Submitted URL: https://admin.tonyh53.sg-host.com/
Effective URL: https://admin.tonyh53.sg-host.com/clientarea.php
Submission: On August 29 via api from US — Scanned from US

Summary

This website contacted 14 IPs in 1 countries across 10 domains to perform 31 HTTP transactions. The main IP is 34.174.212.234, located in Dallas, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is admin.tonyh53.sg-host.com.
TLS certificate: Issued by R3 on August 29th 2023. Valid for: 3 months.
This is the only time admin.tonyh53.sg-host.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
12 sg-host.com
admin.tonyh53.sg-host.com
425 KB
4 gosquared.com
data2.gosquared.com — Cisco Umbrella Rank: 45450
static.gosquared.com — Cisco Umbrella Rank: 278566
103 KB
4 google.com
analytics.google.com — Cisco Umbrella Rank: 166
www.google.com — Cisco Umbrella Rank: 2
877 B
3 gs-chat.com
js.gs-chat.com — Cisco Umbrella Rank: 273481
metrics.gs-chat.com
57 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 93
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
225 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
21 KB
2 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1686
29 KB
1 segment.io
api.segment.io — Cisco Umbrella Rank: 1202
181 B
1 cloudfront.net
d1l6p2sc9645hc.cloudfront.net
5 KB
31 10
Domain Requested by
12 admin.tonyh53.sg-host.com 4 redirects admin.tonyh53.sg-host.com
3 www.googletagmanager.com admin.tonyh53.sg-host.com
www.googletagmanager.com
2 metrics.gs-chat.com js.gs-chat.com
2 static.gosquared.com admin.tonyh53.sg-host.com
2 www.google.com admin.tonyh53.sg-host.com
2 data2.gosquared.com d1l6p2sc9645hc.cloudfront.net
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 analytics.google.com www.googletagmanager.com
2 www.google-analytics.com admin.tonyh53.sg-host.com
www.google-analytics.com
2 cdn.segment.com admin.tonyh53.sg-host.com
cdn.segment.com
1 api.segment.io cdn.segment.com
1 js.gs-chat.com d1l6p2sc9645hc.cloudfront.net
1 googleads.g.doubleclick.net www.googletagmanager.com
1 d1l6p2sc9645hc.cloudfront.net admin.tonyh53.sg-host.com
31 14

This site contains links to these domains. Also see Links.

Domain
gs-chat.com
Subject Issuer Validity Valid
admin.tonyh53.sg-host.com
R3
2023-08-29 -
2023-11-27
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
*.segment.com
Amazon RSA 2048 M01
2023-02-24 -
2024-01-12
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
*.google.com
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
gosquared.com
Amazon RSA 2048 M02
2023-02-22 -
2023-11-23
9 months crt.sh
www.google.com
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
*.segment.io
Amazon RSA 2048 M01
2023-02-10 -
2024-02-10
a year crt.sh

This page contains 1 frames:

Primary Page: https://admin.tonyh53.sg-host.com/clientarea.php
Frame ID: 7336FFD228C4E15EDBB73FADC3BC5392
Requests: 30 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://admin.tonyh53.sg-host.com/ HTTP 302
    https://admin.tonyh53.sg-host.com/index.php?m=dashboard HTTP 302
    https://admin.tonyh53.sg-host.com/index.php?m=subcontact HTTP 302
    https://admin.tonyh53.sg-host.com/login.php HTTP 302
    https://admin.tonyh53.sg-host.com/clientarea.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Overall confidence: 100%
Detected patterns
  • tracker\.js

Page Statistics

31
Requests

100 %
HTTPS

71 %
IPv6

10
Domains

14
Subdomains

14
IPs

1
Countries

866 kB
Transfer

1699 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://admin.tonyh53.sg-host.com/ HTTP 302
    https://admin.tonyh53.sg-host.com/index.php?m=dashboard HTTP 302
    https://admin.tonyh53.sg-host.com/index.php?m=subcontact HTTP 302
    https://admin.tonyh53.sg-host.com/login.php HTTP 302
    https://admin.tonyh53.sg-host.com/clientarea.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request clientarea.php
admin.tonyh53.sg-host.com/
Redirect Chain
  • https://admin.tonyh53.sg-host.com/
  • https://admin.tonyh53.sg-host.com/index.php?m=dashboard
  • https://admin.tonyh53.sg-host.com/index.php?m=subcontact
  • https://admin.tonyh53.sg-host.com/login.php
  • https://admin.tonyh53.sg-host.com/clientarea.php
4 KB
2 KB
Document
General
Full URL
https://admin.tonyh53.sg-host.com/clientarea.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.212.234 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.212.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b73c27800286ea7972204f6283e39d0cae93a908cc8df1a65ca4df16179ccc63

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 29 Aug 2023 07:36:30 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
host-header
6b7412fb82ca5edfd0917e3957f05d89
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-httpd
1
x-proxy-cache
MISS
x-proxy-cache-info
0 NC:000000 UP:SKIP_CACHE_NO_CACHE

Redirect headers

content-type
text/html; charset=UTF-8
date
Tue, 29 Aug 2023 07:36:30 GMT
host-header
6b7412fb82ca5edfd0917e3957f05d89
location
clientarea.php
server
nginx
x-httpd
1
x-proxy-cache
MISS
x-proxy-cache-info
0302 NC:000000 UP:
stylesheet.css
admin.tonyh53.sg-host.com/templates/downstream/login/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://admin.tonyh53.sg-host.com/templates/downstream/login/css/stylesheet.css
Requested by
Host: admin.tonyh53.sg-host.com
URL: https://admin.tonyh53.sg-host.com/clientarea.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.212.234 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.212.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f77d27b6c2367547ef9c464ba1714db614710c8448820756f1c1fabf2192df14

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.tonyh53.sg-host.com/clientarea.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:36:30 GMT
content-encoding
br
last-modified
Tue, 29 Aug 2023 05:40:21 GMT
server
nginx
etag
W/"64ed84c5-f24"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Wed, 28 Aug 2024 07:36:30 GMT
bootstrap.min.css
admin.tonyh53.sg-host.com/templates/downstream/css/
98 KB
15 KB
Stylesheet
General
Full URL
https://admin.tonyh53.sg-host.com/templates/downstream/css/bootstrap.min.css
Requested by
Host: admin.tonyh53.sg-host.com
URL: https://admin.tonyh53.sg-host.com/clientarea.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.212.234 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.212.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.tonyh53.sg-host.com/clientarea.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:36:30 GMT
content-encoding
br
last-modified
Tue, 29 Aug 2023 05:40:21 GMT
server
nginx
etag
W/"64ed84c5-18679"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Wed, 28 Aug 2024 07:36:30 GMT
js
www.googletagmanager.com/gtag/
248 KB
85 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y1P5Q809B7
Requested by
Host: admin.tonyh53.sg-host.com
URL: https://admin.tonyh53.sg-host.com/clientarea.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0cae36ece2ab55c915554edbd61fcd90e0e19e9ed3706e2ed063044da38e6433
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.tonyh53.sg-host.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:36:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86607
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 29 Aug 2023 07:36:31 GMT
js
www.googletagmanager.com/gtag/
193 KB
70 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-739524770
Requested by
Host: admin.tonyh53.sg-host.com
URL: https://admin.tonyh53.sg-host.com/clientarea.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
18c969bd8dc7239493b3e0ffb1998aa104cd9f5680996b4964ad2c6d9a7d3895
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.tonyh53.sg-host.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:36:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71409
x-xss-protection
0
last-modified
Tue, 29 Aug 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 29 Aug 2023 07:36:31 GMT
fontawesome-all.min.css
admin.tonyh53.sg-host.com/assets/css/
153 KB
27 KB
Stylesheet
General
Full URL
https://admin.tonyh53.sg-host.com/assets/css/fontawesome-all.min.css
Requested by
Host: admin.tonyh53.sg-host.com
URL: https://admin.tonyh53.sg-host.com/clientarea.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.212.234 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.212.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2c694cfafd5c00ba4a7a2110060eb937afccfc1d7b745a319c49764fe4ef017c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.tonyh53.sg-host.com/clientarea.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:36:30 GMT
content-encoding
br
last-modified
Tue, 29 Aug 2023 05:40:14 GMT
server
nginx
etag
W/"64ed84be-26338"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Wed, 28 Aug 2024 07:36:30 GMT
logo.png
admin.tonyh53.sg-host.com/templates/downstream/login/images/
3 KB
3 KB
Image
General
Full URL
https://admin.tonyh53.sg-host.com/templates/downstream/login/images/logo.png
Requested by
Host: admin.tonyh53.sg-host.com
URL: https://admin.tonyh53.sg-host.com/clientarea.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.212.234 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.212.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b977e764041a50a10023dde58f55c1a66a7d6cc482ffae189e1811080755c76c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.tonyh53.sg-host.com/clientarea.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:36:31 GMT
last-modified
Tue, 29 Aug 2023 05:40:21 GMT
server
nginx
etag
"64ed84c5-c5c"
x-proxy-cache-info
DT:1
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
3164
expires
Wed, 28 Aug 2024 07:36:31 GMT
analytics.min.js
cdn.segment.com/analytics.js/v1/gKjad2sxgEWI1xfr1WXg6zFGsOn6ZLqK/
105 KB
28 KB
Script
General
Full URL
https://cdn.segment.com/analytics.js/v1/gKjad2sxgEWI1xfr1WXg6zFGsOn6ZLqK/analytics.min.js
Requested by
Host: admin.tonyh53.sg-host.com
URL: https://admin.tonyh53.sg-host.com/clientarea.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-38-199.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2a0e4e4316cbb92f87fcadb21feefea19a6cffaa13cc68b77dc6bcd610360d5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.tonyh53.sg-host.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id
PMn04BRxlGgft58hfseclY9Bj_m0PZ6Q
content-encoding
br
via
1.1 ba636ce43f1cebcb0c172b8070a33b14.cloudfront.net (CloudFront)
date
Tue, 29 Aug 2023 07:36:32 GMT
x-amz-cf-pop
EWR53-C2
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 08 Jun 2023 00:04:05 GMT
server
AmazonS3
etag
W/"3d6dc1b9ceae969e531c160da2cc5654"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
QMUSAxOu3A0FJOvQgXxCjkNnK8auwDI6srgZN7YTcBQW_c6nZw612g==
tracker.js
d1l6p2sc9645hc.cloudfront.net/
10 KB
5 KB
Script
General
Full URL
https://d1l6p2sc9645hc.cloudfront.net/tracker.js
Requested by
Host: admin.tonyh53.sg-host.com
URL: https://admin.tonyh53.sg-host.com/clientarea.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:5e00:f:fd8f:b000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c0c93bd2af50b79c2af408b51f22dcd4c74eb07ce8a69dcd6ce9854a892bf91

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.tonyh53.sg-host.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 04:25:35 GMT
content-encoding
gzip
via
1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
last-modified
Wed, 29 Mar 2023 14:29:44 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
11457
x-amz-server-side-encryption
AES256
etag
W/"7cb74b8ca9358893c16eb0857a2322ca"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=UTF-8
cache-control
max-age=43200, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
mOWFgi8WfnYN20XO47RggLTEoWG5abD5vL3RCT-DtkVTeiVVqzPsUA==
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: admin.tonyh53.sg-host.com
URL: https://admin.tonyh53.sg-host.com/clientarea.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.tonyh53.sg-host.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 29 Aug 2023 06:40:55 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3336
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 29 Aug 2023 08:40:55 GMT
bannernw.jpg
admin.tonyh53.sg-host.com/templates/downstream/login/images/
347 KB
347 KB
Image
General
Full URL
https://admin.tonyh53.sg-host.com/templates/downstream/login/images/bannernw.jpg
Requested by
Host: admin.tonyh53.sg-host.com
URL: https://admin.tonyh53.sg-host.com/templates/downstream/login/css/stylesheet.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.212.234 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.212.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
8157bcc0472167db7967264ae4d68f1739cc73ab306c6720acbe359e18cedfa6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.tonyh53.sg-host.com/templates/downstream/login/css/stylesheet.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:36:31 GMT
last-modified
Tue, 29 Aug 2023 05:40:21 GMT
server
nginx
etag
"64ed84c5-56a5f"
x-proxy-cache-info
DT:1
content-type
image/jpeg
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
354911
expires
Wed, 28 Aug 2024 07:36:31 GMT
input-field.png
admin.tonyh53.sg-host.com/templates/downstream/login/images/
1 KB
2 KB
Image
General
Full URL
https://admin.tonyh53.sg-host.com/templates/downstream/login/images/input-field.png
Requested by
Host: admin.tonyh53.sg-host.com
URL: https://admin.tonyh53.sg-host.com/templates/downstream/login/css/stylesheet.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.212.234 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.212.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
14990879b9fccabd19c08628fcdf6aa7ae7a6fb73e3999a74f4b2dcfd3d6077d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.tonyh53.sg-host.com/templates/downstream/login/css/stylesheet.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:36:31 GMT
last-modified
Tue, 29 Aug 2023 05:40:21 GMT
server
nginx
etag
"64ed84c5-574"
x-proxy-cache-info
DT:1
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
1396
expires
Wed, 28 Aug 2024 07:36:31 GMT
proximanova-regular-webfont.woff
admin.tonyh53.sg-host.com/templates/downstream/login/fonts/
26 KB
26 KB
Font
General
Full URL
https://admin.tonyh53.sg-host.com/templates/downstream/login/fonts/proximanova-regular-webfont.woff
Requested by
Host: admin.tonyh53.sg-host.com
URL: https://admin.tonyh53.sg-host.com/templates/downstream/login/css/stylesheet.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.212.234 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.212.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b58d0bcb0dd7db4ae82d4b4dc391794dda001c87e1a80709663bdee29a47e6a6

Request headers

Referer
https://admin.tonyh53.sg-host.com/templates/downstream/login/css/stylesheet.css
Origin
https://admin.tonyh53.sg-host.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:36:31 GMT
last-modified
Tue, 29 Aug 2023 05:40:21 GMT
server
nginx
etag
"64ed84c5-6804"
x-proxy-cache-info
DT:1
content-type
font/woff
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
26628
expires
Wed, 28 Aug 2024 07:36:31 GMT
collect
analytics.google.com/g/
0
261 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-Y1P5Q809B7&gtm=45je38n0&_p=868150346&_gaz=1&cid=538785738.1693294592&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693294591&sct=1&seg=0&dl=https%3A%2F%2Fadmin.tonyh53.sg-host.com%2Fclientarea.php&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y1P5Q809B7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.tonyh53.sg-host.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 07:36:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://admin.tonyh53.sg-host.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
47 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Y1P5Q809B7&cid=538785738.1693294592&gtm=45je38n0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y1P5Q809B7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.tonyh53.sg-host.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 07:36:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://admin.tonyh53.sg-host.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
193 KB
70 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-739524770&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y1P5Q809B7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5cbffd794128e097a67a7fda02a71f0a4c62bd81cc7b750e44c9b9cb7af6ffc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.tonyh53.sg-host.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:36:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71403
x-xss-protection
0
last-modified
Tue, 29 Aug 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 29 Aug 2023 07:36:31 GMT
collect
www.google-analytics.com/j/
4 B
216 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=868150346&t=pageview&_s=1&dl=https%3A%2F%2Fadmin.tonyh53.sg-host.com%2Fclientarea.php&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=1021772309&gjid=1898565496&cid=538785738.1693294592&tid=UA-61703923-1&_gid=2070729576.1693294592&_r=1&_slc=1&z=1555567288
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://admin.tonyh53.sg-host.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 07:36:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://admin.tonyh53.sg-host.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pv
data2.gosquared.com/
309 B
380 B
Script
General
Full URL
https://data2.gosquared.com/pv?cs=UTF-8&cd=24&la=en-US&sw=1600&sh=1200&dp=1&tp=0&pu=https%3A%2F%2Fadmin.tonyh53.sg-host.com%2Fclientarea.php&pt=-&ri=0&ru=-&re=0&vi=1&pv=1&lv=0&vw=1600&vh=1200&dw=1600&dh=1200&st=0&sl=0&tz=600&cp=custom%3DoGoogle_Click_ID%253Ds%2526WHMCS_Client_View_Type%253Ds%2526Signup_URL%253Dshttps%25253A%25252Fadmin.protectitnow.com%25252Findex.php%25253Fm%25253Dorderform%252526action%25253Dquote_setup%252526gclid%25253D&rc=1&cb=0&a=GSN-939234-Y&id=023aebc803a7bfdd4fa3549c9f7e05f9&tv=6.7.1937
Requested by
Host: d1l6p2sc9645hc.cloudfront.net
URL: https://d1l6p2sc9645hc.cloudfront.net/tracker.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.250.169 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-250-169.compute-1.amazonaws.com
Software
/
Resource Hash
4b925578c2bf8bc646f27eebd83ca4c155293c43e5b3a1863447f3446b2b76c1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.tonyh53.sg-host.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:36:31 GMT
content-length
309
content-type
text/javascript
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/739524770/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/739524770/?random=1693294591616&cv=11&fst=1693294591616&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fadmin.tonyh53.sg-host.com%2Fclientarea.php&hn=www.googleadservices.com&frm=0&auid=831282357.1693294592&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-739524770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2e2ce4dd4e418204dd661f86dd3c1a7d3766d8069516c1a562cdbad88a15550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.tonyh53.sg-host.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 07:36:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings
cdn.segment.com/v1/projects/gKjad2sxgEWI1xfr1WXg6zFGsOn6ZLqK/
565 B
1 KB
Fetch
General
Full URL
https://cdn.segment.com/v1/projects/gKjad2sxgEWI1xfr1WXg6zFGsOn6ZLqK/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/gKjad2sxgEWI1xfr1WXg6zFGsOn6ZLqK/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-38-199.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0129bdfe4319c03e301c0490343e8e306fcea6dcc9c09393708f3b01346395d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.tonyh53.sg-host.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id
eP63UelV4KELMFYroWB9xnxZJvkhvOgA
date
Tue, 29 Aug 2023 07:08:26 GMT
via
1.1 0f37773e2cce4ff7a5301ebabb04538a.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
1686
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
565
last-modified
Sun, 27 Jun 2021 00:44:40 GMT
server
AmazonS3
etag
"d155fe19fb60daf20f733f70210640f3"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
pkljTg3Gs_yDuO6MYXElqI5SROLSRCrCQSwFeZPdvw7Ysj2p8aakWQ==
collect
stats.g.doubleclick.net/j/
2 B
354 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-61703923-1&cid=538785738.1693294592&jid=1021772309&gjid=1898565496&_gid=2070729576.1693294592&_u=IADAAEAAAAAAACAAI~&z=735771340
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://admin.tonyh53.sg-host.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 29 Aug 2023 07:36:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://admin.tonyh53.sg-host.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-61703923-1&cid=538785738.1693294592&jid=1021772309&_u=IADAAEAAAAAAACAAI~&z=279306901
Requested by
Host: admin.tonyh53.sg-host.com
URL: https://admin.tonyh53.sg-host.com/clientarea.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.tonyh53.sg-host.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 07:36:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chat.js
js.gs-chat.com/
159 KB
56 KB
Script
General
Full URL
https://js.gs-chat.com/chat.js?01df7931e2811d92
Requested by
Host: d1l6p2sc9645hc.cloudfront.net
URL: https://d1l6p2sc9645hc.cloudfront.net/tracker.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:0:9:ce73:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
92a9e9acc2eb2a4e10a94e3cd3984a503f8386cf59ac54a0bd2a1af830e52414

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.tonyh53.sg-host.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 16:17:55 GMT
content-encoding
br
via
1.1 8d7b6b58f3b6f5fc348dc0fff9c2856c.cloudfront.net (CloudFront)
last-modified
Fri, 11 Aug 2023 15:16:04 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
age
55118
etag
W/"b2e0fb5cf44ced728bf101d783f6c174"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=UTF-8
cache-control
max-age=86400, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
jhpChy36ImAHnSpGC1bBnyfaz5aiMfqDY5QIdHSLj_Iedfkc52VOgA==
p
api.segment.io/v1/
21 B
181 B
Fetch
General
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/gKjad2sxgEWI1xfr1WXg6zFGsOn6ZLqK/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.160.151.220 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-160-151-220.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://admin.tonyh53.sg-host.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://admin.tonyh53.sg-host.com
date
Tue, 29 Aug 2023 07:36:32 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
/
www.google.com/pagead/1p-user-list/739524770/
42 B
154 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/739524770/?random=1693294591616&cv=11&fst=1693292400000&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fadmin.tonyh53.sg-host.com%2Fclientarea.php&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2587641022&rmt_tld=0&ipr=y
Requested by
Host: admin.tonyh53.sg-host.com
URL: https://admin.tonyh53.sg-host.com/clientarea.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.tonyh53.sg-host.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 07:36:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Inter.latin.var.woff2
static.gosquared.com/fonts/inter/2020-11/
73 KB
74 KB
Font
General
Full URL
https://static.gosquared.com/fonts/inter/2020-11/Inter.latin.var.woff2
Requested by
Host: admin.tonyh53.sg-host.com
URL: https://admin.tonyh53.sg-host.com/clientarea.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:d600:8:dc7e:3400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GS /
Resource Hash
2d92ac468956074ec5971284f7db01a303f1ed1268208abfcefd26a9325bdade
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://admin.tonyh53.sg-host.com/
Origin
https://admin.tonyh53.sg-host.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 28 Aug 2023 14:54:34 GMT
via
1.1 e5f49cd65618fc548cd417b060a75e76.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
60119
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
75000
x-xss-protection
1; mode=block
server
GS
etag
"4ed1a31b78396d06cb26a922ed5f2132"
access-control-max-age
3000
access-control-allow-methods
OPTIONS, GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Cookie
x-amz-cf-id
2BoBlZrNddgPjVX-g5ooxi27ylHLOJEE8kh43O6j66dCn7AuPcUOQQ==
Inter.symbols.var.woff2
static.gosquared.com/fonts/inter/2020-11/
28 KB
28 KB
Font
General
Full URL
https://static.gosquared.com/fonts/inter/2020-11/Inter.symbols.var.woff2
Requested by
Host: admin.tonyh53.sg-host.com
URL: https://admin.tonyh53.sg-host.com/clientarea.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:d600:8:dc7e:3400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GS /
Resource Hash
434d510fdf225407a39dbf4e969557607bf55b85bda4abf7298e3990c6cf9305
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://admin.tonyh53.sg-host.com/
Origin
https://admin.tonyh53.sg-host.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 28 Aug 2023 10:27:30 GMT
via
1.1 e5f49cd65618fc548cd417b060a75e76.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
76171
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
28288
x-xss-protection
1; mode=block
server
GS
etag
"8c8b864fe2023fa4c2c7f08c12435d9f"
access-control-max-age
3000
access-control-allow-methods
OPTIONS, GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Cookie
x-amz-cf-id
zqCcBvzqu8u3oz0Hgs-ATS_tQj_fyjhnhiQq-Njkv_YXBWEwOLdJ4A==
collect
analytics.google.com/g/
0
54 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-Y1P5Q809B7&gtm=45je38n0&_p=868150346&cid=538785738.1693294592&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1693294591&sct=1&seg=0&dl=https%3A%2F%2Fadmin.tonyh53.sg-host.com%2Fclientarea.php&dt=&en=scroll&epn.percent_scrolled=90&_et=41
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y1P5Q809B7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.tonyh53.sg-host.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 07:36:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://admin.tonyh53.sg-host.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
data2.gosquared.com/
6 B
74 B
Script
General
Full URL
https://data2.gosquared.com/ping?vw=1600&vh=1200&dw=1600&dh=1200&st=0&sl=0&i=0&et=5263&rc=1&cb=1&a=GSN-939234-Y&id=023aebc803a7bfdd4fa3549c9f7e05f9&tv=6.7.1937
Requested by
Host: d1l6p2sc9645hc.cloudfront.net
URL: https://d1l6p2sc9645hc.cloudfront.net/tracker.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.250.169 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-250-169.compute-1.amazonaws.com
Software
/
Resource Hash
eb2ad463e0fd390d63acc0e4e0c064cd787cab3ee5711fc9e6e203ad1429d4c0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.tonyh53.sg-host.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:36:36 GMT
content-length
6
content-type
text/javascript
m
metrics.gs-chat.com/
11 B
436 B
XHR
General
Full URL
https://metrics.gs-chat.com/m?
Requested by
Host: js.gs-chat.com
URL: https://js.gs-chat.com/chat.js?01df7931e2811d92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:2c00:1a:757b:b180:93a1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93

Request headers

Referer
https://admin.tonyh53.sg-host.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 29 Aug 2023 07:36:37 GMT
via
1.1 ef73a156d5c211fdbb7e4231f2a0edca.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
etag
W/"b-Ai2R8hgEarLmHKwesT1qcY913ys"
access-control-max-age
7200
access-control-allow-methods
OPTIONS, GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-expose-headers
etag, content-length, content-type, date
alt-svc
h3=":443"; ma=86400
content-length
11
x-amz-cf-id
4IufjxJl3WgH9IAsogLch86jY4WIosvoAXqHPiaGCrWzdH0CltW8vg==
m
metrics.gs-chat.com/
0
0
Preflight
General
Full URL
https://metrics.gs-chat.com/m?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:2c00:1a:757b:b180:93a1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://admin.tonyh53.sg-host.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
OPTIONS, GET, POST
access-control-allow-origin
*
access-control-expose-headers
etag, content-length, content-type, date
access-control-max-age
7200
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Aug 2023 07:36:37 GMT
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
via
1.1 ef73a156d5c211fdbb7e4231f2a0edca.cloudfront.net (CloudFront)
x-amz-cf-id
r31FMPxqOjIwwE0gq0vmUjg_5tk4iQe62jg52ZIOYwh9Dpevhl4ESA==
x-amz-cf-pop
JFK50-P2
x-cache
Miss from cloudfront

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| analytics function| _gs function| gtag object| dataLayer string| GoogleAnalyticsObject function| ga object| _gaq object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| GooglebQhCsO object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext

10 Cookies

Domain/Path Name / Value
admin.tonyh53.sg-host.com/ Name: WHMCSD7iUvY5OeATh
Value: 6dbcb657bae773fac6902514fc7f8626
.sg-host.com/ Name: _ga
Value: GA1.2.538785738.1693294592
.sg-host.com/ Name: _gid
Value: GA1.2.2070729576.1693294592
.sg-host.com/ Name: _gat
Value: 1
.sg-host.com/ Name: _ga_Y1P5Q809B7
Value: GS1.1.1693294591.1.0.1693294591.60.0.0
admin.tonyh53.sg-host.com/ Name: gs_v_GSN-939234-Y
Value:
admin.tonyh53.sg-host.com/ Name: gs_u_GSN-939234-Y
Value: 023aebc803a7bfdd4fa3549c9f7e05f9:2567:5000:1693294591588
.sg-host.com/ Name: _gcl_au
Value: 1.1.831282357.1693294592
.sg-host.com/ Name: ajs_anonymous_id
Value: 1672026d-6eef-4b85-8e2d-c057a66114db
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.tonyh53.sg-host.com
analytics.google.com
api.segment.io
cdn.segment.com
d1l6p2sc9645hc.cloudfront.net
data2.gosquared.com
googleads.g.doubleclick.net
js.gs-chat.com
metrics.gs-chat.com
static.gosquared.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
13.226.38.199
2600:9000:23ca:2c00:1a:757b:b180:93a1
2600:9000:24f0:5e00:f:fd8f:b000:93a1
2600:9000:24f1:d600:8:dc7e:3400:93a1
2600:9000:2512:0:9:ce73:e940:93a1
2607:f8b0:4004:c08::9c
2607:f8b0:4006:808::200e
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81d::2008
2607:f8b0:4006:823::2004
2607:f8b0:4006:823::200e
34.174.212.234
35.160.151.220
54.164.250.169
0cae36ece2ab55c915554edbd61fcd90e0e19e9ed3706e2ed063044da38e6433
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
14990879b9fccabd19c08628fcdf6aa7ae7a6fb73e3999a74f4b2dcfd3d6077d
18c969bd8dc7239493b3e0ffb1998aa104cd9f5680996b4964ad2c6d9a7d3895
2c694cfafd5c00ba4a7a2110060eb937afccfc1d7b745a319c49764fe4ef017c
2d92ac468956074ec5971284f7db01a303f1ed1268208abfcefd26a9325bdade
4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93
434d510fdf225407a39dbf4e969557607bf55b85bda4abf7298e3990c6cf9305
4b925578c2bf8bc646f27eebd83ca4c155293c43e5b3a1863447f3446b2b76c1
4c0c93bd2af50b79c2af408b51f22dcd4c74eb07ce8a69dcd6ce9854a892bf91
5cbffd794128e097a67a7fda02a71f0a4c62bd81cc7b750e44c9b9cb7af6ffc0
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
8157bcc0472167db7967264ae4d68f1739cc73ab306c6720acbe359e18cedfa6
92a9e9acc2eb2a4e10a94e3cd3984a503f8386cf59ac54a0bd2a1af830e52414
a0129bdfe4319c03e301c0490343e8e306fcea6dcc9c09393708f3b01346395d
a2a0e4e4316cbb92f87fcadb21feefea19a6cffaa13cc68b77dc6bcd610360d5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b58d0bcb0dd7db4ae82d4b4dc391794dda001c87e1a80709663bdee29a47e6a6
b73c27800286ea7972204f6283e39d0cae93a908cc8df1a65ca4df16179ccc63
b977e764041a50a10023dde58f55c1a66a7d6cc482ffae189e1811080755c76c
d2e2ce4dd4e418204dd661f86dd3c1a7d3766d8069516c1a562cdbad88a15550
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b
eb2ad463e0fd390d63acc0e4e0c064cd787cab3ee5711fc9e6e203ad1429d4c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f77d27b6c2367547ef9c464ba1714db614710c8448820756f1c1fabf2192df14