-CPH
accept-ranges
bytes
access-control-allow-origin
*
content-length
864
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.metabaseq.com
URL
blob:https://www.metabaseq.com/6d7166c4-e97c-4b82-953f-8adc8cf123b6

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| _wpemojiSettings number| uidEvent object| gsapVersions object| _hsq object| dataLayer function| gtag function| initApollo object| leadin_wordpress function| u object| trackingFunctions object| _hsp object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal boolean| PIXELS_RAN object| enabledEventSettings string| lenisVersion object| _gsap function| _scrollTop function| _scrollLeft object| twemoji object| wp object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran boolean| google-font-injected object| hsFeedback object| onHsFeedbackReady boolean| hsFeedbackLoaded object| hsCtasOnReady object| __PRIVATE__HubspotCtaClient object| hsCallsToActionsReady object| __hsWebInteractiveInstance object| hsConversationsOnReady object| HubSpotCallsToActions boolean| hubspot_web_interactives_running function| sanitizeKey boolean| _hstc_loaded boolean| _hstc_ran string| __hsUserToken number| expireDateTime

13 Cookies

Domain/Path Name / Value
.www.metabaseq.com/ Name: __cf_bm
Value: dZZA2Jd4VmfUxpCDHXztpoF.w_qWxNHfRIv5XLQyzmk-1735202499-1.0.1.1-omoMGSZYIsQLVt7fpi5Eh6m5Y8MbuyuavyvwMJ7xYES72j3DTR9X9fuIrJ_FaP0jqRowH8N9aIDmXAJgEX2Hfg
.apollo.io/ Name: __cf_bm
Value: liH85byya9Ilw1Gffu8TFkmOxXN9x_mOc0UA39hJFq4-1735202500-1.0.1.1-dSLvGDVJ6KgMm6tBZ.jQLNq16cDBUztWtHvtf5egzCHrPrKh0Yra04zODFCLwl9KC3SzEnEw1esrExXBVSjbXg
.metabaseq.com/ Name: _gcl_au
Value: 1.1.539209407.1735202501
.hsadspixel.net/ Name: __cf_bm
Value: jDn2IW39Vd2yj7SgMhV2MGmDXlO.snf48WDMgTegF1E-1735202500-1.0.1.1-8Or42lMfUYeMNjde.GLbLmpK5QQzAzCgV42GtJ5wnplN9KFvXygj481BKLoFpZndQt6OJvxwGdq1ANJYaZA9rQ
.metabaseq.com/ Name: _ga
Value: GA1.1.1491037028.1735202501
.hs-scripts.com/ Name: __cf_bm
Value: iubupnUnOri4yuHdg2J.p37NofhCM1f.ZoafZL867pA-1735202500-1.0.1.1-owvRX3q7IXqpeWgAj6r7iq0.bxo1AbsHAvus_ZljQ8YGJDSF329C9L_q9sAP4yRyIHRBzBaAE.8TxtjzgWnX7g
www.metabaseq.com/ Name: pll_language
Value: en
.hs-banner.com/ Name: __cf_bm
Value: YMQ4bV4AZWiY42gSRPGkFp4PfkZdx3DgkCUCncPt3ys-1735202500-1.0.1.1-znG9sBqngvtBKRU2OakepOfc7hHDMfDu9ud2_8z0LjwwNG0UcEadmx7TF143BoP9qCPgPncVW0oWnx9NRzPdFg
.hs-analytics.net/ Name: __cf_bm
Value: 8gLjaezCW1ZFnDU.b4Cjkgdnadxs1sj_LSVcxiFb3zs-1735202501-1.0.1.1-hP6so7dL1ZIMvC_6Ef90WbTGUExLcPEC_gC5rs9wnFReH0iPI2z_cWndp8eRPs.JWtHQfCG1TJshC3Akho.OOA
.hsforms.com/ Name: __cf_bm
Value: 3O3EOlaQqcJtGzL10b5CAQVVchdfWR0N_y7Og4DHmpw-1735202501-1.0.1.1-JSS6fBl9LzcnyYfq5ldCt73IJzzeL0AZpnrAm50gCkROcFyZkrv4MSsu72RPnw6ah7PrXA18VtpDBs01FQn1cA
.hsforms.com/ Name: _cfuvid
Value: 2_DbAiIlAK4MXGdAE3J3Inc7cTfYnC87kxdj4ZBePLw-1735202501366-0.0.1.1-604800000
.hubspot.com/ Name: __cf_bm
Value: 8.t3jKlZ4UYeYSsb9malITXYSlvnQbHgOB1z_FfufwI-1735202501-1.0.1.1-XMVHKS2ZefJ3G64eJHBzh9CP_xuBVUYWTDB49ngz8Go7wslSEsa4tIoGJGXZ0vncoMnIs3HVn0eNJ229mN28Uw
.hubspot.com/ Name: _cfuvid
Value: dznUvS7XVJjG._5EXc3CqUbt4HdWHEuK9p5ZiTdohr0-1735202501617-0.0.1.1-604800000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aplo-evnt.com
app.hubspot.com
assets.apollo.io
cta-service-cms2.hubspot.com
fonts.googleapis.com
fonts.gstatic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hubspot.com
js.hubspotfeedback.com
perf-na1.hsforms.com
region1.analytics.google.com
stats.g.doubleclick.net
track.hubspot.com
www.google.com
www.google.dk
www.googletagmanager.com
www.metabaseq.com
www.metabaseq.com
141.193.213.10
2001:4860:4802:34::36
2606:4700:10::ac43:29b
2606:4700:4400::ac40:9310
2606:4700::6810:7574
2606:4700::6810:7674
2606:4700::6810:89d1
2606:4700::6811:afc9
2606:4700::6811:df98
2606:4700::6811:f07c
2606:4700::6812:50cc
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2008
2a00:1450:4001:81c::2003
2a00:1450:4001:827::2003
2a00:1450:400c:c0b::9c
34.107.133.146
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed
027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f
041ae2b1dca737a4145d456e844d17b5a3b0874627439437903a49c5d0d14286
05faaf20b930b90275c4a1fb7a25c01bd60f338ae23f6a0ccad80af441451430
0bb724a48d9a8465700c838cd9b9cddfcd3fad7cb07dfb46fc33084af29c6a6f
0d3ae8ce92e268d8c0762981691cbc2aa1a2bfd28bdc175ed93cfcad4559bdc6
0ec296468d76de22a3e834179b4aa57563b76b2946487169ab7726ac98c668c0
1aa99c543eb96c768bbc0cde024bee9c9e29cfd9f2517c448ae64073c5a75657
1fe36f9024db7c7418ce44834ff87011a47d85a26ed2e24aef04644d902153a9
2039d204f18247df88a0f132f35fe67f9e52ee7268515ead1647c611f737ba07
21f64e43fc8b0c53258c26017429c20bd6254d968de1a8a083cf061405603fff
22c8ed8b94324a328b77c9a5509876750e5e475b1de286f32c446c721cdb57e0
2b03614b39fdb04a9f747b7b5309d06264bcafce75cc8123b48cdc339499bc56
2c73c40a48cadeaf85e25fa13a2cf128ae9f2c4233df319a2ab56ab46e9ea8f0
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
3fac945f8874cb418b1a2e02638864031b68c52cb5d3c42c6a669123108f5456
4913da40027e0f0cc440af7661b45fe0b0b6d3fae61dbc54fdf6584eeddffeaf
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4e6ea2b07426be2b281f147b2611b80151f05a2fbe71dfa0d71be8434fb6ff90
555e3df99ce1298cf97adef333b2cc1ae5926a6eafd85c20874c4d02883532bf
55cc3fc986c982eacada60db5d0f493bddb18f6bcc0a7d7cf30c10f0c7ffd0da
5a29f2603cf857ad375c8e1219542c1baa9c27394ee66026d7b310e97db41ba6
5e8f04f11489601633bf8dd81ba8de20c4cc124683cf9ab4c4d2b63dc9ed90d5
627ceccbcfe73a7f4dbfed260a6e29096a729e1878c4dd2217487b22afb897ee
6375ba771e90f67bd9fecb5d4671d01cb8ada8c9659876f37f71afa82ed89e0c
65d5c5184bf129b3308f9b8247ddc9e17c88c893d64a7bc08a982086c4236a56
6614a2130355e0bdbe57a023f61c321190021996b4b5cce63e6f24e414778403
674d5ab1e2c5a783115e67fabc4805ac2e8a83d48eb6a1ad3535c23a959a1801
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7159cca10ea3445f24d74f11cd075a8ac57cfb372ca713acbeb54924d766dcaa
7af290076f62703901c86c5a02ec33ff91547300b1f60307f2504a79f2372e1b
7d425120fa8d3f8700d1263f7b4b3828a749b9cd1496d2215b9d1e5090384d9f
8477581296b3aa303c191f51220060b21b46504389f37693f07704ff7177f900
869d348a8f6eb6166372ca4dc6ad6f16f491e57c24be240a9f9988cbaecd55d2
870e957482afc0057fe08f746e1d44d1636ce3de1f092acabec97521259180b1
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8edbc084603e1886175b78e0288ed0e9fd99f4f5919e24296ac1471ba9d65bc2
8ee0654259fda0bbfeab4305b895e740659613080d90352bd36c1452fd426ef6
8f3e5777f892cd37c65a92aff6889189700fbfa59a524c1035fe7e9e25411eeb
8fa95a2a8d3439c6a967f5249762b4e95f29b70d51fc6fb68b09aa534fca42da
90756ec6163fa4072d3180d2446e34357a7e0688d75c9905c56e9167c264f415
94c33d6b7a8a3ec1b2fa2f21d8d13e760f5a2b1d0bcd6bc79040eaf8fc3db99a
97f4e573444b45973c1fccf3ea98bdad4e80fbea13ba2e511c904a4b76316f5d
a24315b89689f41924af9fab8499de5ab346ee245cb56e1b98bff61130b91f71
a41b0d416e030fee3edb91966e9b0d0d65cdaddd78c04f412841636cc6e89c53
a7c74c81f5807eba9302371665955fbeb4712839560b59e5b4a5e7b99e3812b3
a9b636a3da03243745631637acf58b451b0cfd4796821ea0c02bde692a5f4cf4
abc96e867cf82a2020f7787772a10b861499c7e6d5882f1a0594f2eab577161a
b4efa4c93a93272a913b16a6e14e61130b5f8b9186d7c7c3cd057241e46f13ee
b90b977fb148072a174455104fa11dcc671845c24cc6fac1d4992e6749216ee7
b9ed78174e596221aee577cabff69bc9ef03cdf829c6b16790108e45f740efff
bc215182f2d2bb9d3fecce55d102c5e94546e4d45d00323b0f470b535ab626de
bc982b0da18e704979293cd699ce6c856c6e484f85c3bc0b925a9c06d506e103
c883a9a9db887b58db3cfb13e6c0492f648ae103097f60a019400cea08ba44c4
c8aea58603a4a5587639b885a128584b599dd618cfc4973d019ef6e8a46d8c8c
c9cc991deb5d27f267830a19f2301eb164d9e61ec08669c1a1a291c5620ff40a
cb350e6f601fb6178300b0870ff37e7cccd5e08e31b14429cfa4cb98499c318d
cb3cd8a36749a022a1430e73f36b458601af0f0b5f169d907f9b888173d98206
cd3be6596541c58e09804700fdcdce86cc59d594af4e07701656fbf89aaedf2c
d4bd686131c035e152ea1fa0cfc4be422cf51c55b6537c1112da0854118f85c4
d58a261c763cb81460aafc88ab53ddd7d98060262c015160285ecb97f0500bde
d753bde267edee14c5a42978d120729c58c5300f0c5a896a0fbed2da7733e402
d9aa79bfb7d1221c68ae1073e3d66cc65f33b0a25e76701266917df0840d24d2
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
da0031001c07f5c6478c8a687914c0dd5a03056c71957412797cf42568501edd
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43104a668b50cb58fd59ca50e84b9c44619b1aac9cb72c6da15aba019931b16
e973782294514444a9da4c0d6f6c997544948f4164bfd7c8ac6630e89e447789
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fad0c40ca0ca3ef6da2b34fa0bcd6bfc75b62dfdfc1941dfb1f6601f77a84d3e
fb023f642aa2583dbe87cb72d308cebe1a1823645141f4396e0b6f5b9b69d4c4
fef26cd2b4ff104f27d3b03420407944a6bc8d3121d18f34dec4eb680d7189c2