bm-stats-analytics.services.soo.sg Open in urlscan Pro
45.67.218.215  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response bm-stats-analytics.services.soo.sg/	33 KB 9 KB	495ms 178ms	Document text/html	45.67.218.215 HOSTHATCH
General Check archive.org Show headers Download Go to Full URL https://bm-stats-analytics.services.soo.sg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.67.218.215 Los Angeles, United States, ASN63473 (HOSTHATCH, US), Reverse DNS Software nginx / Resource Hash 622450f6aab61e29b6aa8293859181d4f9f553939737f6001aef5f7d633e90cd Security Headers Name Value Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self'; frame-ancestors 'none'; Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :method GET :authority bm-stats-analytics.services.soo.sg :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers server nginx date Sat, 28 Aug 2021 04:14:50 GMT content-type text/html;charset=utf-8 x-frame-options DENY x-xss-protection 1; mode=block last-modified Sat, 28 Aug 2021 04:14:50 GMT strict-transport-security max-age=31536000 set-cookie metabase.DEVICE=7349930b-6b8e-4838-947b-f329643e077f;HttpOnly;Path=/;SameSite=Lax;Expires=Wed, 28 Aug 2041 04:14:15 GMT x-permitted-cross-domain-policies none cache-control max-age=0, no-cache, must-revalidate, proxy-revalidate x-content-type-options nosniff content-security-policy default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self'; frame-ancestors 'none'; content-encoding gzip expires Tue, 03 Jul 2001 06:00:00 GMT
GET H2	200	vendor.bundle.css bm-stats-analytics.services.soo.sg/app/dist/	19 KB 5 KB	193ms 192ms	Stylesheet text/css	45.67.218.215 HOSTHATCH
General Check archive.org Show headers Download Go to Full URL https://bm-stats-analytics.services.soo.sg/app/dist/vendor.bundle.css?c91ebb1fce97c9f31306141c67a3b4d3 Requested by Host: bm-stats-analytics.services.soo.sg URL: https://bm-stats-analytics.services.soo.sg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.67.218.215 Los Angeles, United States, ASN63473 (HOSTHATCH, US), Reverse DNS Software nginx / Resource Hash 7b185533048ea911c0a67b46007d1760db762cdb180eff0635681ad038b4def8 Security Headers Name Value Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self'; frame-ancestors 'none'; Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :path /app/dist/vendor.bundle.css?c91ebb1fce97c9f31306141c67a3b4d3 pragma no-cache cookie metabase.DEVICE=7349930b-6b8e-4838-947b-f329643e077f accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority bm-stats-analytics.services.soo.sg referer https://bm-stats-analytics.services.soo.sg/ :scheme https sec-fetch-site same-origin :method GET Referer https://bm-stats-analytics.services.soo.sg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 28 Aug 2021 04:14:50 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 26 Aug 2021 21:33:56 GMT x-permitted-cross-domain-policies none x-frame-options DENY content-type text/css cache-control public, max-age=31536000 content-security-policy default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self'; frame-ancestors 'none'; strict-transport-security max-age=31536000 x-xss-protection 1; mode=block server nginx
GET H2	200	styles.bundle.css bm-stats-analytics.services.soo.sg/app/dist/	105 KB 22 KB	341ms 340ms	Stylesheet text/css	45.67.218.215 HOSTHATCH
General Check archive.org Show headers Download Go to Full URL https://bm-stats-analytics.services.soo.sg/app/dist/styles.bundle.css?3db78acfe2a5663576603dce678cd7bb Requested by Host: bm-stats-analytics.services.soo.sg URL: https://bm-stats-analytics.services.soo.sg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.67.218.215 Los Angeles, United States, ASN63473 (HOSTHATCH, US), Reverse DNS Software nginx / Resource Hash 60a4b988c8fe28e615ccb2fec48fc9354668982183cf7fcd2ca4723c3bf3f32f Security Headers Name Value Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self'; frame-ancestors 'none'; Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :path /app/dist/styles.bundle.css?3db78acfe2a5663576603dce678cd7bb pragma no-cache cookie metabase.DEVICE=7349930b-6b8e-4838-947b-f329643e077f accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority bm-stats-analytics.services.soo.sg referer https://bm-stats-analytics.services.soo.sg/ :scheme https sec-fetch-site same-origin :method GET Referer https://bm-stats-analytics.services.soo.sg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 28 Aug 2021 04:14:51 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 26 Aug 2021 21:33:56 GMT x-permitted-cross-domain-policies none x-frame-options DENY content-type text/css cache-control public, max-age=31536000 content-security-policy default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self'; frame-ancestors 'none'; strict-transport-security max-age=31536000 x-xss-protection 1; mode=block server nginx
GET H2	200	app-main.bundle.css bm-stats-analytics.services.soo.sg/app/dist/	94 KB 20 KB	187ms 186ms	Stylesheet text/css	45.67.218.215 HOSTHATCH
General Check archive.org Show headers Download Go to Full URL https://bm-stats-analytics.services.soo.sg/app/dist/app-main.bundle.css?e0a46c43ad820645831ba47b5880968d Requested by Host: bm-stats-analytics.services.soo.sg URL: https://bm-stats-analytics.services.soo.sg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.67.218.215 Los Angeles, United States, ASN63473 (HOSTHATCH, US), Reverse DNS Software nginx / Resource Hash eb3b49386702da7e760fb21a6841b90306c0a8e3fa535de205bdbe56e81df3cc Security Headers Name Value Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self'; frame-ancestors 'none'; Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :path /app/dist/app-main.bundle.css?e0a46c43ad820645831ba47b5880968d pragma no-cache cookie metabase.DEVICE=7349930b-6b8e-4838-947b-f329643e077f accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority bm-stats-analytics.services.soo.sg referer https://bm-stats-analytics.services.soo.sg/ :scheme https sec-fetch-site same-origin :method GET Referer https://bm-stats-analytics.services.soo.sg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 28 Aug 2021 04:14:50 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 26 Aug 2021 21:33:56 GMT x-permitted-cross-domain-policies none x-frame-options DENY content-type text/css cache-control public, max-age=31536000 content-security-policy default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self'; frame-ancestors 'none'; strict-transport-security max-age=31536000 x-xss-protection 1; mode=block server nginx
GET H2	200	vendor.bundle.js Show response bm-stats-analytics.services.soo.sg/app/dist/	4 MB 1 MB	186ms 185ms	Script text/javascript	45.67.218.215 HOSTHATCH
General Check archive.org Show headers Download Go to Full URL https://bm-stats-analytics.services.soo.sg/app/dist/vendor.bundle.js?ee6acc867569f8045b4e Requested by Host: bm-stats-analytics.services.soo.sg URL: https://bm-stats-analytics.services.soo.sg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.67.218.215 Los Angeles, United States, ASN63473 (HOSTHATCH, US), Reverse DNS Software nginx / Resource Hash 548853981061c044e62145d035c1987ef55c6c8ea03184a9972fa8bbc1383027 Security Headers Name Value Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self'; frame-ancestors 'none'; Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :path /app/dist/vendor.bundle.js?ee6acc867569f8045b4e pragma no-cache cookie metabase.DEVICE=7349930b-6b8e-4838-947b-f329643e077f accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority bm-stats-analytics.services.soo.sg referer https://bm-stats-analytics.services.soo.sg/ :scheme https sec-fetch-site same-origin :method GET Referer https://bm-stats-analytics.services.soo.sg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 28 Aug 2021 04:14:50 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 26 Aug 2021 21:33:56 GMT x-permitted-cross-domain-policies none x-frame-options DENY content-type text/javascript cache-control public, max-age=31536000 content-security-policy default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self'; frame-ancestors 'none'; strict-transport-security max-age=31536000 x-xss-protection 1; mode=block server nginx
GET H2	200	styles.bundle.js Show response bm-stats-analytics.services.soo.sg/app/dist/	3 KB 2 KB	176ms 176ms	Script text/javascript	45.67.218.215 HOSTHATCH
General Check archive.org Show headers Download Go to Full URL https://bm-stats-analytics.services.soo.sg/app/dist/styles.bundle.js?ee6acc867569f8045b4e Requested by Host: bm-stats-analytics.services.soo.sg URL: https://bm-stats-analytics.services.soo.sg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.67.218.215 Los Angeles, United States, ASN63473 (HOSTHATCH, US), Reverse DNS Software nginx / Resource Hash 952ebb35ac9785813b328b954b99c9154c2c36557711a977acaf9baafd995c0e Security Headers Name Value Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self'; frame-ancestors 'none'; Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :path /app/dist/styles.bundle.js?ee6acc867569f8045b4e pragma no-cache cookie metabase.DEVICE=7349930b-6b8e-4838-947b-f329643e077f accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority bm-stats-analytics.services.soo.sg referer https://bm-stats-analytics.services.soo.sg/ :scheme https sec-fetch-site same-origin :method GET Referer https://bm-stats-analytics.services.soo.sg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 28 Aug 2021 04:14:50 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 26 Aug 2021 21:33:56 GMT x-permitted-cross-domain-policies none x-frame-options DENY content-type text/javascript cache-control public, max-age=31536000 content-security-policy default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self'; frame-ancestors 'none'; strict-transport-security max-age=31536000 x-xss-protection 1; mode=block server nginx
GET H2	200	app-main.bundle.js Show response bm-stats-analytics.services.soo.sg/app/dist/	4 MB 779 KB	192ms 192ms	Script text/javascript	45.67.218.215 HOSTHATCH
General Check archive.org Show headers Download Go to Full URL https://bm-stats-analytics.services.soo.sg/app/dist/app-main.bundle.js?ee6acc867569f8045b4e Requested by Host: bm-stats-analytics.services.soo.sg URL: https://bm-stats-analytics.services.soo.sg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.67.218.215 Los Angeles, United States, ASN63473 (HOSTHATCH, US), Reverse DNS Software nginx / Resource Hash da92e1cd381ca6c4499f530e865cc7426320a61f61ac794960a26a059d39ddc2 Security Headers Name Value Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self'; frame-ancestors 'none'; Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :path /app/dist/app-main.bundle.js?ee6acc867569f8045b4e pragma no-cache cookie metabase.DEVICE=7349930b-6b8e-4838-947b-f329643e077f accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority bm-stats-analytics.services.soo.sg referer https://bm-stats-analytics.services.soo.sg/ :scheme https sec-fetch-site same-origin :method GET Referer https://bm-stats-analytics.services.soo.sg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 28 Aug 2021 04:14:50 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 26 Aug 2021 21:33:56 GMT x-permitted-cross-domain-policies none x-frame-options DENY content-type text/javascript cache-control public, max-age=31536000 content-security-policy default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self'; frame-ancestors 'none'; strict-transport-security max-age=31536000 x-xss-protection 1; mode=block server nginx
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 19 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: bm-stats-analytics.services.soo.sg URL: https://bm-stats-analytics.services.soo.sg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://bm-stats-analytics.services.soo.sg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 11 Aug 2021 00:32:57 GMT server Golfe2 age 2301 date Sat, 28 Aug 2021 03:36:31 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19747 expires Sat, 28 Aug 2021 05:36:31 GMT

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| MetabaseBootstrap object| MetabaseLocalization string| MetabaseRoot function| webpackJsonp function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| METABASE string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.soo.sg/	1970-01-19 20:50:10	Name: _gid Value: GA1.2.1117028945.1630124092
			.soo.sg/	1970-01-20 14:19:56	Name: _ga Value: GA1.2.1016740581.1630124092
			bm-stats-analytics.services.soo.sg/	1970-01-27 04:07:56	Name: metabase.DEVICE Value: 7349930b-6b8e-4838-947b-f329643e077f

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-lMAh4yjVuDkQ9NqkK4H+YHUga+anpFs5JAuj/uZh0Rs=' 'sha256-sMNbXyc1lLzhHbH/CKs11HIQMnMkZAN2eA99WhJeEC0=' 'sha256-JJa56hyDfUbgNfq+0nq6Qs866JKgZ/+qCq2pkDJED8k='; child-src 'self' https://accounts.google.com; style-src 'self' 'unsafe-inline'; font-src 'self' ; img-src * 'self' data:; connect-src 'self' metabase.us10.list-manage.com ; manifest-src 'self'; frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bm-stats-analytics.services.soo.sg
www.google-analytics.com
2a00:1450:4001:800::200e
45.67.218.215
548853981061c044e62145d035c1987ef55c6c8ea03184a9972fa8bbc1383027
60a4b988c8fe28e615ccb2fec48fc9354668982183cf7fcd2ca4723c3bf3f32f
622450f6aab61e29b6aa8293859181d4f9f553939737f6001aef5f7d633e90cd
7b185533048ea911c0a67b46007d1760db762cdb180eff0635681ad038b4def8
952ebb35ac9785813b328b954b99c9154c2c36557711a977acaf9baafd995c0e
da92e1cd381ca6c4499f530e865cc7426320a61f61ac794960a26a059d39ddc2
eb3b49386702da7e760fb21a6841b90306c0a8e3fa535de205bdbe56e81df3cc
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62