savannahcoachworks-co-za.ga Open in urlscan Pro
111.90.150.231 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Submission: On May 22 via automatic, source openphish (May 22nd 2019, 6:08:02 pm UTC)

Summary HTTP 54 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 22 IPs in 7 countries across 16 domains to perform 54 HTTP transactions. The main IP is 111.90.150.231, located in Rwanda and belongs to SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY. The main domain is savannahcoachworks-co-za.ga.

This is the only time savannahcoachworks-co-za.ga was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 2	111.90.150.231 111.90.150.231	45839 (SHINJIRU-...) (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd)
14	196.2.128.7 196.2.128.7	12258 (OPTINET) (OPTINET)
1	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
3	172.217.22.66 172.217.22.66	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2600:9000:200... 2600:9000:200d:6c00:b:3c99:a880:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:81e::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
3 9	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.192.203.107 54.192.203.107	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 3	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
1	172.217.16.162 172.217.16.162	15169 (GOOGLE) (GOOGLE - Google LLC)
1	151.101.120.157 151.101.120.157	54113 (FASTLY) (FASTLY - Fastly)
4	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 2	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.192.203.2 54.192.203.2	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 4	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER - Twitter Inc.)
4	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	34.242.8.248 34.242.8.248	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER - Twitter Inc.)
54	22

2 111.90.150.231 (Rwanda) 1 redirects

ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)

savannahcoachworks-co-za.ga	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 196.2.128.7 (South Africa)

ASN12258 (OPTINET, ZA)
PTR: myaccount.mweb.co.za

myaccount.mweb.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.22.66 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f66.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200d:6c00:b:3c99:a880:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

za-cdn.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:817::200e (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.203.107 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-203-107.fra50.r.cloudfront.net

t.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c08::9b (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.162 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.120.157 (Paris, France)

ASN54113 (FASTLY - Fastly, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.102 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s42-in-f6.1e100.net

4905605.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.203.2 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-203-2.fra50.r.cloudfront.net

t.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States) 1 redirects

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.242.8.248 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-242-8-248.eu-west-1.compute.amazonaws.com

collector.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	mweb.co.za myaccount.mweb.co.za	363 KB
10	doubleclick.net 3 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net 4905605.fls.doubleclick.net googleads.g.doubleclick.net	84 KB
9	google-analytics.com 3 redirects www.google-analytics.com	21 KB
5	google.de adservice.google.de www.google.de	614 B
4	facebook.com www.facebook.com	588 B
4	google.com 2 redirects www.google.com	852 B
4	facebook.net connect.facebook.net	197 KB
4	effectivemeasure.net za-cdn.effectivemeasure.net t.effectivemeasure.net collector.effectivemeasure.net	13 KB
2	t.co 1 redirects t.co	517 B
2	savannahcoachworks-co-za.ga 1 redirects savannahcoachworks-co-za.ga	10 KB
1	twitter.com analytics.twitter.com	268 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googleadservices.com www.googleadservices.com	9 KB
1	googlesyndication.com tpc.googlesyndication.com
1	googletagmanager.com www.googletagmanager.com	39 KB
1	googletagservices.com www.googletagservices.com	11 KB
54	16

	Domain	Requested by
14	myaccount.mweb.co.za	savannahcoachworks-co-za.ga securepubads.g.doubleclick.net
9	www.google-analytics.com	3 redirects savannahcoachworks-co-za.ga
4	www.facebook.com	savannahcoachworks-co-za.ga
4	www.google.de	savannahcoachworks-co-za.ga
4	www.google.com	2 redirects savannahcoachworks-co-za.ga
4	connect.facebook.net	savannahcoachworks-co-za.ga connect.facebook.net
3	stats.g.doubleclick.net	2 redirects savannahcoachworks-co-za.ga
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	t.co	1 redirects savannahcoachworks-co-za.ga
2	googleads.g.doubleclick.net	www.googleadservices.com
2	4905605.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	t.effectivemeasure.net	za-cdn.effectivemeasure.net t.effectivemeasure.net
2	savannahcoachworks-co-za.ga	1 redirects
1	analytics.twitter.com	static.ads-twitter.com
1	collector.effectivemeasure.net	savannahcoachworks-co-za.ga
1	static.ads-twitter.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	tpc.googlesyndication.com	securepubads.g.doubleclick.net
1	www.googletagmanager.com	savannahcoachworks-co-za.ga
1	za-cdn.effectivemeasure.net	savannahcoachworks-co-za.ga
1	adservice.google.de	www.googletagservices.com
1	www.googletagservices.com	savannahcoachworks-co-za.ga
54	22

This site contains links to these domains. Also see Links.

Domain
www.mweb.co.za
myaccount.ignite.co.za
myaccount.mweb.co.za
ispa.org.za
www.icode.org.za

Subject Issuer	Validity	Valid
myaccount.mweb.co.za Entrust Certification Authority - L1K	`2018-02-08` - `2020-02-08`	2 years	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-04-30` - `2019-07-23`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2019-04-30` - `2019-07-23`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-05-07` - `2019-07-30`	3 months	crt.sh
*.effectivemeasure.net Amazon	`2019-03-31` - `2020-04-30`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-04-22` - `2019-07-21`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2019-04-30` - `2019-07-23`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2019-03-07` - `2020-03-07`	a year	crt.sh
www.google.com Google Internet Authority G3	`2019-04-30` - `2019-07-23`	3 months	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-01-28` - `2020-01-28`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Frame ID: 7277B51A727F122F9516004BD2CBA25C
Requests: 52 HTTP requests in this frame

Frame: http://4905605.fls.doubleclick.net/activityi;dc_pre=CMjln73dr-ICFRrHdwodGhMJUg;src=4905605;type=mweb_0;cat=mweb-012;ord=5046650378238;gtm=2wg5f2;auiddc=1095445088.1558548465;u1=%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F;u2=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F;~oref=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F
Frame ID: E59DF45DF99EF7FD5C6B34DBB646C36B
Requests: 1 HTTP requests in this frame

Frame: http://t.effectivemeasure.net/frame.494af32.html
Frame ID: 14754CACD1E2B6117E41224965DB9CC0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b HTTP 301
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/ Page URL

Detected technologies

Pure CSS (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+(?:([\d.])+\/)?pure(?:-min)?\.css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
env /^googletag$/i
env /^google_tag_manager$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i
env /^jQuery$/i
script /jquery-ui(?:-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui(?:-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery-ui.*\.js/i

Page Statistics

54
Requests

81 %
HTTPS

48 %
IPv6

16
Domains

22
Subdomains

22
IPs

7
Countries

748 kB
Transfer

1641 kB
Size

17
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://www.mweb.co.za/
Title:

Search URL Search Domain Scan URL

URL: https://myaccount.ignite.co.za/bus/portal/email/islogin.jsp
Title: Are you an Ignite customer?

Search URL Search Domain Scan URL

URL: https://myaccount.mweb.co.za/mwebcore/myaccount/login/passwordreminder/passwordReminder.jsp
Title: Forgotten Password?

Search URL Search Domain Scan URL

URL: https://www.mweb.co.za/legalpolicies/
Title: Legal Notices

Search URL Search Domain Scan URL

URL: https://www.mweb.co.za/aboutus/home/
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.mweb.co.za/aboutus/contact-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.mweb.co.za/help
Title: Help

Search URL Search Domain Scan URL

URL: http://ispa.org.za/code-of-conduct/

Search URL Search Domain Scan URL

URL: http://www.icode.org.za/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b HTTP 301
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 24

http://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAEAB~&jid=1223724438&gjid=202862832&cid=1200592162.1558548465&tid=UA-32716691-1&_gid=919297193.1558548465&_r=1&z=1625470823 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAEAB~&jid=1223724438&gjid=202862832&cid=1200592162.1558548465&tid=UA-32716691-1&_gid=919297193.1558548465&_r=1&z=1625470823

Request Chain 25

http://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAjAAEAB~&jid=368957090&gjid=1587329934&cid=1200592162.1558548465&tid=UA-32389807-1&_gid=919297193.1558548465&_r=1&z=834372535 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAjAAEAB~&jid=368957090&gjid=1587329934&cid=1200592162.1558548465&tid=UA-32389807-1&_gid=919297193.1558548465&_r=1&z=834372535 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-32389807-1&cid=1200592162.1558548465&jid=368957090&_gid=919297193.1558548465&gjid=1587329934&_v=j75&z=834372535

Request Chain 26

http://www.google-analytics.com/plugins/ua/linkid.js HTTP 307
https://www.google-analytics.com/plugins/ua/linkid.js

Request Chain 27

http://www.google-analytics.com/plugins/ua/ec.js HTTP 307
https://www.google-analytics.com/plugins/ua/ec.js

Request Chain 31

http://4905605.fls.doubleclick.net/activityi;src=4905605;type=mweb_0;cat=mweb-012;ord=5046650378238;gtm=2wg5f2;auiddc=1095445088.1558548465;u1=%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F;u2=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F;~oref=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F HTTP 302
http://4905605.fls.doubleclick.net/activityi;dc_pre=CMjln73dr-ICFRrHdwodGhMJUg;src=4905605;type=mweb_0;cat=mweb-012;ord=5046650378238;gtm=2wg5f2;auiddc=1095445088.1558548465;u1=%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F;u2=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F;~oref=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F

Request Chain 36

http://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=1426904009&gjid=827787956&cid=1200592162.1558548465&tid=UA-51279388-1&_gid=919297193.1558548465&_r=1&gtm=2wg5f2588RWD&z=457569554 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=1426904009&gjid=827787956&cid=1200592162.1558548465&tid=UA-51279388-1&_gid=919297193.1558548465&_r=1&gtm=2wg5f2588RWD&z=457569554 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-51279388-1&cid=1200592162.1558548465&jid=1426904009&_gid=919297193.1558548465&gjid=827787956&_v=j75&z=457569554 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-1&cid=1200592162.1558548465&jid=1426904009&_v=j75&z=457569554 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-1&cid=1200592162.1558548465&jid=1426904009&_v=j75&z=457569554&slf_rd=1&random=1179711453

Request Chain 37

http://www.google-analytics.com/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=&gjid=&cid=1200592162.1558548465&tid=UA-51279388-1&_gid=919297193.1558548465&gtm=2wg5f2588RWD&z=2015039235 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=&gjid=&cid=1200592162.1558548465&tid=UA-51279388-1&_gid=919297193.1558548465&gtm=2wg5f2588RWD&z=2015039235

Request Chain 38

http://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=889076641&gjid=154171673&cid=1200592162.1558548465&tid=UA-51279388-5&_gid=919297193.1558548465&_r=1&gtm=2wg5f2588RWD&z=1274161219 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=889076641&gjid=154171673&cid=1200592162.1558548465&tid=UA-51279388-5&_gid=919297193.1558548465&_r=1&gtm=2wg5f2588RWD&z=1274161219 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-51279388-5&cid=1200592162.1558548465&jid=889076641&_gid=919297193.1558548465&gjid=154171673&_v=j75&z=1274161219 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-5&cid=1200592162.1558548465&jid=889076641&_v=j75&z=1274161219 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-5&cid=1200592162.1558548465&jid=889076641&_v=j75&z=1274161219&slf_rd=1&random=1513840965

Request Chain 39

http://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxho2&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0 HTTP 301
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxho2&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Request Chain 50

http://www.google-analytics.com/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=&gjid=&cid=1200592162.1558548465&tid=UA-51279388-1&_gid=919297193.1558548465&gtm=2wg5f2588RWD&z=679375846 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=&gjid=&cid=1200592162.1558548465&tid=UA-51279388-1&_gid=919297193.1558548465&gtm=2wg5f2588RWD&z=679375846

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Redirect Chain

http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/

10 KB
10 KB

325ms
324ms

Document
text/html

111.90.150.231
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol: HTTP/1.1
Server: 111.90.150.231 , Rwanda, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software: Apache /
Resource Hash: c90c676abfb92d38da509eff2fcca3ffec9caf00140c79d1542f006de2be976b

Request headers

Host: savannahcoachworks-co-za.ga
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 22 May 2019 18:07:42 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Wed, 22 May 2019 18:07:41 GMT
Server: Apache
Location: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Content-Length: 297
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK jquery-ui-1.8.20.custom.css
myaccount.mweb.co.za/mwebcore/myaccount/shared/external/jqueryui/css/smoothness/ 25 KB
25 KB 852ms
164ms Stylesheet
text/css 196.2.128.7
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.mweb.co.za/mwebcore/myaccount/shared/external/jqueryui/css/smoothness/jquery-ui-1.8.20.custom.css
Requested by: Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: myaccount.mweb.co.za
Software: Apache-Coyote/1.1 /
Resource Hash: 834e67fcf50c34f6214fa0e520e73a8305db5e3b1ee23235eb065aba0b53a089

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 22 May 2019 18:07:43 GMT
Last-Modified: Tue, 21 May 2019 19:55:10 GMT
Server: Apache-Coyote/1.1
ETag: W/"25378-1558468510000"
Content-Type: text/css
Cache-Control: private
Accept-Ranges: bytes
Content-Length: 25378
Expires: Thu, 01 Jan 1970 02:00:00 SAST

GET
H/1.1 200
OK chosen.css
myaccount.mweb.co.za/mwebcore/myaccount/shared/external/chosen/ 14 KB
14 KB 854ms
164ms Stylesheet
text/css 196.2.128.7
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.mweb.co.za/mwebcore/myaccount/shared/external/chosen/chosen.css
Requested by: Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: myaccount.mweb.co.za
Software: Apache-Coyote/1.1 /
Resource Hash: 6f83ebc7a31c0153f578a3407f43d2370c3a0ff271e86b33f1acf008c7356abd

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 22 May 2019 18:07:43 GMT
Last-Modified: Tue, 21 May 2019 19:55:10 GMT
Server: Apache-Coyote/1.1
ETag: W/"13898-1558468510000"
Content-Type: text/css
Cache-Control: private
Accept-Ranges: bytes
Content-Length: 13898
Expires: Thu, 01 Jan 1970 02:00:00 SAST

GET
H/1.1 200
OK pure-min.css
myaccount.mweb.co.za/mwebcore/shared/external/purecss/ 17 KB
17 KB 909ms
178ms Stylesheet
text/css 196.2.128.7
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.mweb.co.za/mwebcore/shared/external/purecss/pure-min.css
Requested by: Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: myaccount.mweb.co.za
Software: Apache-Coyote/1.1 /
Resource Hash: 00e83aa5f667c4ee219411f6cf6ba69a0746294f1753dba050f93259a48c2747

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 22 May 2019 18:07:43 GMT
Last-Modified: Tue, 21 May 2019 19:55:10 GMT
Server: Apache-Coyote/1.1
ETag: W/"17286-1558468510000"
Content-Type: text/css
Cache-Control: private
Accept-Ranges: bytes
Content-Length: 17286
Expires: Thu, 01 Jan 1970 02:00:00 SAST

GET
H/1.1 200
OK font-awesome.min.css
myaccount.mweb.co.za/mwebcore/myaccount/osu/assets/plugins/font-awesome/css/ 17 KB
18 KB 908ms
177ms Stylesheet
text/css 196.2.128.7
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.mweb.co.za/mwebcore/myaccount/osu/assets/plugins/font-awesome/css/font-awesome.min.css
Requested by: Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: myaccount.mweb.co.za
Software: Apache-Coyote/1.1 /
Resource Hash: b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 22 May 2019 18:07:43 GMT
Last-Modified: Tue, 21 May 2019 19:55:10 GMT
Server: Apache-Coyote/1.1
ETag: W/"17780-1558468510000"
Content-Type: text/css
Cache-Control: private
Accept-Ranges: bytes
Content-Length: 17780
Expires: Thu, 01 Jan 1970 02:00:00 SAST

GET
H/1.1 200
OK myaccount.css
myaccount.mweb.co.za/mwebcore/myaccount/styles/ 42 KB
43 KB 911ms
178ms Stylesheet
text/css 196.2.128.7
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.mweb.co.za/mwebcore/myaccount/styles/myaccount.css
Requested by: Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: myaccount.mweb.co.za
Software: Apache-Coyote/1.1 /
Resource Hash: 6f6ff747d398937bbb894ee907858755b6a800a952993f8053197b9d5ca0a26a

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 22 May 2019 18:07:43 GMT
Last-Modified: Tue, 21 May 2019 19:55:10 GMT
Server: Apache-Coyote/1.1
ETag: W/"43316-1558468510000"
Content-Type: text/css
Cache-Control: private
Accept-Ranges: bytes
Content-Length: 43316
Expires: Thu, 01 Jan 1970 02:00:00 SAST

GET
H/1.1 200
OK myaccount-login.css
myaccount.mweb.co.za/mwebcore/myaccount/styles/ 1 KB
2 KB 911ms
179ms Stylesheet
text/css 196.2.128.7
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.mweb.co.za/mwebcore/myaccount/styles/myaccount-login.css
Requested by: Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: myaccount.mweb.co.za
Software: Apache-Coyote/1.1 /
Resource Hash: febf051238d01475887907d23ce5eadb2179d9e573f099c50eb2e33de8392f3f

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 22 May 2019 18:07:43 GMT
Last-Modified: Tue, 21 May 2019 19:55:10 GMT
Server: Apache-Coyote/1.1
ETag: W/"1262-1558468510000"
Content-Type: text/css
Cache-Control: private
Accept-Ranges: bytes
Content-Length: 1262
Expires: Thu, 01 Jan 1970 02:00:00 SAST

GET
H/1.1 200
OK jquery-1.7.2.min.js Show response
myaccount.mweb.co.za/mwebcore/myaccount/scripts/ 93 KB
93 KB 1092ms
180ms Script
application/javascript 196.2.128.7
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.mweb.co.za/mwebcore/myaccount/scripts/jquery-1.7.2.min.js
Requested by: Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: myaccount.mweb.co.za
Software: Apache-Coyote/1.1 /
Resource Hash: 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 22 May 2019 18:07:43 GMT
Last-Modified: Tue, 21 May 2019 19:55:10 GMT
Server: Apache-Coyote/1.1
ETag: W/"94840-1558468510000"
Content-Type: application/javascript
Cache-Control: private
Accept-Ranges: bytes
Content-Length: 94840
Expires: Thu, 01 Jan 1970 02:00:00 SAST

GET
H/1.1 200
OK jquery-ui-1.8.20.custom.min.js Show response
myaccount.mweb.co.za/mwebcore/myaccount/shared/external/jqueryui/js/ 97 KB
97 KB 1184ms
165ms Script
application/javascript 196.2.128.7
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.mweb.co.za/mwebcore/myaccount/shared/external/jqueryui/js/jquery-ui-1.8.20.custom.min.js
Requested by: Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: myaccount.mweb.co.za
Software: Apache-Coyote/1.1 /
Resource Hash: a7a6de426780a73e047727676e7c100b064eb8a233dbc3c7884466ba42db5bd3

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 22 May 2019 18:07:43 GMT
Last-Modified: Tue, 21 May 2019 19:55:10 GMT
Server: Apache-Coyote/1.1
ETag: W/"98858-1558468510000"
Content-Type: application/javascript
Cache-Control: private
Accept-Ranges: bytes
Content-Length: 98858
Expires: Thu, 01 Jan 1970 02:00:00 SAST

GET
H/1.1 200
OK chosen.jquery.min.js Show response
myaccount.mweb.co.za/mwebcore/myaccount/shared/external/chosen/ 21 KB
21 KB 1264ms
180ms Script
application/javascript 196.2.128.7
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.mweb.co.za/mwebcore/myaccount/shared/external/chosen/chosen.jquery.min.js
Requested by: Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: myaccount.mweb.co.za
Software: Apache-Coyote/1.1 /
Resource Hash: 75f39ab402b946f758c69c88a6e334554349c17f912180a9cae257353dcf2400

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 22 May 2019 18:07:43 GMT
Last-Modified: Tue, 21 May 2019 19:55:10 GMT
Server: Apache-Coyote/1.1
ETag: W/"21601-1558468510000"
Content-Type: application/javascript
Cache-Control: private
Accept-Ranges: bytes
Content-Length: 21601
Expires: Thu, 01 Jan 1970 02:00:00 SAST

GET
H/1.1 200
OK myaccount.js Show response
myaccount.mweb.co.za/mwebcore/myaccount/scripts/ 12 KB
13 KB 1263ms
179ms Script
application/javascript 196.2.128.7
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.mweb.co.za/mwebcore/myaccount/scripts/myaccount.js
Requested by: Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: myaccount.mweb.co.za
Software: Apache-Coyote/1.1 /
Resource Hash: b018a4f7294eaf5e5a1cabc070df53e2844ba7cc43e83123312389a6375b0bc4

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 22 May 2019 18:07:43 GMT
Last-Modified: Tue, 21 May 2019 19:55:10 GMT
Server: Apache-Coyote/1.1
ETag: W/"12789-1558468510000"
Content-Type: application/javascript
Cache-Control: private
Accept-Ranges: bytes
Content-Length: 12789
Expires: Thu, 01 Jan 1970 02:00:00 SAST

GET
H/1.1 200
OK scripts.js Show response
myaccount.mweb.co.za/mwebcore/portal/scripts/ 4 KB
4 KB 1340ms
164ms Script
application/javascript 196.2.128.7
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.mweb.co.za/mwebcore/portal/scripts/scripts.js
Requested by: Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: myaccount.mweb.co.za
Software: Apache-Coyote/1.1 /
Resource Hash: 3fb8c215a377fc82c8528fe8aaeb0f749f8f7cab75ba818480c5c42b9687c235

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 22 May 2019 18:07:43 GMT
Last-Modified: Tue, 21 May 2019 19:55:10 GMT
Server: Apache-Coyote/1.1
ETag: W/"4047-1558468510000"
Content-Type: application/javascript
Cache-Control: private
Accept-Ranges: bytes
Content-Length: 4047
Expires: Thu, 01 Jan 1970 02:00:00 SAST

GET
H/1.1 200
OK ispa.png
myaccount.mweb.co.za/mwebcore/myaccount/images/ 962 B
1 KB 178ms
177ms Image
image/png 196.2.128.7
OPTINET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myaccount.mweb.co.za/mwebcore/myaccount/images/ispa.png
Requested by: Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: myaccount.mweb.co.za
Software: Apache-Coyote/1.1 /
Resource Hash: af57e894c878a60dd459e64f88a9cf27752cbad2b341d06cf8afb6548c1e2bdd

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 22 May 2019 18:07:43 GMT
Last-Modified: Tue, 21 May 2019 19:55:10 GMT
Server: Apache-Coyote/1.1
ETag: W/"962-1558468510000"
Content-Type: image/png
Cache-Control: private
Accept-Ranges: bytes
Content-Length: 962
Expires: Thu, 01 Jan 1970 02:00:00 SAST

GET
H/1.1 200
OK icode.png
myaccount.mweb.co.za/mwebcore/myaccount/images/ 1 KB
1 KB 178ms
177ms Image
image/png 196.2.128.7
OPTINET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myaccount.mweb.co.za/mwebcore/myaccount/images/icode.png
Requested by: Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: myaccount.mweb.co.za
Software: Apache-Coyote/1.1 /
Resource Hash: 76fe6b3e689e9eae484b8a75d5408eed23cbbcb6b3f414e8ebfab826e128f23c

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 22 May 2019 18:07:43 GMT
Last-Modified: Tue, 21 May 2019 19:55:10 GMT
Server: Apache-Coyote/1.1
ETag: W/"1179-1558468510000"
Content-Type: image/png
Cache-Control: private
Accept-Ranges: bytes
Content-Length: 1179
Expires: Thu, 01 Jan 1970 02:00:00 SAST

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 32 KB
11 KB 53ms
39ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/

Protocol

HTTP/1.1

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

173e05cb7fecee270d29de68d331f58f0150a94ead32b7262cd184a41cb53827

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Wed, 22 May 2019 18:07:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "174 / 599 of 1000 / last-modified: 1558474620"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 10586
X-XSS-Protection: 0
Expires: Wed, 22 May 2019 18:07:44 GMT

GET
H2 200 pubads_impl_2019051601.js Show response
securepubads.g.doubleclick.net/gpt/ 148 KB
54 KB 94ms
46ms Script
text/javascript 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019051601.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

sffe /

Resource Hash

59a7f48a8aee780fdcb4a0157e25b448e543bc4159b119e74dfd5c26c941b439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 22 May 2019 18:07:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 May 2019 13:06:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 55338
x-xss-protection: 0
expires: Wed, 22 May 2019 18:07:45 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ 113 B
178 B 18ms
15ms Script
application/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=savannahcoachworks-co-za.ga

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 22 May 2019 18:07:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 108
x-xss-protection: 0

GET
H/1.1 200
OK em.js Show response
za-cdn.effectivemeasure.net/ 388 B
902 B 57ms
7ms Script
text/javascript 2600:9000:200d:6c00:b:3c99:a880:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://za-cdn.effectivemeasure.net/em.js
Requested by: Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol: HTTP/1.1
Server: 2600:9000:200d:6c00:b:3c99:a880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdee1ce818db696fdef3ab7798694920c7b6b8f9056881dc2948567a74e4f43b

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: cDTYrQqyEJsNectORaKm_pO6thBDcw45
Via: 1.1 c76a5a41a8483a9e5dcccdfeb87a16ca.cloudfront.net (CloudFront)
Last-Modified: Mon, 25 Mar 2019 06:12:15 GMT
Server: AmazonS3
Age: 320839
ETag: "0a9543c241d2ac1929ce114827986668"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Date: Sun, 19 May 2019 01:01:00 GMT
Connection: keep-alive
Content-Length: 388
X-Amz-Cf-Id: GWBCYDUvYKPMuh8o2nR9E1zg9waPJXK7B5nw7gOCmAs6GlXtZAwA2g==

GET
H/1.1 200
OK gtm.js Show response
www.googletagmanager.com/ 216 KB
39 KB 40ms
17ms Script
application/javascript 2a00:1450:4001:81e::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagmanager.com/gtm.js?id=GTM-588RWD

Requested by

Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

87c0084fef169b102df602153fa4886ae961779ce85823994fb0384d866b3e51

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 22 May 2019 18:07:45 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 May 2019 20:21:51 GMT
Server: Google Tag Manager (scaffolding)
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: http://www.googletagmanager.com
Cache-Control: private, max-age=900
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Cache-Control
Content-Length: 39402
X-XSS-Protection: 0
Expires: Wed, 22 May 2019 18:07:45 GMT

GET
H/1.1 200
OK headerLogo.png
myaccount.mweb.co.za/mwebcore/myaccount/images/ 14 KB
14 KB 177ms
175ms Image
image/png 196.2.128.7
OPTINET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myaccount.mweb.co.za/mwebcore/myaccount/images/headerLogo.png
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019051601.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: myaccount.mweb.co.za
Software: Apache-Coyote/1.1 /
Resource Hash: e6c0227b26bffe1d3ca83c9aba627d551351c33cd4085a05aea774b2279028ab

Request headers

Referer: https://myaccount.mweb.co.za/mwebcore/myaccount/styles/myaccount.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 22 May 2019 18:07:44 GMT
Last-Modified: Tue, 21 May 2019 19:55:10 GMT
Server: Apache-Coyote/1.1
ETag: W/"13973-1558468510000"
Content-Type: image/png
Cache-Control: private
Accept-Ranges: bytes
Content-Length: 13973
Expires: Thu, 01 Jan 1970 02:00:00 SAST

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
929 B 123ms
122ms XHR
text/javascript 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1941860482819223&correlator=1562821039276739&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21061864%2C21062452%2C21063635&vrg=2019051601&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=0&sfv=1-0-33&ecs=20190522&iu_parts=8900%2CMWEB%2CWeb%2CSMI&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=1000x1000%2C728x90%2C300x250%2C300x250%2C1x1&ists=1&prev_scp=%7C%7Cposno%3D1%7Cposno%3D2%7C&cookie_enabled=1&bc=23&abxe=1&lmt=1558548465&dt=1558548465257&dlt=1558548462324&idt=2797&frm=20&biw=1585&bih=1200&oid=3&adxs=393%2C-9%2C-9%2C-9%2C-9&adys=190%2C-9%2C-9%2C-9%2C-9&adks=3473091005%2C1181912292%2C2566326130%2C2566326129%2C1051701767&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&dssz=18&icsg=42&std=0&csl=62&vis=1&scr_x=0&scr_y=0&psz=800x1120%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=1000x1000%7C0x-1%7C0x-1%7C0x-1%7C0x-1&blev=1&bisch=1&ga_vid=1200592162.1558548465&ga_sid=1558548465&ga_hid=387531869&fws=0%2C2%2C2%2C2%2C2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019051601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

e9653749f7e4f9f04f41e463f3f1e6bf85bd9eb8c5b6b4efb006037df100f6da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Origin: http://savannahcoachworks-co-za.ga

Response headers

date: Wed, 22 May 2019 18:07:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 374
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2,-2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://savannahcoachworks-co-za.ga
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019051601.js Show response
securepubads.g.doubleclick.net/gpt/ 65 KB
25 KB 49ms
47ms Script
text/javascript 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019051601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019051601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

sffe /

Resource Hash

b87092d2e9ee42f19dcd43da6fe826d1ef1889c789a901ca4c0a6bd9ab02f0eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 22 May 2019 18:07:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 May 2019 13:06:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 25074
x-xss-protection: 0
expires: Wed, 22 May 2019 18:07:45 GMT

GET
H/1.1 200
OK container.html
tpc.googlesyndication.com/safeframe/1-0-33/html/ 0
0 12ms
6ms Other
text/html 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019051601.js
Protocol: HTTP/1.1
Server: 2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

43 KB
17 KB

10ms
7ms

Script
text/javascript

2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 02 May 2019 01:33:03 GMT
server: Golfe2
age: 1249
date: Wed, 22 May 2019 17:46:56 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17779
expires: Wed, 22 May 2019 19:46:56 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2 200 tag.js Show response
t.effectivemeasure.net/ 40 KB
12 KB 75ms
17ms Script
text/javascript 54.192.203.107
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://t.effectivemeasure.net/tag.js?1558
Requested by: Host: za-cdn.effectivemeasure.net
URL: http://za-cdn.effectivemeasure.net/em.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.192.203.107 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-203-107.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a40e53f7de59b98680c6768266b5ac5b6ad9bb71ef63cae6d7788fddaad1ea05

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: HdydQdHrxcjzpHMsHbeBT57W6pogfIjk
content-encoding: gzip
last-modified: Mon, 25 Mar 2019 06:12:15 GMT
server: AmazonS3
age: 274700
date: Sun, 19 May 2019 13:49:27 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: public, max-age=604800
x-amz-cf-id: srJVqsHUpaee3LxXlFe7JnrdS1BfCjj87BHSgvwrmivphnpM9ntSvg==
via: 1.1 c2890b1d84d781704a34b9aa5c069d4e.cloudfront.net (CloudFront)

GET
H2

200

collect
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&...
https://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us...

35 B
101 B

24ms
19ms

Image
image/gif

2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAEAB~&jid=1223724438&gjid=202862832&cid=1200592162.1558548465&tid=UA-32716691-1&_gid=919297193.1558548465&_r=1&z=1625470823

Requested by

Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 May 2019 18:07:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAEAB~&jid=1223724438&gjid=202862832&cid=1200592162.1558548465&tid=UA-32716691-1&_gid=919297193.1558548465&_r=1&z=1625470823
Non-Authoritative-Reason: HSTS

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&...
https://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-32389807-1&cid=1200592162.1558548465&jid=368957090&_gid=919297193.1558548465&gjid=1587329934&_v=j75&z=834372535

35 B
102 B

20ms
19ms

Image
image/gif

2a00:1450:400c:c08::9b
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-32389807-1&cid=1200592162.1558548465&jid=368957090&_gid=919297193.1558548465&gjid=1587329934&_v=j75&z=834372535

Requested by

Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Wed, 22 May 2019 18:07:45 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 May 2019 18:07:45 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-32389807-1&cid=1200592162.1558548465&jid=368957090&_gid=919297193.1558548465&gjid=1587329934&_v=j75&z=834372535
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 417
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

linkid.js Show response
www.google-analytics.com/plugins/ua/
Redirect Chain

http://www.google-analytics.com/plugins/ua/linkid.js
https://www.google-analytics.com/plugins/ua/linkid.js

2 KB
947 B

8ms
7ms

Script
text/javascript

2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 22 May 2019 17:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2016 03:17:22 GMT
server: sffe
age: 3069
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 856
x-xss-protection: 0
expires: Wed, 22 May 2019 18:16:36 GMT

Redirect headers

Location: https://www.google-analytics.com/plugins/ua/linkid.js
Non-Authoritative-Reason: HSTS

GET
H2

200

ec.js Show response
www.google-analytics.com/plugins/ua/
Redirect Chain

http://www.google-analytics.com/plugins/ua/ec.js
https://www.google-analytics.com/plugins/ua/ec.js

3 KB
1 KB

7ms
6ms

Script
text/javascript

2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 22 May 2019 17:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2016 03:17:22 GMT
server: sffe
age: 3456
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1296
x-xss-protection: 0
expires: Wed, 22 May 2019 18:10:09 GMT

Redirect headers

Location: https://www.google-analytics.com/plugins/ua/ec.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK conversion_async.js Show response
www.googleadservices.com/pagead/ 23 KB
9 KB 61ms
24ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-588RWD

Protocol

HTTP/1.1

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

d1014dd86ebf5e5b98a0fdee2ff1a8cb6c30c2a4c2bfd3bc15b0aaa3a8dd93c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 22 May 2019 18:07:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 2606668133852809251
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 8870
X-XSS-Protection: 0
Expires: Wed, 22 May 2019 18:07:45 GMT

GET
H/1.1 200
OK uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 85ms
30ms Script
application/javascript 151.101.120.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-588RWD
Protocol: HTTP/1.1
Server: 151.101.120.157 Paris, France, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 22 May 2019 18:07:45 GMT
Content-Encoding: gzip
Age: 7195
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 1954
X-Served-By: cache-cdg20745-CDG
Last-Modified: Tue, 23 Jan 2018 19:05:33 GMT
X-Timer: S1558548466.528201,VS0,VE0
Etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
Vary: Accept-Encoding,Host
Content-Type: application/javascript; charset=utf-8
Via: 1.1 varnish
Cache-Control: no-cache
Accept-Ranges: bytes

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 54 KB
16 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

2da4bddb294dec8e9872bf3c62a19cc79557300ac8ae97da4ac318f58c6b3512

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 16355
x-xss-protection: 0
pragma: public
x-fb-debug: HU0Nlpil2i5axQXYmEg2r2OoOqEYio4CBE+I3uoYjFtkf0wMIsI4bjNBk/e69gB6vG5KxlcdyBsOy+gyMka3Dg==
date: Wed, 22 May 2019 18:07:45 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

activityi;dc_pre=CMjln73dr-ICFRrHdwodGhMJUg;src=4905605;type=mweb_0;cat=mweb-012;ord=5046650378238;gtm=2wg5f2;auiddc=1095445088.1558548465;u1=%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc7...
4905605.fls.doubleclick.net/ Frame E59D
Redirect Chain

http://4905605.fls.doubleclick.net/activityi;src=4905605;type=mweb_0;cat=mweb-012;ord=5046650378238;gtm=2wg5f2;auiddc=1095445088.1558548465;u1=%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc...
http://4905605.fls.doubleclick.net/activityi;dc_pre=CMjln73dr-ICFRrHdwodGhMJUg;src=4905605;type=mweb_0;cat=mweb-012;ord=5046650378238;gtm=2wg5f2;auiddc=1095445088.1558548465;u1=%2Fmyaccount%2Femail...

0
0

63ms
62ms

Document
text/html

172.217.18.102
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://4905605.fls.doubleclick.net/activityi;dc_pre=CMjln73dr-ICFRrHdwodGhMJUg;src=4905605;type=mweb_0;cat=mweb-012;ord=5046650378238;gtm=2wg5f2;auiddc=1095445088.1558548465;u1=%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F;u2=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F;~oref=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F?

Requested by

Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-588RWD

Protocol

HTTP/1.1

Server

172.217.18.102 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s42-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: 4905605.fls.doubleclick.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Accept-Encoding: gzip, deflate
Cookie: IDE=AHWqTUkCgwG7Kno0XeP5UG7Q4rYViuNYziLKlwPrOXz_XYMYaGPpe7shbNjvm4g3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/

Response headers

P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Date: Wed, 22 May 2019 18:07:46 GMT
Expires: Wed, 22 May 2019 18:07:46 GMT
Cache-Control: private, max-age=0
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 396
X-XSS-Protection: 0

Redirect headers

P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Date: Wed, 22 May 2019 18:07:45 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Follow-Only-When-Prerender-Shown: 1
Strict-Transport-Security: max-age=21600
Location: http://4905605.fls.doubleclick.net/activityi;dc_pre=CMjln73dr-ICFRrHdwodGhMJUg;src=4905605;type=mweb_0;cat=mweb-012;ord=5046650378238;gtm=2wg5f2;auiddc=1095445088.1558548465;u1=%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F;u2=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F;~oref=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F?
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 0
Set-Cookie: IDE=AHWqTUkCgwG7Kno0XeP5UG7Q4rYViuNYziLKlwPrOXz_XYMYaGPpe7shbNjvm4g3; expires=Mon, 15-Jun-2020 18:07:45 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT

GET
H/1.1 200
OK frame.494af32.html
t.effectivemeasure.net/ Frame 1475 0
0 43ms
16ms Document
text/html 54.192.203.2
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://t.effectivemeasure.net/frame.494af32.html
Requested by: Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1558
Protocol: HTTP/1.1
Server: 54.192.203.2 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-203-2.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Host: t.effectivemeasure.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/

Response headers

Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 25 Mar 2019 06:12:16 GMT
x-amz-version-id: g7jtY6M9rU81hWhcBvItFZ6TXvRE2ZLS
Server: AmazonS3
P3P: policyref="https://www.effectivemeasure.net/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
Content-Encoding: gzip
Date: Wed, 22 May 2019 06:36:13 GMT
Cache-Control: "public, max-age=31536000"
Vary: Accept-Encoding
Age: 60577
X-Cache: Hit from cloudfront
Via: 1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
X-Amz-Cf-Id: B4i38bHPvtsVmL9kcr-Op3WRJZ934q3Yp6lKpLLvWOJtrkSm4pAzLA==

GET
H2 200 1621298038114766 Show response
connect.facebook.net/signals/config/ 317 KB
90 KB 153ms
153ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1621298038114766?v=2.8.50&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

bd6e962a7c92dacf9efcf851f403ed3d35365c468ad8297fbb18b300bf866d5a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: L47GVdS5qXuJWJ4g4cwgaEkGpoY6hnsHn5t7dhsHqwH/sNwtwYCwVOwiYlRMHg6ZCfpU9drScXemYBpk8PtXJQ==
date: Wed, 22 May 2019 18:07:45 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/966096362/ 2 KB
1 KB 94ms
77ms Script
text/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/966096362/?random=1558548465689&cv=9&fst=1558548465689&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=0&url=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&tiba=My%20Email%20Login&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

33d16565c957736f4bc59ccd30c0a28c77868d071417f362afa1284cd5f7f3b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 May 2019 18:07:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 984
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/850038554/ 2 KB
1 KB 54ms
48ms Script
text/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/850038554/?random=1558548465699&cv=9&fst=1558548465699&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=0&url=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&tiba=My%20Email%20Login&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

17ca09cef4f60b0051b3255ad62a9869b144e44a3cfd036731f216f852921d3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 May 2019 18:07:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 983
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&...
https://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-51279388-1&cid=1200592162.1558548465&jid=1426904009&_gid=919297193.1558548465&gjid=827787956&_v=j75&z=457569554
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-1&cid=1200592162.1558548465&jid=1426904009&_v=j75&z=457569554
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-1&cid=1200592162.1558548465&jid=1426904009&_v=j75&z=457569554&slf_rd=1&random=1179711453

42 B
109 B

30ms
27ms

Image
image/gif

2a00:1450:4001:808::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-1&cid=1200592162.1558548465&jid=1426904009&_v=j75&z=457569554&slf_rd=1&random=1179711453

Requested by

Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 May 2019 18:07:46 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 May 2019 18:07:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-1&cid=1200592162.1558548465&jid=1426904009&_v=j75&z=457569554&slf_rd=1&random=1179711453
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de...
https://www.google-analytics.com/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&d...

35 B
122 B

19ms
8ms

Image
image/gif

2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=&gjid=&cid=1200592162.1558548465&tid=UA-51279388-1&_gid=919297193.1558548465&gtm=2wg5f2588RWD&z=2015039235

Requested by

Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2019 00:45:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6456112
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=&gjid=&cid=1200592162.1558548465&tid=UA-51279388-1&_gid=919297193.1558548465&gtm=2wg5f2588RWD&z=2015039235
Non-Authoritative-Reason: HSTS

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&...
https://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-51279388-5&cid=1200592162.1558548465&jid=889076641&_gid=919297193.1558548465&gjid=154171673&_v=j75&z=1274161219
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-5&cid=1200592162.1558548465&jid=889076641&_v=j75&z=1274161219
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-5&cid=1200592162.1558548465&jid=889076641&_v=j75&z=1274161219&slf_rd=1&random=1513840965

42 B
109 B

25ms
22ms

Image
image/gif

2a00:1450:4001:808::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-5&cid=1200592162.1558548465&jid=889076641&_v=j75&z=1274161219&slf_rd=1&random=1513840965

Requested by

Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 May 2019 18:07:46 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 May 2019 18:07:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-5&cid=1200592162.1558548465&jid=889076641&_v=j75&z=1274161219&slf_rd=1&random=1513840965
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

adsct
t.co/i/
Redirect Chain

http://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxho2&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxho2&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

43 B
170 B

138ms
138ms

Image
image/gif

104.244.42.69
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxho2&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 22 May 2019 18:07:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 110
pragma: no-cache
last-modified: Wed, 22 May 2019 18:07:46 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 9ffca98dfcf0891c3d277acdba2f937e
x-transaction: 001962bc005d70a9
expires: Tue, 31 Mar 1981 05:00:00 GMT

Redirect headers

location: https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxho2&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
x-response-time: 107
date: Wed, 22 May 2019 18:07:46 GMT
server: tsa_f
x-connection-hash: 49515d9bce53ed316fc0ed506461821b
content-length: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/850038554/ 42 B
120 B 42ms
23ms Image
image/gif 2a00:1450:4001:820::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/850038554/?random=1558548465699&cv=9&fst=1558548000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=0&url=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&tiba=My%20Email%20Login&async=1&fmt=3&cdct=2&is_vtc=1&random=576691006&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 May 2019 18:07:45 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/850038554/ 42 B
109 B 61ms
42ms Image
image/gif 2a00:1450:4001:808::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/850038554/?random=1558548465699&cv=9&fst=1558548000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=0&url=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&tiba=My%20Email%20Login&async=1&fmt=3&cdct=2&is_vtc=1&random=576691006&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 May 2019 18:07:45 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/966096362/ 42 B
120 B 45ms
27ms Image
image/gif 2a00:1450:4001:820::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/966096362/?random=1558548465689&cv=9&fst=1558548000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=0&url=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&tiba=My%20Email%20Login&async=1&fmt=3&cdct=2&is_vtc=1&random=940622520&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 May 2019 18:07:45 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/966096362/ 42 B
109 B 57ms
40ms Image
image/gif 2a00:1450:4001:808::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/966096362/?random=1558548465689&cv=9&fst=1558548000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=0&url=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&tiba=My%20Email%20Login&async=1&fmt=3&cdct=2&is_vtc=1&random=940622520&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 May 2019 18:07:45 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ 1 KB
919 B 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.50

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 772
x-xss-protection: 0
pragma: public
x-fb-debug: QaJCG3feHwnjTJNPPtsltFV4E4JTeFkmL0hZiD6C3DErbExPTQWswa4lCmQQhuV37r0tkE1BedY9vT2EYDAVOg==
date: Wed, 22 May 2019 18:07:46 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 301918573597990 Show response
connect.facebook.net/signals/config/ 317 KB
90 KB 124ms
122ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/301918573597990?v=2.8.50&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

7c4e48fafcdd53e960f5208716e2c61dbf64f9c7c32213e1f27a86e83a2776f3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: wLJG7b36l1UxJCWCPyZmPxXsmIqEQGgYqc4J1fw5ghZi22Zer4P13AkB+17ikfvhJwp+4j1S8y16hhQ4E004JA==
date: Wed, 22 May 2019 18:07:46 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
245 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1621298038114766&ev=PageView&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&rl=&if=false&ts=1558548466494&sw=1600&sh=1200&v=2.8.50&r=stable&ec=0&o=30&fbp=fb.1.1558548466489.119597943&it=1558548465660&coo=false&rqm=GET

Requested by

Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 22 May 2019 18:07:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 22 May 2019 18:07:46 GMT

GET
H/1.1 200
OK pixel
collector.effectivemeasure.net/ 43 B
296 B 109ms
43ms Image
image/gif 34.242.8.248
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://collector.effectivemeasure.net/pixel?et=pageview&ed=&vn=494af32&tz=0&pu=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&pr=&sh=1200&sw=1600&tt=My%20Email%20Login&t=1558548466536&vt=93986e5a-b136-4405-814e-be3c527c2d3c-16ae0ba4794-0e4bf9da&c3=1&vi=5b408a48-ec95-44f1-bee1-a19ccfeccc20-16ae0ba4792-09d7ce5f&du=0&dt=0&c1=1&pc=0
Requested by: Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol: HTTP/1.1
Server: 34.242.8.248 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-242-8-248.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 / Express
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 May 2019 18:07:46 GMT
Server: nginx/1.14.1
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
99 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=301918573597990&ev=PageView&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&rl=&if=false&ts=1558548466656&sw=1600&sh=1200&v=2.8.50&r=stable&ec=0&o=30&fbp=fb.1.1558548466489.119597943&it=1558548465660&coo=false&rqm=GET

Requested by

Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 22 May 2019 18:07:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 22 May 2019 18:07:46 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
268 B 147ms
147ms Script
application/javascript 104.244.42.195
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxho2&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F

Requested by

Host: static.ads-twitter.com
URL: http://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 22 May 2019 18:07:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 119
pragma: no-cache
last-modified: Wed, 22 May 2019 18:07:46 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e7ad40ab18f3891e75d5b059589341b1
x-transaction: 00606d6800b55094
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de...
https://www.google-analytics.com/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&d...

35 B
99 B

6ms
5ms

Image
image/gif

2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2019 00:45:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6456113
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=&gjid=&cid=1200592162.1558548465&tid=UA-51279388-1&_gid=919297193.1558548465&gtm=2wg5f2588RWD&z=679375846
Non-Authoritative-Reason: HSTS

GET
H2 200 /
www.facebook.com/tr/ 44 B
145 B 9ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1621298038114766&ev=Microdata&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&rl=&if=false&ts=1558548468011&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22My%20Email%20Login%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.50&r=stable&ec=1&o=30&fbp=fb.1.1558548466489.119597943&it=1558548465660&coo=false&es=automatic&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 22 May 2019 18:07:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 22 May 2019 18:07:48 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
99 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=301918573597990&ev=Microdata&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&rl=&if=false&ts=1558548468158&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22My%20Email%20Login%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.50&r=stable&ec=1&o=30&fbp=fb.1.1558548466489.119597943&it=1558548465660&coo=false&es=automatic&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 22 May 2019 18:07:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 22 May 2019 18:07:48 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 10:17:24	Name: IDE Value: AHWqTUkCgwG7Kno0XeP5UG7Q4rYViuNYziLKlwPrOXz_XYMYaGPpe7shbNjvm4g3
.savannahcoachworks-co-za.ga/	1970-01-19 00:55:50	Name: _em_ft Value: 1558548466535
.savannahcoachworks-co-za.ga/	1970-01-19 00:55:50	Name: _em_lt Value: 1558548466535
.savannahcoachworks-co-za.ga/	1970-01-19 00:55:50	Name: _em_c3 Value: 1
.savannahcoachworks-co-za.ga/	1970-01-19 00:55:50	Name: _em_pc Value: 1
.savannahcoachworks-co-za.ga/	1970-01-19 00:55:50	Name: _em_vi Value: 5b408a48-ec95-44f1-bee1-a19ccfeccc20-16ae0ba4792-09d7ce5f
.effectivemeasure.net/	1970-01-19 09:34:12	Name: vt Value: 93986e5a-b136-4405-814e-be3c527c2d3c-16ae0ba4794-0e4bf9da
.savannahcoachworks-co-za.ga/	1970-01-19 03:05:24	Name: _fbp Value: fb.1.1558548466489.119597943
.savannahcoachworks-co-za.ga/	1970-01-19 00:55:48	Name: _gat_UA-51279388-1 Value: 1
.savannahcoachworks-co-za.ga/	1970-01-19 00:55:48	Name: _gat_UA-51279388-5 Value: 1
.savannahcoachworks-co-za.ga/	1970-01-19 18:27:00	Name: __gads Value: ID=cf2e6f8216990c36:T=1558548465:S=ALNI_Mbu8mnlL6rRuVpjFGWCwdvnE0HZ9Q
.savannahcoachworks-co-za.ga/	1970-01-19 00:55:48	Name: _gat Value: 1
.savannahcoachworks-co-za.ga/	1970-01-19 09:34:12	Name: _em_vt Value: 93986e5a-b136-4405-814e-be3c527c2d3c-16ae0ba4794-0e4bf9da
.savannahcoachworks-co-za.ga/	1970-01-19 03:05:24	Name: _gcl_au Value: 1.1.1095445088.1558548465
.savannahcoachworks-co-za.ga/	1970-01-19 18:27:00	Name: _ga Value: GA1.2.1200592162.1558548465
.savannahcoachworks-co-za.ga/	1970-01-19 00:55:48	Name: _gat_overallTracker Value: 1
.savannahcoachworks-co-za.ga/	1970-01-19 00:57:14	Name: _gid Value: GA1.2.919297193.1558548465

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019051601.js(Line 1) Message: GPT synchronous rendering is no longer supported, ads will be requested and rendered asynchronously. See https://support.google.com/admanager/answer/9212594 for more details.
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 25) Message: [Facebook Pixel] - Duplicate Pixel ID: 301918573597990.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4905605.fls.doubleclick.net
adservice.google.de
analytics.twitter.com
collector.effectivemeasure.net
connect.facebook.net
googleads.g.doubleclick.net
myaccount.mweb.co.za
savannahcoachworks-co-za.ga
securepubads.g.doubleclick.net
static.ads-twitter.com
stats.g.doubleclick.net
t.co
t.effectivemeasure.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
za-cdn.effectivemeasure.net
104.244.42.195
104.244.42.5
104.244.42.69
111.90.150.231
151.101.120.157
172.217.16.162
172.217.18.102
172.217.22.66
196.2.128.7
2600:9000:200d:6c00:b:3c99:a880:93a1
2a00:1450:4001:808::2003
2a00:1450:4001:814::2001
2a00:1450:4001:817::2002
2a00:1450:4001:817::200e
2a00:1450:4001:819::2002
2a00:1450:4001:81e::2008
2a00:1450:4001:820::2004
2a00:1450:400c:c08::9b
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.242.8.248
54.192.203.107
54.192.203.2
00e83aa5f667c4ee219411f6cf6ba69a0746294f1753dba050f93259a48c2747
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
173e05cb7fecee270d29de68d331f58f0150a94ead32b7262cd184a41cb53827
17ca09cef4f60b0051b3255ad62a9869b144e44a3cfd036731f216f852921d3a
2da4bddb294dec8e9872bf3c62a19cc79557300ac8ae97da4ac318f58c6b3512
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
33d16565c957736f4bc59ccd30c0a28c77868d071417f362afa1284cd5f7f3b1
3fb8c215a377fc82c8528fe8aaeb0f749f8f7cab75ba818480c5c42b9687c235
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59a7f48a8aee780fdcb4a0157e25b448e543bc4159b119e74dfd5c26c941b439
6f6ff747d398937bbb894ee907858755b6a800a952993f8053197b9d5ca0a26a
6f83ebc7a31c0153f578a3407f43d2370c3a0ff271e86b33f1acf008c7356abd
75f39ab402b946f758c69c88a6e334554349c17f912180a9cae257353dcf2400
76fe6b3e689e9eae484b8a75d5408eed23cbbcb6b3f414e8ebfab826e128f23c
7c4e48fafcdd53e960f5208716e2c61dbf64f9c7c32213e1f27a86e83a2776f3
7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834e67fcf50c34f6214fa0e520e73a8305db5e3b1ee23235eb065aba0b53a089
87c0084fef169b102df602153fa4886ae961779ce85823994fb0384d866b3e51
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
a40e53f7de59b98680c6768266b5ac5b6ad9bb71ef63cae6d7788fddaad1ea05
a7a6de426780a73e047727676e7c100b064eb8a233dbc3c7884466ba42db5bd3
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af57e894c878a60dd459e64f88a9cf27752cbad2b341d06cf8afb6548c1e2bdd
b018a4f7294eaf5e5a1cabc070df53e2844ba7cc43e83123312389a6375b0bc4
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
b87092d2e9ee42f19dcd43da6fe826d1ef1889c789a901ca4c0a6bd9ab02f0eb
bd6e962a7c92dacf9efcf851f403ed3d35365c468ad8297fbb18b300bf866d5a
bdee1ce818db696fdef3ab7798694920c7b6b8f9056881dc2948567a74e4f43b
c90c676abfb92d38da509eff2fcca3ffec9caf00140c79d1542f006de2be976b
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
d1014dd86ebf5e5b98a0fdee2ff1a8cb6c30c2a4c2bfd3bc15b0aaa3a8dd93c2
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e6c0227b26bffe1d3ca83c9aba627d551351c33cd4085a05aea774b2279028ab
e9653749f7e4f9f04f41e463f3f1e6bf85bd9eb8c5b6b4efb006037df100f6da
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
febf051238d01475887907d23ce5eadb2179d9e573f099c50eb2e33de8392f3f

savannahcoachworks-co-za.ga Open in urlscan Pro 111.90.150.231 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

81 %HTTPS

48 %IPv6

16 Domains

22 Subdomains

22 IPs

7 Countries

748 kBTransfer

1641 kBSize

17 Cookies

9 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

savannahcoachworks-co-za.ga Open in urlscan Pro
111.90.150.231 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

81 %
HTTPS

48 %
IPv6

16
Domains

22
Subdomains

22
IPs

7
Countries

748 kB
Transfer

1641 kB
Size

17
Cookies

54 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!