www.metabaseq.com Open in urlscan Pro
159.65.97.158 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.metabaseq.com/fenix-botnet/
Submission: On January 16 via api (January 16th 2024, 4:47:39 pm UTC) from US — Scanned from DE

Summary HTTP 95 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 15 domains to perform 95 HTTP transactions. The main IP is 159.65.97.158, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.metabaseq.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 19th 2023. Valid for: a year.

This is the only time www.metabaseq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
68	159.65.97.158 159.65.97.158	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:210... 2600:9000:2104:9400:7:d7d6:3c40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:bb59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:e4a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4fba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:440... 2606:4700:4400::ac40:991b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.153.4.44 18.153.4.44	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
95	16

68 159.65.97.158 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

www.metabaseq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:9400:7:d7d6:3c40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.clearbitscripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:bb59 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e4a3 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4fba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.153.4.44 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-153-4-44.eu-central-1.compute.amazonaws.com

x.clearbitjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	metabaseq.com www.metabaseq.com	3 MB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 349 www.linkedin.com — Cisco Umbrella Rank: 632 px4.ads.linkedin.com — Cisco Umbrella Rank: 6550	5 KB
5	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2148	385 KB
5	gstatic.com fonts.gstatic.com	80 KB
2	clearbitjs.com x.clearbitjs.com — Cisco Umbrella Rank: 14038	45 KB
2	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2407	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	2 KB
1	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2301	1 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 783	16 KB
1	clearbit.com app.clearbit.com — Cisco Umbrella Rank: 14315	1 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2120	21 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3251	4 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2029	255 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	88 KB
1	clearbitscripts.com tag.clearbitscripts.com — Cisco Umbrella Rank: 12061	5 KB
95	15

	Domain	Requested by
68	www.metabaseq.com	www.metabaseq.com
5	js.hs-banner.com	js.hs-scripts.com js.hs-banner.com www.metabaseq.com
5	fonts.gstatic.com	fonts.googleapis.com
4	px.ads.linkedin.com	3 redirects snap.licdn.com
2	x.clearbitjs.com	tag.clearbitscripts.com
2	js.hs-scripts.com	www.metabaseq.com
2	fonts.googleapis.com	www.metabaseq.com
1	track.hubspot.com
1	px4.ads.linkedin.com	www.metabaseq.com
1	www.linkedin.com	1 redirects
1	snap.licdn.com	www.metabaseq.com
1	app.clearbit.com	x.clearbitjs.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.metabaseq.com
1	tag.clearbitscripts.com	www.metabaseq.com
95	17

This site contains links to these domains. Also see Links.

Domain
wa.me
www.facebook.com
www.instagram.com
twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
*.metabaseq.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-19` - `2024-11-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
clearbitscripts.com Amazon RSA 2048 M01	`2023-06-11` - `2024-07-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
clearbitjs.com Amazon RSA 2048 M01	`2023-03-17` - `2024-04-14`	a year	crt.sh
clearbit.com Amazon RSA 2048 M02	`2023-03-17` - `2024-04-14`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.metabaseq.com/fenix-botnet/
Frame ID: BBA872B18C9688BD0C9DAA35598C4990
Requests: 94 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Botnet Fenix: New botnet going after tax payers in Mexico and Chile - Metabase Q

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

95
Requests

98 %
HTTPS

80 %
IPv6

15
Domains

17
Subdomains

16
IPs

2
Countries

3882 kB
Transfer

5818 kB
Size

14
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://wa.me/525522110920
Title: +52 55 2211 0920

Search URL Search Domain Scan URL

URL: https://www.facebook.com/metabasq/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/metabaseq/

Search URL Search Domain Scan URL

URL: https://twitter.com/metabaseq?lang=en

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/metabase-q/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4661010&time=1705423654704&url=https%3A%2F%2Fwww.metabaseq.com%2Ffenix-botnet%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4661010&time=1705423654704&url=https%3A%2F%2Fwww.metabaseq.com%2Ffenix-botnet%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4661010%26time%3D1705423654704%26url%3Dhttps%253A%252F%252Fwww.metabaseq.com%252Ffenix-botnet%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4661010&time=1705423654704&url=https%3A%2F%2Fwww.metabaseq.com%2Ffenix-botnet%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4661010&time=1705423654704&url=https%3A%2F%2Fwww.metabaseq.com%2Ffenix-botnet%2F&cookiesTest=true&liSync=true&e_ipv6=AQKmoiM7oMOLfAAAAY0TK9EHpkJdy4tdIhWLjrzFvVzZU1H0vp_LZZs6flBD3z4PCTygerTaRqtSiA

95 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.metabaseq.com/fenix-botnet/ 257 KB
56 KB 1703ms
1181ms Document
text/html 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

b23217bb85286c3da5ee1bc14164d481455932e3a89ed7e96b1e3f6e7284c67a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 16 Jan 2024 16:47:32 GMT
link: <https://www.metabaseq.com/wp-json/>; rel="https://api.w.org/" <https://www.metabaseq.com/wp-json/wp/v2/posts/9216>; rel="alternate"; type="application/json" <https://www.metabaseq.com/?p=9216>; rel=shortlink
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 main.min.css
www.metabaseq.com/wp-content/themes/astra/assets/css/minified/ 40 KB
8 KB 371ms
371ms Stylesheet
text/css 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/themes/astra/assets/css/minified/main.min.css?ver=4.5.2

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

b951172c2f809efa4076bc3633b658d27836acca79e718320d48c1a860eb57e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 13 Dec 2023 18:44:51 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 8097
x-xss-protection: 1; mode=block

GET
BLOB 200
OK ba41bda3-35ee-49c7-911c-6846f3cb1170
https://www.metabaseq.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.metabaseq.com/ba41bda3-35ee-49c7-911c-6846f3cb1170
Requested by: Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 css
fonts.googleapis.com/ 2 KB
662 B 82ms
32ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C&display=fallback&ver=4.5.2

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5e4bcd9b88cbbde3deb757d328d37cacaa5481b3966f54bfe3d20baa218b5a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Jan 2024 16:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 16:44:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jan 2024 16:47:33 GMT

GET
H2 200 style.min.css
www.metabaseq.com/wp-includes/css/dist/block-library/ 107 KB
14 KB 209ms
209ms Stylesheet
text/css 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 20:59:56 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 14499
x-xss-protection: 1; mode=block

GET
H2 200 frontend.css
www.metabaseq.com/wp-content/plugins/jet-engine/assets/css/ 73 KB
9 KB 369ms
369ms Stylesheet
text/css 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/jet-engine/assets/css/frontend.css?ver=3.3.3

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

8341038e05d7bde80b568c5e35469f523159f9b192af90000e7b2ac7711f92e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 02 Jan 2024 17:30:34 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 8750
x-xss-protection: 1; mode=block

GET
H2 200 menu-image.css
www.metabaseq.com/wp-content/plugins/menu-image/includes/css/ 3 KB
1 KB 370ms
368ms Stylesheet
text/css 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/menu-image/includes/css/menu-image.css?ver=3.11

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

75db663f63c3505c2d1d2c41b82da41465bcd39b390516728f7fd323f95f644e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 02 Jan 2024 17:30:41 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 825
x-xss-protection: 1; mode=block

GET
H2 200 dashicons.min.css
www.metabaseq.com/wp-includes/css/ 58 KB
35 KB 373ms
371ms Stylesheet
text/css 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-includes/css/dashicons.min.css?ver=6.4.2

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 35730
x-xss-protection: 1; mode=block

GET
H2 200 public.css
www.metabaseq.com/wp-content/plugins/jet-menu/assets/public/css/ 83 KB
7 KB 395ms
394ms Stylesheet
text/css 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/jet-menu/assets/public/css/public.css?ver=2.4.3

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

32fca45f5a769e6e990e6a42cd29640f34d2d152280a33fdcf7abfbfebd8905a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 07 Dec 2023 15:22:56 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 6554
x-xss-protection: 1; mode=block

GET
H2 200 frontend.min.css
www.metabaseq.com/wp-content/plugins/elementor/assets/css/modules/lazyload/ 413 B
442 B 371ms
370ms Stylesheet
text/css 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/elementor/assets/css/modules/lazyload/frontend.min.css?ver=3.18.3

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

5ecb54f91384af7226cb4f18f87588edd49ceff5bdd4a3010336e1c22ccc390d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 20 Dec 2023 20:57:27 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 171
x-xss-protection: 1; mode=block

GET
H2 200 frontend-lite.min.css
www.metabaseq.com/wp-content/plugins/elementor/assets/css/ 115 KB
14 KB 396ms
395ms Stylesheet
text/css 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.18.3

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

6ecbdb2dc3f86c7ed142dce156d8f3ca1846b75bb512471935f45b8c8949645e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 20 Dec 2023 20:57:27 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 13773
x-xss-protection: 1; mode=block

GET
H2 200 swiper.min.css
www.metabaseq.com/wp-content/plugins/elementor/assets/lib/swiper/css/ 13 KB
3 KB 372ms
371ms Stylesheet
text/css 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 20 Dec 2023 20:57:27 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 2409
x-xss-protection: 1; mode=block

GET
H2 200 post-25.css
www.metabaseq.com/wp-content/uploads/elementor/css/ 7 KB
2 KB 211ms
210ms Stylesheet
text/css 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/uploads/elementor/css/post-25.css?ver=1704827431

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

feed57dd432e25f76353769588206e9bf522528d006c0139766a96569b3ff3a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 09 Jan 2024 19:10:31 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1335
x-xss-protection: 1; mode=block

GET
H2 200 frontend-lite.min.css
www.metabaseq.com/wp-content/plugins/elementor-pro/assets/css/ 11 KB
2 KB 370ms
369ms Stylesheet
text/css 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.18.2

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

4c77eae83f555b5b989e2a2e0e422710e457226353df78e3e880ea8649a0304d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 20 Dec 2023 22:02:23 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1516
x-xss-protection: 1; mode=block

GET
H2 200 jet-tabs-frontend.css
www.metabaseq.com/wp-content/plugins/jet-tabs/assets/css/ 34 KB
4 KB 397ms
396ms Stylesheet
text/css 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/jet-tabs/assets/css/jet-tabs-frontend.css?ver=2.2.0

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

33a33e90866b073baac7fb623cc876c9a1a2753ebda8292950f71db962d68801

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 05 Dec 2023 19:00:57 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 3842
x-xss-protection: 1; mode=block

GET
H2 200 all.min.css
www.metabaseq.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 58 KB
13 KB 558ms
557ms Stylesheet
text/css 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.18.3

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 20 Dec 2023 20:57:27 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 12869
x-xss-protection: 1; mode=block

GET
H2 200 v4-shims.min.css
www.metabaseq.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 26 KB
4 KB 396ms
395ms Stylesheet
text/css 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.18.3

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 20 Dec 2023 20:57:27 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 4229
x-xss-protection: 1; mode=block

GET
H2 200 global.css
www.metabaseq.com/wp-content/uploads/elementor/css/ 154 KB
8 KB 399ms
398ms Stylesheet
text/css 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/uploads/elementor/css/global.css?ver=1704827431

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

638f1981b98be004b8c64787dfc4e8803262ffc075dd39825cacabc19b8cbd64

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 09 Jan 2024 19:10:31 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 8146
x-xss-protection: 1; mode=block

GET
H2 200 post-318.css
www.metabaseq.com/wp-content/uploads/elementor/css/ 71 KB
5 KB 398ms
397ms Stylesheet
text/css 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/uploads/elementor/css/post-318.css?ver=1704839513

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

eec87d1b2a34ea0b14b9d4b28ef142ae34e2b915022cbbeb5c0044101a98bd83

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 09 Jan 2024 22:31:53 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 5199
x-xss-protection: 1; mode=block

GET
H2 200 post-147.css
www.metabaseq.com/wp-content/uploads/elementor/css/ 30 KB
3 KB 559ms
559ms Stylesheet
text/css 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/uploads/elementor/css/post-147.css?ver=1704827433

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

4b1b3ceeb34db2c2b663783e1d499d7f34aec49b9a1181cb7377a8d2bf6a0fcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 09 Jan 2024 19:10:33 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 2720
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 27 KB
2 KB 80ms
32ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.4.2

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Jan 2024 16:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 16:45:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jan 2024 16:47:33 GMT

GET
H2 200 jquery.min.js Show response
www.metabaseq.com/wp-includes/js/jquery/ 86 KB
30 KB 400ms
400ms Script
text/javascript 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 20:59:56 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 30368
x-xss-protection: 1; mode=block

GET
H2 200 jquery-migrate.min.js Show response
www.metabaseq.com/wp-includes/js/jquery/ 13 KB
5 KB 554ms
554ms Script
text/javascript 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 08 Aug 2023 20:58:09 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 4872
x-xss-protection: 1; mode=block

GET
H2 200 v4-shims.min.js Show response
www.metabaseq.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/ 15 KB
4 KB 560ms
560ms Script
text/javascript 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.18.3

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 20 Dec 2023 20:57:27 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 4205
x-xss-protection: 1; mode=block

GET
H2 200 tags.js Show response
tag.clearbitscripts.com/v1/pk_04317e067aaeb2fc4cd631d8dd838d10/ 16 KB
5 KB 282ms
186ms Script
application/javascript 2600:9000:2104:9400:7:d7d6:3c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.clearbitscripts.com/v1/pk_04317e067aaeb2fc4cd631d8dd838d10/tags.js

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:9400:7:d7d6:3c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Clearbit /

Resource Hash

9b98b7590f50db3057023e1ce91483b8fcd6f2c7f267d18d1a22ff66c0a638be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
via: 1.1 a06d82f018833bef3e7f2e9fd230e5ee.cloudfront.net (CloudFront)
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: AMS1-C1
etag: W/"0b7a556ff33353ab28fc75072a92db84"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600
x-amz-cf-id: 3h6IAwtTvlyekdZnr3-3PQYqLAtOWOCYGygTBt28aEeMg9rd4G8cbQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 259 KB
88 KB 90ms
37ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YK2SFSQJSP

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a80832ff60a3d364cf73a18e8bc0456c019db7b63c3bc691f2f7ffa566dc7a05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89708
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Jan 2024 16:47:33 GMT

GET
H2 200 20455591.js Show response
js.hs-scripts.com/ 1 KB
722 B 186ms
139ms Script
application/javascript 2606:4700::6810:bb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/20455591.js

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bb59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fe9b6aa7e4ff987d54327a161480a1a71b78f5d6512107fa39e4b67cb750ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: e1ab375a-0d39-4439-9774-702cd39ec671
x-envoy-upstream-service-time: 11
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e1ab375a-0d39-4439-9774-702cd39ec671
last-modified: Tue, 16 Jan 2024 14:25:03 GMT
server: cloudflare
x-trace: 2B155AC74CBF86C6A06B29022B314ABB9F9778BBB2000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.metabaseq.com
x-evy-trace-virtual-host: all
cache-control: public, max-age=90
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-fcdc68c87-scczz
cf-ray: 8467d74c3a1e9116-FRA
expires: Tue, 16 Jan 2024 16:49:03 GMT

GET
H2 200 Vector.svg
www.metabaseq.com/wp-content/uploads/2022/11/ 5 KB
5 KB 555ms
555ms Image
image/svg+xml 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.metabaseq.com/wp-content/uploads/2022/11/Vector.svg

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

33b96327c135375378cb23a13875d5db16ef90889946ce45a562c3e98f9ebbfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 30 Oct 2023 23:07:13 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 4964
x-xss-protection: 1; mode=block

GET
H2 200 Metabase-q-Logo-White.svg
www.metabaseq.com/wp-content/uploads/2022/11/ 5 KB
6 KB 755ms
752ms Image
image/svg+xml 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.metabaseq.com/wp-content/uploads/2022/11/Metabase-q-Logo-White.svg

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

87356b574bf7b1e2ed2486d02f4f5b26c064417c769e5f4762c1ed31de77ba24

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 29 Mar 2023 23:18:02 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 5401
x-xss-protection: 1; mode=block

GET
H2 200 LOGO-MOBILE.svg
www.metabaseq.com/wp-content/uploads/2022/11/ 5 KB
6 KB 557ms
557ms Image
image/svg+xml 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.metabaseq.com/wp-content/uploads/2022/11/LOGO-MOBILE.svg

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

89085438de041f83ab38d1880c4a877e42ea18766e68eb3e862955fd128ddebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 02 Jan 2024 19:38:24 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 5478
x-xss-protection: 1; mode=block

GET
H2 200 widget-mega-menu.min.css
www.metabaseq.com/wp-content/plugins/elementor-pro/assets/css/ 18 KB
3 KB 559ms
559ms Stylesheet
text/css 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/elementor-pro/assets/css/widget-mega-menu.min.css

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

fdf2fefd85c8ab3efa841f4cf22787b8dbdd54c2cb5ad07406fa0cfc26ffbc11

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 20 Dec 2023 22:02:23 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 2750
x-xss-protection: 1; mode=block

GET
H2 200 Phenix-Botnet-Fig-01.png
www.metabaseq.com/wp-content/uploads/2023/05/ 821 KB
821 KB 197ms
197ms Image
image/png 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.metabaseq.com/wp-content/uploads/2023/05/Phenix-Botnet-Fig-01.png

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

aafa41b8042bb41c7cd9b055bf5b63696725aa56ad071eca9a13f2e36e5493d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 11 May 2023 17:42:52 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 840404
x-xss-protection: 1; mode=block

GET
H2 200 Phenix-Botnet-Fig-02.png
www.metabaseq.com/wp-content/uploads/2023/05/ 265 KB
266 KB 198ms
198ms Image
image/png 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.metabaseq.com/wp-content/uploads/2023/05/Phenix-Botnet-Fig-02.png

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

af285b47dd732309538be6eafe0ae2423342be748c920a70c3f68f3e421ae86a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 11 May 2023 17:42:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 271859
x-xss-protection: 1; mode=block

GET
H2 200 Phenix-Botnet-Fig-03-v1.png
www.metabaseq.com/wp-content/uploads/2023/05/ 610 KB
610 KB 561ms
554ms Image
image/png 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.metabaseq.com/wp-content/uploads/2023/05/Phenix-Botnet-Fig-03-v1.png

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

948b2050f05aced99720a61b327accdbe0b58e853ec7e998b67894548dd1b326

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 15 May 2023 17:00:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 624188
x-xss-protection: 1; mode=block

GET
H2 200 Phenix-Botnet-Fig-04.png
www.metabaseq.com/wp-content/uploads/2023/05/ 154 KB
154 KB 753ms
750ms Image
image/png 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.metabaseq.com/wp-content/uploads/2023/05/Phenix-Botnet-Fig-04.png

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

cdf5e9b942c4d6c912fc5065a59606bcb44852c13e4a82ba7b8927409aba0766

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 11 May 2023 17:42:59 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 157347
x-xss-protection: 1; mode=block

GET
H2 200 Phenix-Botnet-Fig-06.png
www.metabaseq.com/wp-content/uploads/2023/05/ 236 KB
236 KB 751ms
749ms Image
image/png 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.metabaseq.com/wp-content/uploads/2023/05/Phenix-Botnet-Fig-06.png

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f0c4203659233a44c5c46c1c3be6c73536ee17e40497d339af59372fa17cd6a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 11 May 2023 17:43:00 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 241685
x-xss-protection: 1; mode=block

GET
H2 200 Phenix-Botnet-Fig-07.png
www.metabaseq.com/wp-content/uploads/2023/05/ 125 KB
126 KB 753ms
750ms Image
image/png 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.metabaseq.com/wp-content/uploads/2023/05/Phenix-Botnet-Fig-07.png

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

3ab0f81b1bc9a21007ec2f3324ea5f05f42bfd5b9559d78e444470d79b1a045d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 11 May 2023 17:43:02 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 128213
x-xss-protection: 1; mode=block

GET
H2 200 Phenix-Botnet-Fig-08.png
www.metabaseq.com/wp-content/uploads/2023/05/ 28 KB
29 KB 753ms
751ms Image
image/png 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.metabaseq.com/wp-content/uploads/2023/05/Phenix-Botnet-Fig-08.png

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

3c0264ba5c7a2d32a3512b189e02c438c1fbed5654abbbd1c5011b50026df9eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 11 May 2023 17:43:03 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 29083
x-xss-protection: 1; mode=block

GET
H2 200 Phenix-Botnet-Fig-09.png
www.metabaseq.com/wp-content/uploads/2023/05/ 74 KB
74 KB 756ms
754ms Image
image/png 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.metabaseq.com/wp-content/uploads/2023/05/Phenix-Botnet-Fig-09.png

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

bde7b9939ab28c13d417512529dc94544d0d925f87fbbd8a05e791865dcdae2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 11 May 2023 17:43:04 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 75370
x-xss-protection: 1; mode=block

GET
H2 200 Phenix-Botnet-Fig-10.png
www.metabaseq.com/wp-content/uploads/2023/05/ 206 KB
206 KB 756ms
754ms Image
image/png 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.metabaseq.com/wp-content/uploads/2023/05/Phenix-Botnet-Fig-10.png

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

7c86ac4f9d0f39cfb4b936e8684150765ab66e53df366d425955c90bbc4c45e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 11 May 2023 17:43:05 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 210964
x-xss-protection: 1; mode=block

GET
H2 200 Phenix-Botnet-Fig-11.png
www.metabaseq.com/wp-content/uploads/2023/05/ 44 KB
44 KB 758ms
755ms Image
image/png 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.metabaseq.com/wp-content/uploads/2023/05/Phenix-Botnet-Fig-11.png

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

a963dff6e5b8cadb16d6b0a68f9b8c4c69fa5091583094fd65ebd53a9f743701

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 11 May 2023 17:43:06 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 45181
x-xss-protection: 1; mode=block

GET
H2 200 Phenix-Botnet-Fig-12.png
www.metabaseq.com/wp-content/uploads/2023/05/ 8 KB
8 KB 758ms
756ms Image
image/png 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.metabaseq.com/wp-content/uploads/2023/05/Phenix-Botnet-Fig-12.png

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

69ec6d8395bdb34e96cf0d75641de583c6d70251080827fc4133a442106abfd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 11 May 2023 17:43:07 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 8206
x-xss-protection: 1; mode=block

GET
H2 200 Phenix-Botnet-Fig-13.png
www.metabaseq.com/wp-content/uploads/2023/05/ 10 KB
10 KB 757ms
756ms Image
image/png 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.metabaseq.com/wp-content/uploads/2023/05/Phenix-Botnet-Fig-13.png

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

22fefbaca9f4673b2cd795f760c52d36e9d6706013f8f48ed56ff9de2527b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 11 May 2023 17:43:08 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 10053
x-xss-protection: 1; mode=block

GET
H2 200 Phenix-Botnet-Fig-14.svg
www.metabaseq.com/wp-content/uploads/2023/05/ 129 KB
130 KB 756ms
754ms Image
image/svg+xml 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.metabaseq.com/wp-content/uploads/2023/05/Phenix-Botnet-Fig-14.svg

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

3ff01f696813d945f1abe4a94fda4cca807574b7fd55d7fd1393f818046af1fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 15 May 2023 17:40:50 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 132600
x-xss-protection: 1; mode=block

GET
H2 200 widget-icon-list.min.css
www.metabaseq.com/wp-content/plugins/elementor/assets/css/ 10 KB
1 KB 561ms
555ms Stylesheet
text/css 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

ba8bea6a6bbbb634afd80fa6128f556a2d09331a9b5e14754d134c43748d5dcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 20 Dec 2023 20:57:27 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 972
x-xss-protection: 1; mode=block

GET
H2 200 language-switcher.min.css
www.metabaseq.com/wp-content/plugins/connect-polylang-elementor/assets/css/ 7 KB
2 KB 568ms
561ms Stylesheet
text/css 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/connect-polylang-elementor/assets/css/language-switcher.min.css?ver=2.4.3

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

0744da2f7421d9e81c901952ea7a214e31eac90c2752b5944b49117404966a9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 30 Jun 2023 17:06:47 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1292
x-xss-protection: 1; mode=block

GET
H2 200 animations.min.css
www.metabaseq.com/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
3 KB 559ms
553ms Stylesheet
text/css 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.18.3

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 20 Dec 2023 20:57:27 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 2592
x-xss-protection: 1; mode=block

GET
H2 200 frontend.min.js Show response
www.metabaseq.com/wp-content/themes/astra/assets/js/minified/ 21 KB
5 KB 563ms
557ms Script
text/javascript 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=4.5.2

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

cc9de0408b9e78b2b854e8f35236896ac64ec2fb16bc15b85a14bf3e52a15419

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 13 Dec 2023 18:44:51 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 5020
x-xss-protection: 1; mode=block

GET
H2 200 20455591.js Show response
js.hs-scripts.com/ 1 KB
1 KB 188ms
138ms Script
application/javascript 2606:4700::6810:bb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/20455591.js?integration=WordPress&ver=10.2.17

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bb59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bea52870565b59df00c668da996503d3830152add01ac496c274f6757def76c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f0fff276-8433-4420-b28c-f98a0775e6ad
x-envoy-upstream-service-time: 4
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f0fff276-8433-4420-b28c-f98a0775e6ad
last-modified: Mon, 15 Jan 2024 08:39:04 GMT
server: cloudflare
x-trace: 2BEBB705450C0653D3D9320CF8BED906E473161263000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.metabaseq.com
x-evy-trace-virtual-host: all
cache-control: public, max-age=90
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-fcdc68c87-kz2n2
cf-ray: 8467d74c3a1d9116-FRA
expires: Tue, 16 Jan 2024 16:49:03 GMT

GET
H2 200 wp-polyfill-inert.min.js Show response
www.metabaseq.com/wp-includes/js/dist/vendor/ 8 KB
3 KB 564ms
558ms Script
text/javascript 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 29 Mar 2023 20:57:00 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 2484
x-xss-protection: 1; mode=block

GET
H2 200 regenerator-runtime.min.js Show response
www.metabaseq.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 569ms
563ms Script
text/javascript 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 20:59:56 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 2502
x-xss-protection: 1; mode=block

GET
H2 200 wp-polyfill.min.js Show response
www.metabaseq.com/wp-includes/js/dist/vendor/ 112 KB
35 KB 573ms
567ms Script
text/javascript 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 20:59:56 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 35888
x-xss-protection: 1; mode=block

GET
H2 200 hooks.min.js Show response
www.metabaseq.com/wp-includes/js/dist/ 5 KB
2 KB 562ms
556ms Script
text/javascript 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 08 Aug 2023 20:58:09 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 1567
x-xss-protection: 1; mode=block

GET
H2 200 vue.min.js Show response
www.metabaseq.com/wp-content/plugins/jet-menu/assets/public/lib/vue/ 91 KB
34 KB 573ms
568ms Script
text/javascript 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/jet-menu/assets/public/lib/vue/vue.min.js?ver=2.6.11

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 07 Dec 2023 15:22:56 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 34060
x-xss-protection: 1; mode=block

GET
H2 200 jet-menu-public-scripts.js Show response
www.metabaseq.com/wp-content/plugins/jet-menu/assets/public/js/ 52 KB
11 KB 572ms
566ms Script
text/javascript 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/jet-menu/assets/public/js/jet-menu-public-scripts.js?ver=2.4.3

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

c6235492a3c6dc18bf9787615c876f10c90c596c1fdb30585513cf93706f4861

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 07 Dec 2023 15:22:56 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 10961
x-xss-protection: 1; mode=block

GET
H2 200 webpack-pro.runtime.min.js Show response
www.metabaseq.com/wp-content/plugins/elementor-pro/assets/js/ 6 KB
3 KB 569ms
564ms Script
text/javascript 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.18.2

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

7a84b8a454e84c689e5d3e3078c165647b2e4e13795814fc25b5932bd2e96402

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 20 Dec 2023 22:02:23 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 2655
x-xss-protection: 1; mode=block

GET
H2 200 webpack.runtime.min.js Show response
www.metabaseq.com/wp-content/plugins/elementor/assets/js/ 5 KB
2 KB 567ms
561ms Script
text/javascript 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.18.3

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

942c9264f9de00fecac162d8f657d9d32a977882341f6ab66e8bf98dab5e1e76

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 20 Dec 2023 20:57:27 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 2213
x-xss-protection: 1; mode=block

GET
H2 200 frontend-modules.min.js Show response
www.metabaseq.com/wp-content/plugins/elementor/assets/js/ 59 KB
17 KB 565ms
560ms Script
text/javascript 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.18.3

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

8e604215fe4a988196d6b824554fad49143f7450349b4a2a285dad3faeba2f7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 20 Dec 2023 20:57:27 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 16923
x-xss-protection: 1; mode=block

GET
H2 200 i18n.min.js Show response
www.metabaseq.com/wp-includes/js/dist/ 9 KB
4 KB 567ms
562ms Script
text/javascript 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 08 Aug 2023 20:58:09 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 3692
x-xss-protection: 1; mode=block

GET
H2 200 frontend.min.js Show response
www.metabaseq.com/wp-content/plugins/elementor-pro/assets/js/ 25 KB
7 KB 571ms
566ms Script
text/javascript 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.18.2

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

ea545fbe45f0f4005e27955f6b63c236438679566c666842f98c24dac9d3e70e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 20 Dec 2023 22:02:23 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 6728
x-xss-protection: 1; mode=block

GET
H2 200 waypoints.min.js Show response
www.metabaseq.com/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 564ms
559ms Script
text/javascript 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 20 Dec 2023 20:57:27 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 2993
x-xss-protection: 1; mode=block

GET
H2 200 core.min.js Show response
www.metabaseq.com/wp-includes/js/jquery/ui/ 21 KB
7 KB 570ms
565ms Script
text/javascript 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 29 Mar 2023 20:57:00 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 7099
x-xss-protection: 1; mode=block

GET
H2 200 frontend.min.js Show response
www.metabaseq.com/wp-content/plugins/elementor/assets/js/ 39 KB
12 KB 569ms
564ms Script
text/javascript 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.18.3

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f7e5b0c06ee5bbc14d3e9e9f3055b8108bab899e37aec44a227485f3c3624cee

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 20 Dec 2023 20:57:27 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 12234
x-xss-protection: 1; mode=block

GET
H2 200 elements-handlers.min.js Show response
www.metabaseq.com/wp-content/plugins/elementor-pro/assets/js/ 37 KB
9 KB 752ms
748ms Script
text/javascript 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.18.2

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

503f20b8f6709c55f119a78910163881b3b3ac32d9b6283a914be20107111f3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 20 Dec 2023 22:02:23 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 9226
x-xss-protection: 1; mode=block

GET
H2 200 widgets-scripts.js Show response
www.metabaseq.com/wp-content/plugins/jet-menu/includes/elementor/assets/public/js/ 11 KB
4 KB 753ms
749ms Script
text/javascript 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/jet-menu/includes/elementor/assets/public/js/widgets-scripts.js?ver=2.4.3

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e1053993fc74fe411a7510da9cecb4d1e807e113dc647e08c40d7f9670350ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 07 Dec 2023 15:22:56 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 3425
x-xss-protection: 1; mode=block

GET
H2 200 jet-tabs-frontend.min.js Show response
www.metabaseq.com/wp-content/plugins/jet-tabs/assets/js/ 19 KB
5 KB 757ms
753ms Script
text/javascript 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/jet-tabs/assets/js/jet-tabs-frontend.min.js?ver=2.2.0

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

2d7dab47b2ca62d3e77ad42df78b8979824619d2748c5e5180f5d469facf2536

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 05 Dec 2023 19:00:57 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 5322
x-xss-protection: 1; mode=block

GET
H2 200 jquery.sticky.min.js Show response
www.metabaseq.com/wp-content/plugins/elementor-pro/assets/lib/sticky/ 4 KB
2 KB 755ms
751ms Script
text/javascript 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.18.2

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

34bbd1c367ffc7d80fcff86c7e5f8777e70f4911bb324e8ecfc7dd3604a96e68

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 20 Dec 2023 22:02:23 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 1542
x-xss-protection: 1; mode=block

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 98ms
49ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C&display=fallback&ver=4.5.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.metabaseq.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:11:03 GMT
x-content-type-options: nosniff
age: 304590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jan 2025 04:11:03 GMT

GET
H2 200 NeueMachina-Regular.ttf
www.metabaseq.com/wp-content/uploads/2022/11/ 77 KB
78 KB 743ms
743ms Font
font/ttf 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/uploads/2022/11/NeueMachina-Regular.ttf

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/wp-content/uploads/elementor/css/post-25.css?ver=1704827431

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

cb350e6f601fb6178300b0870ff37e7cccd5e08e31b14429cfa4cb98499c318d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.metabaseq.com/wp-content/uploads/elementor/css/post-25.css?ver=1704827431
Origin: https://www.metabaseq.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 11 Nov 2022 01:15:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: font/ttf
accept-ranges: bytes
content-length: 79212
x-xss-protection: 1; mode=block

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 75ms
26ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.metabaseq.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 16:39:21 GMT
x-content-type-options: nosniff
age: 346092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 16:39:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 91ms
43ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.metabaseq.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 00:01:51 GMT
x-content-type-options: nosniff
age: 60342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 00:01:51 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 104ms
56ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.metabaseq.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 14:00:24 GMT
x-content-type-options: nosniff
age: 269229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jan 2025 14:00:24 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 69ms
21ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.metabaseq.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 17:31:59 GMT
x-content-type-options: nosniff
age: 342934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 17:31:59 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 158ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-YK2SFSQJSP&gtm=45je41a0v880428531&_p=1705423653738&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1375267094.1705423654&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705423653&sct=1&seg=0&dl=https%3A%2F%2Fwww.metabaseq.com%2Ffenix-botnet%2F&dt=Botnet%20Fenix%3A%20New%20botnet%20going%20after%20tax%20payers%20in%20Mexico%20and%20Chile%20-%20Metabase%20Q&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2635
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YK2SFSQJSP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 16:47:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.metabaseq.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 136ms
30ms Script
application/javascript 2606:4700::6811:e4a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20455591.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e4a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9092cb4fb3eafe925fa67a4dc6b62b7c769cbcb9a1420ecaf4b5d80edeae726

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:34 GMT
x-amz-version-id: 5iFzgPv7W58VCAVxkHMx4QTA.7HcSoUh
via: 1.1 b77313059f3d50280ced20238b151620.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 248
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.510/bundles/pixels-release.js&cfRay=8467d1402cb33a76-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: bfab4821-1b22-462c-ab4f-74ce7718a9d9
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: bfab4821-1b22-462c-ab4f-74ce7718a9d9
last-modified: Mon, 08 Jan 2024 15:41:50 UTC
server: cloudflare
etag: W/"ef358d7718df65ca620b75c779a3c331"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-bf946f66b-4xgj6
cf-ray: 8467d74dc909193b-FRA
x-amz-cf-id: d4fPQ7tEGvD8NazsoxTfVcDXXstTtX6t8Ay-w5R6PJ2FOApNJXTHVw==
x-hs-target-asset: adsscriptloaderstatic/static-1.510/bundles/pixels-release.js

GET
H2 200 20455591.js Show response
js.hs-analytics.net/analytics/1705423500000/ 66 KB
21 KB 287ms
182ms Script
text/javascript 2606:4700::6810:4fba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1705423500000/20455591.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20455591.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d246779c665f6942aa9b716b423d4573c94033e1d822a9be06404cd20b162adf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:34 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: EJ81W6XZJ627Q9MQ
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 7db8327d-d9dc-421b-9a94-aeab2146b6b0
x-envoy-upstream-service-time: 33
x-amz-id-2: wq9eLuMzrtIP8wh1Uw1B6X23LPSdKHlwKhOMMWmbQ7XYFXHQxT5+kzcNZdzBW5WKGJ3xmAEI4JRV4aZPmfLM8A==
x-evy-trace-listener: listener_https
x-request-id: 7db8327d-d9dc-421b-9a94-aeab2146b6b0
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 03 Jan 2024 16:55:44 GMT
server: cloudflare
etag: W/"1a501c2f8c30702c3a0acfa0a4b3fc5b"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-855d6bfb88-7zm4v
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8467d74dcc5b5c38-FRA
expires: Tue, 16 Jan 2024 16:52:34 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/20455591/ 73 KB
24 KB 397ms
292ms Script
text/javascript 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/20455591/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20455591.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c86ba6bb07a89c447341520a5505ade7c95cc302d26aebdbddfac2c98716e2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:34 GMT
x-amz-version-id: t0rGX0pX0Ui124IFpRqrHVeAlHuBbZt9
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: EJ86MBW5VG020VR1
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 9b462552-3fc3-46ff-aa36-8ad91400ddc2
x-envoy-upstream-service-time: 71
x-amz-id-2: qf9cprmEzeZ03VfQe0QQlXJ8iHTkcEN7iaQo9jaNct2e5ndeRrZahEEkXZgqAr9d+75xWwS81vE=
x-evy-trace-listener: listener_https
x-request-id: 9b462552-3fc3-46ff-aa36-8ad91400ddc2
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 11 Jan 2024 23:13:10 GMT
server: cloudflare
etag: W/"d0be3c53be414490042de4a74d6f0ea9"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.metabaseq.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-855d6bfb88-kff6g
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8467d74dcd1c65de-FRA
expires: Tue, 16 Jan 2024 16:52:34 GMT

GET
H2 200 destinations.min.js Show response
x.clearbitjs.com/v2/pk_04317e067aaeb2fc4cd631d8dd838d10/ 0
172 B 294ms
224ms Script
application/javascript 18.153.4.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v2/pk_04317e067aaeb2fc4cd631d8dd838d10/destinations.min.js

Requested by

Host: tag.clearbitscripts.com
URL: https://tag.clearbitscripts.com/v1/pk_04317e067aaeb2fc4cd631d8dd838d10/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.153.4.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-153-4-44.eu-central-1.compute.amazonaws.com

Software

Clearbit /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-response-flags: -
server: Clearbit
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600
content-length: 0

GET
H2 200 tracking.min.js Show response
x.clearbitjs.com/v2/pk_04317e067aaeb2fc4cd631d8dd838d10/ 168 KB
45 KB 294ms
224ms Script
application/javascript 18.153.4.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v2/pk_04317e067aaeb2fc4cd631d8dd838d10/tracking.min.js

Requested by

Host: tag.clearbitscripts.com
URL: https://tag.clearbitscripts.com/v1/pk_04317e067aaeb2fc4cd631d8dd838d10/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.153.4.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-153-4-44.eu-central-1.compute.amazonaws.com

Software

Clearbit /

Resource Hash

2d17cc11b3259f1757e255666c5efe5038e87b4dbcb2d63a8f5e5ce4ae1182bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600

POST
H2 200 p Show response
app.clearbit.com/v1/ 16 B
1 KB 301ms
230ms XHR
application/json 18.153.4.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clearbit.com/v1/p

Requested by

Host: x.clearbitjs.com
URL: https://x.clearbitjs.com/v2/pk_04317e067aaeb2fc4cd631d8dd838d10/tracking.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.153.4.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-153-4-44.eu-central-1.compute.amazonaws.com

Software

Clearbit /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.metabaseq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 16 Jan 2024 16:47:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding, Origin
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.metabaseq.com
access-control-expose-headers
content-security-policy-report-only: default-src 'self'; script-src 'unsafe-inline' 'report-sample' 'self' https://browser.sentry-cdn.com https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js https://cdn.clearbit.com https://cdn.segment.com/analytics.js/v1/auzWlbWIBrAsKnGQIiT0X3IjfZyepgW5/analytics.min.js https://checkout.stripe.com https://connect.facebook.net https://edge.fullstory.com/s/fs.js https://fast.appcues.com https://www.google-analytics.com/analytics.js https://x.clearbitjs.com https://cdn.clearbit.com https://*.commandbar.com; style-src 'unsafe-inline' 'report-sample' 'self' https://cdn.clearbit.com https://*.commandbar.com https://fast.appcues.com https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.amplitude.com https://*.commandbar.com https://api.segment.io https://checkout.stripe.com https://rs.fullstory.com https://www.google-analytics.com wss://api.appcues.net https://stats.g.doubleclick.net https://sentry.io https://logo.clearbit.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*.commandbar.com https://checkout.stripe.com; img-src 'self' https://*.commandbar.com https://*.stripe.com data: https://cdn.clearbit.com https://images.ctfassets.net https://logo.clearbit.com https://www.facebook.com https://connect.facebook.net https://www.google.com https://unpkg.com/react-flag-kit https://cloudfront.net/v1/avatars https://*.googleusercontent.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
access-control-allow-credentials: true
content-type: application/json

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 43 KB
16 KB 116ms
36ms Script
application/javascript 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Jan 2024 16:29:26 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=85247
accept-ranges: bytes
content-length: 15732

OPTIONS
H2 200 view
js.hs-banner.com/v2/activity/ 0
0 172ms
130ms Preflight
application/octet-stream 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/activity/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.metabaseq.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.metabaseq.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
cf-cache-status: DYNAMIC
cf-ray: 8467d7516f4dbb5b-FRA
content-length: 0
content-type: application/octet-stream
date: Tue, 16 Jan 2024 16:47:34 GMT
server: cloudflare
timing-allow-origin: *
vary: origin
x-envoy-upstream-service-time: 1
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-855d6bfb88-kff6g
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 9fef9365-51ed-4a1a-b8e7-59d2116df413
x-request-id: 9fef9365-51ed-4a1a-b8e7-59d2116df413

GET
H2 200 wp-emoji-release.min.js Show response
www.metabaseq.com/wp-includes/js/ 18 KB
5 KB 291ms
291ms Script
text/javascript 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 29 Mar 2023 20:57:00 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 5039
x-xss-protection: 1; mode=block

POST
H2 204 view
js.hs-banner.com/v2/activity/ 0
0 148ms
148ms Fetch 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-banner.com/v2/activity/view

Requested by

Host: js.hs-banner.com
URL: https://js.hs-banner.com/v2/20455591/banner.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.metabaseq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 16 Jan 2024 16:47:34 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator, envoyset-translator
x-hubspot-correlation-id: c5bc5d75-0a88-4a83-b896-9f8ef033d32e
x-envoy-upstream-service-time: 24
x-evy-trace-route-configuration: listener_http/all, listener_https/all
x-evy-trace-listener: listener_http, listener_https
x-request-id: c5bc5d75-0a88-4a83-b896-9f8ef033d32e
server: cloudflare
x-trace: 2B4F2312CFDB8E735AEDB49B07652DA823AE282F6F000000000000000000
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-evy-trace-virtual-host: all, all
x-evy-trace-served-by-pod: iad02/private-hubapi-td/envoy-proxy-c5f558dd8-m2sp2, iad02/analytics-js-proxy-td/envoy-proxy-855d6bfb88-z8lck
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-origin: https://www.metabaseq.com
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8467d7523811bb5b-FRA

GET
H2 200 Lato-Regular.woff2
js.hs-banner.com/v2/fonts/Lato/ 178 KB
179 KB 345ms
305ms Font
binary/octet-stream 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/fonts/Lato/Lato-Regular.woff2
Requested by: Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f

Request headers

Referer: https://www.metabaseq.com/
Origin: https://www.metabaseq.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:34 GMT
x-amz-version-id: 19GiAjtnZtKA4vYvvfjxgs0SOFKRH2df
cf-cache-status: MISS
x-amz-request-id: EJ846HRPGR8VP3WK
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 636b3672-afe0-4e5d-9350-72ddd47056c8
x-envoy-upstream-service-time: 77
content-length: 182708
x-amz-id-2: cXYS9BM4X/QRZDy9eFkg7B+DlDYWzzElVjogtmwf6+dQJTNzmp8hJ2jFJZJxUAF+tKX666rhcUo=
x-evy-trace-listener: listener_https
x-request-id: 636b3672-afe0-4e5d-9350-72ddd47056c8
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 12 Sep 2022 19:35:55 GMT
server: cloudflare
etag: "bd03a2cc277bbbc338d464e679fe9942"
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: binary/octet-stream
access-control-allow-origin: https://www.metabaseq.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
access-control-allow-credentials: true
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8467d7516f48bb5b-FRA
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-855d6bfb88-dk98m

GET
H2 200 Lato-Bold.woff2
js.hs-banner.com/v2/fonts/Lato/ 181 KB
182 KB 574ms
534ms Font
binary/octet-stream 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/fonts/Lato/Lato-Bold.woff2
Requested by: Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae88fc0d7a961832f809527d30bd3983a6866d42f66a56ade23f543681594db6

Request headers

Referer: https://www.metabaseq.com/
Origin: https://www.metabaseq.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:35 GMT
x-amz-version-id: sfEPVBYCXt80T0z5ul_KVf4SJIaFn86j
cf-cache-status: MISS
x-amz-request-id: EJ8F37RKFZXRZKA2
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 4d2a236f-2347-4b78-a23f-224700c951c5
x-envoy-upstream-service-time: 36
content-length: 184912
x-amz-id-2: 9kOn0+fIPUSixNCHuTFCvWb/1cNcQTJDmpyb2QdobVP5v2K3aDRKY9POGi2lYxF275oGfJOaJqw=
x-evy-trace-listener: listener_https
x-request-id: 4d2a236f-2347-4b78-a23f-224700c951c5
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 12 Sep 2022 19:35:53 GMT
server: cloudflare
etag: "cccb897485813c7c256901dbca54ecf2"
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: binary/octet-stream
access-control-allow-origin: https://www.metabaseq.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
access-control-allow-credentials: true
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8467d7516f4abb5b-FRA
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-855d6bfb88-dk98m

GET
H2 200 mega-menu.c110964c979ac8e65895.bundle.min.js Show response
www.metabaseq.com/wp-content/plugins/elementor-pro/assets/js/ 20 KB
5 KB 248ms
247ms Script
text/javascript 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/elementor-pro/assets/js/mega-menu.c110964c979ac8e65895.bundle.min.js

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.18.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

79a18aff093260fecafdc6b21d361e2fc3ad5b5a6df132107c9490dc32b86e4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 20 Dec 2023 22:02:23 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 5278
x-xss-protection: 1; mode=block

GET
H2 200 mega-menu-stretch-content.b203a97f096c18f3d1a2.bundle.min.js Show response
www.metabaseq.com/wp-content/plugins/elementor-pro/assets/js/ 926 B
747 B 250ms
249ms Script
text/javascript 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/elementor-pro/assets/js/mega-menu-stretch-content.b203a97f096c18f3d1a2.bundle.min.js

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.18.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

57e35b1604a403eba78177ca6db63ec98e4fb1fb5dc7a2ccfc54ff613bdbf93f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 20 Dec 2023 22:02:23 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 469
x-xss-protection: 1; mode=block

GET
H2 200 menu-title-keyboard-handler.e81e3b1492bbd9ba31f3.bundle.min.js Show response
www.metabaseq.com/wp-content/plugins/elementor-pro/assets/js/ 3 KB
1 KB 248ms
248ms Script
text/javascript 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/elementor-pro/assets/js/menu-title-keyboard-handler.e81e3b1492bbd9ba31f3.bundle.min.js

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.18.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f3d9cf40f5ab3a8ea501c73a2b212e5136545279db7d8f0835524e2abaf4cbe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 20 Dec 2023 22:02:23 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 1024
x-xss-protection: 1; mode=block

GET
H2 200 text-editor.2c35aafbe5bf0e127950.bundle.min.js Show response
www.metabaseq.com/wp-content/plugins/elementor/assets/js/ 1 KB
943 B 240ms
239ms Script
text/javascript 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.18.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

d191094291904cb0410cf3a475ea46eee6573c0922cc204759445e326d6d9233

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 20 Dec 2023 20:57:27 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 665
x-xss-protection: 1; mode=block

GET
H2 200 form.10bf1a6475f0741920ff.bundle.min.js Show response
www.metabaseq.com/wp-content/plugins/elementor-pro/assets/js/ 19 KB
5 KB 240ms
240ms Script
text/javascript 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/elementor-pro/assets/js/form.10bf1a6475f0741920ff.bundle.min.js

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.18.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

66e7a822e3dfbd471494bdf44a81d28511dc9da11235a3ff93301cc393cdc4cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 20 Dec 2023 22:02:23 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 4994
x-xss-protection: 1; mode=block

GET
H2 200 popup.085c1727e36940b18f29.bundle.min.js Show response
www.metabaseq.com/wp-content/plugins/elementor-pro/assets/js/ 751 B
721 B 238ms
238ms Script
text/javascript 159.65.97.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metabaseq.com/wp-content/plugins/elementor-pro/assets/js/popup.085c1727e36940b18f29.bundle.min.js

Requested by

Host: www.metabaseq.com
URL: https://www.metabaseq.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.18.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.65.97.158 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

17c021f556d50e2dbd2883c917825f76cb01c2a6a83f32ab9bfc5802fff1713f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/fenix-botnet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 20 Dec 2023 22:02:23 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 443
x-xss-protection: 1; mode=block

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4661010&time=1705423654704&url=https%3A%2F%2Fwww.metabaseq.com%2Ffenix-botnet%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4661010&time=1705423654704&url=https%3A%2F%2Fwww.metabaseq.com%2Ffenix-botnet%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4661010%26time%3D1705423654704%26url%3Dhttps%253A%252F%252Fwww.metabaseq.com%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4661010&time=1705423654704&url=https%3A%2F%2Fwww.metabaseq.com%2Ffenix-botnet%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4661010&time=1705423654704&url=https%3A%2F%2Fwww.metabaseq.com%2Ffenix-botnet%2F&cookiesTest=true&liSync=true&e_ipv6=AQKmoiM7oMOLfAAAAY0TK9EHpkJd...

0
266 B

273ms
184ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4661010&time=1705423654704&url=https%3A%2F%2Fwww.metabaseq.com%2Ffenix-botnet%2F&cookiesTest=true&liSync=true&e_ipv6=AQKmoiM7oMOLfAAAAY0TK9EHpkJdy4tdIhWLjrzFvVzZU1H0vp_LZZs6flBD3z4PCTygerTaRqtSiA
Requested by: Host: www.metabaseq.com
URL: https://www.metabaseq.com/fenix-botnet/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:35 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 9319FD62381D454FA98CE4FF5DC2B336 Ref B: DUS30EDGE0407 Ref C: 2024-01-16T16:47:35Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPEuMr0AXn2d7tWaeFLA==

Redirect headers

date: Tue, 16 Jan 2024 16:47:34 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 2074F8310F4F482883FFC6859BF1C5D0 Ref B: FRAEDGE1809 Ref C: 2024-01-16T16:47:35Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4661010&time=1705423654704&url=https%3A%2F%2Fwww.metabaseq.com%2Ffenix-botnet%2F&cookiesTest=true&liSync=true&e_ipv6=AQKmoiM7oMOLfAAAAY0TK9EHpkJdy4tdIhWLjrzFvVzZU1H0vp_LZZs6flBD3z4PCTygerTaRqtSiA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPEuMoa92lUxHrNIAppQ==

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
196 B 122ms
121ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://www.metabaseq.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 16 Jan 2024 16:47:35 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: CF2CDADB088C4B9697F0386D5215B608 Ref B: FRAEDGE1809 Ref C: 2024-01-16T16:47:35Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
access-control-allow-origin: https://www.metabaseq.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYPEuMufFUyfNvtOHtjRQ==

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 252ms
206ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2818260241&v=1.1&a=20455591&ct=blog-post&rcu=https%3A%2F%2Fwww.metabaseq.com%2Ffenix-botnet%2F&pu=https%3A%2F%2Fwww.metabaseq.com%2Ffenix-botnet%2F&t=Botnet+Fenix%3A+New+botnet+going+after+tax+payers+in+Mexico+and+Chile+-+Metabase+Q&cts=1705423655515&rv=1&vi=fcd952bc6b086b2e3f20321e4f2bbfd1&nc=true&ce=false&cc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metabaseq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:47:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 13b4259d-43d7-427d-b237-fd95b05f44f1
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 62
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 13b4259d-43d7-427d-b237-fd95b05f44f1
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VvKz%2BNRxguIiacFnHx8Cwps0s34jpkZuJlRWob%2FwW8sv%2Fqt1igM3R2GK1fFltyaWcaHMO3RY9na8lOZASLvCRNMdRTOBcLOHpZTZPb7%2BG6DqxD%2FY2gQYouG%2F0WHYd7KRKbFocxSpOgi35%2BMvsefh"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-865d96945d-bl56c
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8467d7575ca19b5d-FRA
x-robots-tag: none

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.metabaseq.com/	1970-01-21 02:29:19	Name: pll_language Value: en
.metabaseq.com/	1970-01-21 03:19:43	Name: _ga Value: GA1.1.1375267094.1705423654
.metabaseq.com/	1970-01-21 02:29:19	Name: cb_user_id Value: null
.metabaseq.com/	1970-01-21 02:29:19	Name: cb_group_id Value: null
.metabaseq.com/	1970-01-21 02:29:19	Name: cb_anonymous_id Value: %222e5e51e4-c886-45bb-bfc7-662e30580c49%22
.linkedin.com/	1970-01-20 19:53:19	Name: li_sugr Value: 37e10ff7-a6ac-40fa-8675-3601e2b96c2d
.linkedin.com/	1970-01-21 02:29:19	Name: bcookie Value: "v=2&fb0e925d-423b-4b04-848d-65908f96262a"
.linkedin.com/	1970-01-20 17:45:10	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=3118:u=1:x=1:i=1705423654:t=1705510054:v=2:sig=AQGUJTBvzWZzbSYiPxUwIswvGI_O1nz2"
.linkedin.com/	1970-01-20 18:26:55	Name: UserMatchHistory Value: AQJmzPwm00RdgQAAAY0TK9AQoopVzdMGZd-9nSSlMYWYxqPD2qpMkP8btnbBEQvtIRBGUvyVlgQdsQ
.linkedin.com/	1970-01-20 18:26:55	Name: AnalyticsSyncHistory Value: AQLUPvmIRO0PXgAAAY0TK9AQplU0iu4ZadXSbYvArgmNQvHFwO0Dhvl3l-ZxfgkWycehPG6_vDPqfC9AG80A4w
.www.linkedin.com/	1970-01-21 02:29:19	Name: bscookie Value: "v=1&20240116164735f05ba11b-3760-40b4-84a1-ec1b14cb6c31AQGECLFGowg_mWh5u4mk53DA5viW9251"
.linkedin.com/	1970-01-20 22:02:55	Name: li_gc Value: MTswOzE3MDU0MjM2NTU7MjswMjG4tkEcJIVTBowpLp2bmEb+EEpLvoGC/u9jpG8sxJpApA==
.hubspot.com/	1970-01-20 17:43:45	Name: __cf_bm Value: mAaQjsv_EadZUIWyZWRpGhOueS.noo03Wzb1oU_Xgw4-1705423655-1-ASeVp9WjNY9AMJ2aHTjFLW5iT1tc0qXZoh3Hz7ta3rCdEKjOAVyLniwJbPR/cBCLvIxN0RHbrz75x3itqsl47tA=
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: CjsPu8ZrbuqBub1eZ1oiCRpHo_aLurx4B0ZAtieZBrM-1705423655755-0-604800000

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.clearbit.com
fonts.googleapis.com
fonts.gstatic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
snap.licdn.com
tag.clearbitscripts.com
track.hubspot.com
www.googletagmanager.com
www.linkedin.com
www.metabaseq.com
x.clearbitjs.com
13.107.42.14
159.65.97.158
18.153.4.44
2001:4860:4802:32::36
2600:9000:2104:9400:7:d7d6:3c40:93a1
2606:4700:4400::ac40:991b
2606:4700::6810:4fba
2606:4700::6810:bb59
2606:4700::6811:e4a3
2606:4700::6813:9b53
2620:1ec:21::14
2a00:1450:4001:810::2008
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2003
2a02:26f0:3500:16::215:148f
0744da2f7421d9e81c901952ea7a214e31eac90c2752b5944b49117404966a9e
17c021f556d50e2dbd2883c917825f76cb01c2a6a83f32ab9bfc5802fff1713f
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
22fefbaca9f4673b2cd795f760c52d36e9d6706013f8f48ed56ff9de2527b438
2d17cc11b3259f1757e255666c5efe5038e87b4dbcb2d63a8f5e5ce4ae1182bc
2d7dab47b2ca62d3e77ad42df78b8979824619d2748c5e5180f5d469facf2536
32fca45f5a769e6e990e6a42cd29640f34d2d152280a33fdcf7abfbfebd8905a
33a33e90866b073baac7fb623cc876c9a1a2753ebda8292950f71db962d68801
33b96327c135375378cb23a13875d5db16ef90889946ce45a562c3e98f9ebbfb
34bbd1c367ffc7d80fcff86c7e5f8777e70f4911bb324e8ecfc7dd3604a96e68
3ab0f81b1bc9a21007ec2f3324ea5f05f42bfd5b9559d78e444470d79b1a045d
3c0264ba5c7a2d32a3512b189e02c438c1fbed5654abbbd1c5011b50026df9eb
3c86ba6bb07a89c447341520a5505ade7c95cc302d26aebdbddfac2c98716e2f
3fe9b6aa7e4ff987d54327a161480a1a71b78f5d6512107fa39e4b67cb750ac2
3ff01f696813d945f1abe4a94fda4cca807574b7fd55d7fd1393f818046af1fc
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4b1b3ceeb34db2c2b663783e1d499d7f34aec49b9a1181cb7377a8d2bf6a0fcc
4c77eae83f555b5b989e2a2e0e422710e457226353df78e3e880ea8649a0304d
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
503f20b8f6709c55f119a78910163881b3b3ac32d9b6283a914be20107111f3b
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
57e35b1604a403eba78177ca6db63ec98e4fb1fb5dc7a2ccfc54ff613bdbf93f
5e4bcd9b88cbbde3deb757d328d37cacaa5481b3966f54bfe3d20baa218b5a2e
5ecb54f91384af7226cb4f18f87588edd49ceff5bdd4a3010336e1c22ccc390d
5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55
638f1981b98be004b8c64787dfc4e8803262ffc075dd39825cacabc19b8cbd64
66e7a822e3dfbd471494bdf44a81d28511dc9da11235a3ff93301cc393cdc4cf
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
69ec6d8395bdb34e96cf0d75641de583c6d70251080827fc4133a442106abfd8
6ecbdb2dc3f86c7ed142dce156d8f3ca1846b75bb512471935f45b8c8949645e
75db663f63c3505c2d1d2c41b82da41465bcd39b390516728f7fd323f95f644e
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596
79a18aff093260fecafdc6b21d361e2fc3ad5b5a6df132107c9490dc32b86e4e
7a84b8a454e84c689e5d3e3078c165647b2e4e13795814fc25b5932bd2e96402
7bea52870565b59df00c668da996503d3830152add01ac496c274f6757def76c
7c86ac4f9d0f39cfb4b936e8684150765ab66e53df366d425955c90bbc4c45e7
8341038e05d7bde80b568c5e35469f523159f9b192af90000e7b2ac7711f92e6
87356b574bf7b1e2ed2486d02f4f5b26c064417c769e5f4762c1ed31de77ba24
89085438de041f83ab38d1880c4a877e42ea18766e68eb3e862955fd128ddebd
8e604215fe4a988196d6b824554fad49143f7450349b4a2a285dad3faeba2f7b
942c9264f9de00fecac162d8f657d9d32a977882341f6ab66e8bf98dab5e1e76
948b2050f05aced99720a61b327accdbe0b58e853ec7e998b67894548dd1b326
97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264
983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f
9b98b7590f50db3057023e1ce91483b8fcd6f2c7f267d18d1a22ff66c0a638be
9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf
a80832ff60a3d364cf73a18e8bc0456c019db7b63c3bc691f2f7ffa566dc7a05
a963dff6e5b8cadb16d6b0a68f9b8c4c69fa5091583094fd65ebd53a9f743701
aafa41b8042bb41c7cd9b055bf5b63696725aa56ad071eca9a13f2e36e5493d3
ae88fc0d7a961832f809527d30bd3983a6866d42f66a56ade23f543681594db6
af285b47dd732309538be6eafe0ae2423342be748c920a70c3f68f3e421ae86a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b23217bb85286c3da5ee1bc14164d481455932e3a89ed7e96b1e3f6e7284c67a
b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0
b951172c2f809efa4076bc3633b658d27836acca79e718320d48c1a860eb57e3
ba8bea6a6bbbb634afd80fa6128f556a2d09331a9b5e14754d134c43748d5dcd
bde7b9939ab28c13d417512529dc94544d0d925f87fbbd8a05e791865dcdae2d
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a
c6235492a3c6dc18bf9787615c876f10c90c596c1fdb30585513cf93706f4861
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cb350e6f601fb6178300b0870ff37e7cccd5e08e31b14429cfa4cb98499c318d
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc9de0408b9e78b2b854e8f35236896ac64ec2fb16bc15b85a14bf3e52a15419
cdf5e9b942c4d6c912fc5065a59606bcb44852c13e4a82ba7b8927409aba0766
d191094291904cb0410cf3a475ea46eee6573c0922cc204759445e326d6d9233
d246779c665f6942aa9b716b423d4573c94033e1d822a9be06404cd20b162adf
d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
d9092cb4fb3eafe925fa67a4dc6b62b7c769cbcb9a1420ecaf4b5d80edeae726
da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e1053993fc74fe411a7510da9cecb4d1e807e113dc647e08c40d7f9670350ed0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea545fbe45f0f4005e27955f6b63c236438679566c666842f98c24dac9d3e70e
eec87d1b2a34ea0b14b9d4b28ef142ae34e2b915022cbbeb5c0044101a98bd83
f0c4203659233a44c5c46c1c3be6c73536ee17e40497d339af59372fa17cd6a3
f3d9cf40f5ab3a8ea501c73a2b212e5136545279db7d8f0835524e2abaf4cbe2
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7e5b0c06ee5bbc14d3e9e9f3055b8108bab899e37aec44a227485f3c3624cee
fdf2fefd85c8ab3efa841f4cf22787b8dbdd54c2cb5ad07406fa0cfc26ffbc11
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
feed57dd432e25f76353769588206e9bf522528d006c0139766a96569b3ff3a2

www.metabaseq.com Open in urlscan Pro 159.65.97.158 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

95 Requests

98 %HTTPS

80 %IPv6

15 Domains

17 Subdomains

16 IPs

2 Countries

3882 kBTransfer

5818 kBSize

14 Cookies

5 Outgoing links

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.metabaseq.com Open in urlscan Pro
159.65.97.158 Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

98 %
HTTPS

80 %
IPv6

15
Domains

17
Subdomains

16
IPs

2
Countries

3882 kB
Transfer

5818 kB
Size

14
Cookies

95 HTTP transactions
0 data transactions