savannahcoachworks-co-za.ga Open in urlscan Pro
111.90.150.231  Malicious Activity! Public Scan

URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Submission: On May 22 via automatic, source openphish

Summary

This website contacted 22 IPs in 7 countries across 16 domains to perform 54 HTTP transactions. The main IP is 111.90.150.231, located in Rwanda and belongs to SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY. The main domain is savannahcoachworks-co-za.ga.
This is the only time savannahcoachworks-co-za.ga was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

IP Address AS Autonomous System
1 2 111.90.150.231 45839 (SHINJIRU-...)
14 196.2.128.7 12258 (OPTINET)
1 2a00:1450:400... 15169 (GOOGLE)
3 172.217.22.66 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:200... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 9 2a00:1450:400... 15169 (GOOGLE)
1 54.192.203.107 16509 (AMAZON-02)
2 3 2a00:1450:400... 15169 (GOOGLE)
1 172.217.16.162 15169 (GOOGLE)
1 151.101.120.157 54113 (FASTLY)
4 2a03:2880:f01... 32934 (FACEBOOK)
1 2 172.217.18.102 15169 (GOOGLE)
1 54.192.203.2 16509 (AMAZON-02)
2 4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 1 104.244.42.5 13414 (TWITTER)
1 104.244.42.69 13414 (TWITTER)
4 2a03:2880:f11... 32934 (FACEBOOK)
1 34.242.8.248 16509 (AMAZON-02)
1 104.244.42.195 13414 (TWITTER)
54 22
Domain Requested by
14 myaccount.mweb.co.za savannahcoachworks-co-za.ga
securepubads.g.doubleclick.net
9 www.google-analytics.com 3 redirects savannahcoachworks-co-za.ga
4 www.facebook.com savannahcoachworks-co-za.ga
4 www.google.de savannahcoachworks-co-za.ga
4 www.google.com 2 redirects savannahcoachworks-co-za.ga
4 connect.facebook.net savannahcoachworks-co-za.ga
connect.facebook.net
3 stats.g.doubleclick.net 2 redirects savannahcoachworks-co-za.ga
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 t.co 1 redirects savannahcoachworks-co-za.ga
2 googleads.g.doubleclick.net www.googleadservices.com
2 4905605.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 t.effectivemeasure.net za-cdn.effectivemeasure.net
t.effectivemeasure.net
2 savannahcoachworks-co-za.ga 1 redirects
1 analytics.twitter.com static.ads-twitter.com
1 collector.effectivemeasure.net savannahcoachworks-co-za.ga
1 static.ads-twitter.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 tpc.googlesyndication.com securepubads.g.doubleclick.net
1 www.googletagmanager.com savannahcoachworks-co-za.ga
1 za-cdn.effectivemeasure.net savannahcoachworks-co-za.ga
1 adservice.google.de www.googletagservices.com
1 www.googletagservices.com savannahcoachworks-co-za.ga
54 22

This site contains links to these domains. Also see Links.

Domain
www.mweb.co.za
myaccount.ignite.co.za
myaccount.mweb.co.za
ispa.org.za
www.icode.org.za
Subject Issuer Validity Valid
myaccount.mweb.co.za
Entrust Certification Authority - L1K
2018-02-08 -
2020-02-08
2 years crt.sh
*.g.doubleclick.net
Google Internet Authority G3
2019-04-30 -
2019-07-23
3 months crt.sh
*.google.com
Google Internet Authority G3
2019-04-30 -
2019-07-23
3 months crt.sh
*.google-analytics.com
Google Internet Authority G3
2019-05-07 -
2019-07-30
3 months crt.sh
*.effectivemeasure.net
Amazon
2019-03-31 -
2020-04-30
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-04-22 -
2019-07-21
3 months crt.sh
www.google.de
Google Internet Authority G3
2019-04-30 -
2019-07-23
3 months crt.sh
t.co
DigiCert SHA2 High Assurance Server CA
2019-03-07 -
2020-03-07
a year crt.sh
www.google.com
Google Internet Authority G3
2019-04-30 -
2019-07-23
3 months crt.sh
*.twitter.com
DigiCert SHA2 High Assurance Server CA
2019-01-28 -
2020-01-28
a year crt.sh

This page contains 3 frames:

Primary Page: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Frame ID: 7277B51A727F122F9516004BD2CBA25C
Requests: 52 HTTP requests in this frame

Frame: http://4905605.fls.doubleclick.net/activityi;dc_pre=CMjln73dr-ICFRrHdwodGhMJUg;src=4905605;type=mweb_0;cat=mweb-012;ord=5046650378238;gtm=2wg5f2;auiddc=1095445088.1558548465;u1=%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F;u2=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F;~oref=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F
Frame ID: E59DF45DF99EF7FD5C6B34DBB646C36B
Requests: 1 HTTP requests in this frame

Frame: http://t.effectivemeasure.net/frame.494af32.html
Frame ID: 14754CACD1E2B6117E41224965DB9CC0
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b HTTP 301
    http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+(?:([\d.])+\/)?pure(?:-min)?\.css/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • env /^googletag$/i
  • env /^google_tag_manager$/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i
  • script /jquery-ui(?:-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery-ui.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery-ui(?:-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery-ui.*\.js/i

Page Statistics

54
Requests

81 %
HTTPS

48 %
IPv6

16
Domains

22
Subdomains

22
IPs

7
Countries

748 kB
Transfer

1641 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b HTTP 301
    http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 24
  • http://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAEAB~&jid=1223724438&gjid=202862832&cid=1200592162.1558548465&tid=UA-32716691-1&_gid=919297193.1558548465&_r=1&z=1625470823 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAEAB~&jid=1223724438&gjid=202862832&cid=1200592162.1558548465&tid=UA-32716691-1&_gid=919297193.1558548465&_r=1&z=1625470823
Request Chain 25
  • http://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAjAAEAB~&jid=368957090&gjid=1587329934&cid=1200592162.1558548465&tid=UA-32389807-1&_gid=919297193.1558548465&_r=1&z=834372535 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAjAAEAB~&jid=368957090&gjid=1587329934&cid=1200592162.1558548465&tid=UA-32389807-1&_gid=919297193.1558548465&_r=1&z=834372535 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-32389807-1&cid=1200592162.1558548465&jid=368957090&_gid=919297193.1558548465&gjid=1587329934&_v=j75&z=834372535
Request Chain 26
  • http://www.google-analytics.com/plugins/ua/linkid.js HTTP 307
  • https://www.google-analytics.com/plugins/ua/linkid.js
Request Chain 27
  • http://www.google-analytics.com/plugins/ua/ec.js HTTP 307
  • https://www.google-analytics.com/plugins/ua/ec.js
Request Chain 31
  • http://4905605.fls.doubleclick.net/activityi;src=4905605;type=mweb_0;cat=mweb-012;ord=5046650378238;gtm=2wg5f2;auiddc=1095445088.1558548465;u1=%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F;u2=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F;~oref=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F HTTP 302
  • http://4905605.fls.doubleclick.net/activityi;dc_pre=CMjln73dr-ICFRrHdwodGhMJUg;src=4905605;type=mweb_0;cat=mweb-012;ord=5046650378238;gtm=2wg5f2;auiddc=1095445088.1558548465;u1=%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F;u2=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F;~oref=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F
Request Chain 36
  • http://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=1426904009&gjid=827787956&cid=1200592162.1558548465&tid=UA-51279388-1&_gid=919297193.1558548465&_r=1&gtm=2wg5f2588RWD&z=457569554 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=1426904009&gjid=827787956&cid=1200592162.1558548465&tid=UA-51279388-1&_gid=919297193.1558548465&_r=1&gtm=2wg5f2588RWD&z=457569554 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-51279388-1&cid=1200592162.1558548465&jid=1426904009&_gid=919297193.1558548465&gjid=827787956&_v=j75&z=457569554 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-1&cid=1200592162.1558548465&jid=1426904009&_v=j75&z=457569554 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-1&cid=1200592162.1558548465&jid=1426904009&_v=j75&z=457569554&slf_rd=1&random=1179711453
Request Chain 37
  • http://www.google-analytics.com/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=&gjid=&cid=1200592162.1558548465&tid=UA-51279388-1&_gid=919297193.1558548465&gtm=2wg5f2588RWD&z=2015039235 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=&gjid=&cid=1200592162.1558548465&tid=UA-51279388-1&_gid=919297193.1558548465&gtm=2wg5f2588RWD&z=2015039235
Request Chain 38
  • http://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=889076641&gjid=154171673&cid=1200592162.1558548465&tid=UA-51279388-5&_gid=919297193.1558548465&_r=1&gtm=2wg5f2588RWD&z=1274161219 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=889076641&gjid=154171673&cid=1200592162.1558548465&tid=UA-51279388-5&_gid=919297193.1558548465&_r=1&gtm=2wg5f2588RWD&z=1274161219 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-51279388-5&cid=1200592162.1558548465&jid=889076641&_gid=919297193.1558548465&gjid=154171673&_v=j75&z=1274161219 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-5&cid=1200592162.1558548465&jid=889076641&_v=j75&z=1274161219 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-5&cid=1200592162.1558548465&jid=889076641&_v=j75&z=1274161219&slf_rd=1&random=1513840965
Request Chain 39
  • http://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxho2&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0 HTTP 301
  • https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxho2&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
Request Chain 50
  • http://www.google-analytics.com/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=&gjid=&cid=1200592162.1558548465&tid=UA-51279388-1&_gid=919297193.1558548465&gtm=2wg5f2588RWD&z=679375846 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=&gjid=&cid=1200592162.1558548465&tid=UA-51279388-1&_gid=919297193.1558548465&gtm=2wg5f2588RWD&z=679375846

54 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Redirect Chain
  • http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b
  • http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
10 KB
10 KB
Document
General
Full URL
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
HTTP/1.1
Server
111.90.150.231 , Rwanda, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
Apache /
Resource Hash
c90c676abfb92d38da509eff2fcca3ffec9caf00140c79d1542f006de2be976b

Request headers

Host
savannahcoachworks-co-za.ga
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 22 May 2019 18:07:42 GMT
Server
Apache
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Wed, 22 May 2019 18:07:41 GMT
Server
Apache
Location
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Content-Length
297
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
jquery-ui-1.8.20.custom.css
myaccount.mweb.co.za/mwebcore/myaccount/shared/external/jqueryui/css/smoothness/
25 KB
25 KB
Stylesheet
General
Full URL
https://myaccount.mweb.co.za/mwebcore/myaccount/shared/external/jqueryui/css/smoothness/jquery-ui-1.8.20.custom.css
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS
myaccount.mweb.co.za
Software
Apache-Coyote/1.1 /
Resource Hash
834e67fcf50c34f6214fa0e520e73a8305db5e3b1ee23235eb065aba0b53a089

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 22 May 2019 18:07:43 GMT
Last-Modified
Tue, 21 May 2019 19:55:10 GMT
Server
Apache-Coyote/1.1
ETag
W/"25378-1558468510000"
Content-Type
text/css
Cache-Control
private
Accept-Ranges
bytes
Content-Length
25378
Expires
Thu, 01 Jan 1970 02:00:00 SAST
chosen.css
myaccount.mweb.co.za/mwebcore/myaccount/shared/external/chosen/
14 KB
14 KB
Stylesheet
General
Full URL
https://myaccount.mweb.co.za/mwebcore/myaccount/shared/external/chosen/chosen.css
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS
myaccount.mweb.co.za
Software
Apache-Coyote/1.1 /
Resource Hash
6f83ebc7a31c0153f578a3407f43d2370c3a0ff271e86b33f1acf008c7356abd

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 22 May 2019 18:07:43 GMT
Last-Modified
Tue, 21 May 2019 19:55:10 GMT
Server
Apache-Coyote/1.1
ETag
W/"13898-1558468510000"
Content-Type
text/css
Cache-Control
private
Accept-Ranges
bytes
Content-Length
13898
Expires
Thu, 01 Jan 1970 02:00:00 SAST
pure-min.css
myaccount.mweb.co.za/mwebcore/shared/external/purecss/
17 KB
17 KB
Stylesheet
General
Full URL
https://myaccount.mweb.co.za/mwebcore/shared/external/purecss/pure-min.css
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS
myaccount.mweb.co.za
Software
Apache-Coyote/1.1 /
Resource Hash
00e83aa5f667c4ee219411f6cf6ba69a0746294f1753dba050f93259a48c2747

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 22 May 2019 18:07:43 GMT
Last-Modified
Tue, 21 May 2019 19:55:10 GMT
Server
Apache-Coyote/1.1
ETag
W/"17286-1558468510000"
Content-Type
text/css
Cache-Control
private
Accept-Ranges
bytes
Content-Length
17286
Expires
Thu, 01 Jan 1970 02:00:00 SAST
font-awesome.min.css
myaccount.mweb.co.za/mwebcore/myaccount/osu/assets/plugins/font-awesome/css/
17 KB
18 KB
Stylesheet
General
Full URL
https://myaccount.mweb.co.za/mwebcore/myaccount/osu/assets/plugins/font-awesome/css/font-awesome.min.css
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS
myaccount.mweb.co.za
Software
Apache-Coyote/1.1 /
Resource Hash
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 22 May 2019 18:07:43 GMT
Last-Modified
Tue, 21 May 2019 19:55:10 GMT
Server
Apache-Coyote/1.1
ETag
W/"17780-1558468510000"
Content-Type
text/css
Cache-Control
private
Accept-Ranges
bytes
Content-Length
17780
Expires
Thu, 01 Jan 1970 02:00:00 SAST
myaccount.css
myaccount.mweb.co.za/mwebcore/myaccount/styles/
42 KB
43 KB
Stylesheet
General
Full URL
https://myaccount.mweb.co.za/mwebcore/myaccount/styles/myaccount.css
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS
myaccount.mweb.co.za
Software
Apache-Coyote/1.1 /
Resource Hash
6f6ff747d398937bbb894ee907858755b6a800a952993f8053197b9d5ca0a26a

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 22 May 2019 18:07:43 GMT
Last-Modified
Tue, 21 May 2019 19:55:10 GMT
Server
Apache-Coyote/1.1
ETag
W/"43316-1558468510000"
Content-Type
text/css
Cache-Control
private
Accept-Ranges
bytes
Content-Length
43316
Expires
Thu, 01 Jan 1970 02:00:00 SAST
myaccount-login.css
myaccount.mweb.co.za/mwebcore/myaccount/styles/
1 KB
2 KB
Stylesheet
General
Full URL
https://myaccount.mweb.co.za/mwebcore/myaccount/styles/myaccount-login.css
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS
myaccount.mweb.co.za
Software
Apache-Coyote/1.1 /
Resource Hash
febf051238d01475887907d23ce5eadb2179d9e573f099c50eb2e33de8392f3f

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 22 May 2019 18:07:43 GMT
Last-Modified
Tue, 21 May 2019 19:55:10 GMT
Server
Apache-Coyote/1.1
ETag
W/"1262-1558468510000"
Content-Type
text/css
Cache-Control
private
Accept-Ranges
bytes
Content-Length
1262
Expires
Thu, 01 Jan 1970 02:00:00 SAST
jquery-1.7.2.min.js
myaccount.mweb.co.za/mwebcore/myaccount/scripts/
93 KB
93 KB
Script
General
Full URL
https://myaccount.mweb.co.za/mwebcore/myaccount/scripts/jquery-1.7.2.min.js
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS
myaccount.mweb.co.za
Software
Apache-Coyote/1.1 /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 22 May 2019 18:07:43 GMT
Last-Modified
Tue, 21 May 2019 19:55:10 GMT
Server
Apache-Coyote/1.1
ETag
W/"94840-1558468510000"
Content-Type
application/javascript
Cache-Control
private
Accept-Ranges
bytes
Content-Length
94840
Expires
Thu, 01 Jan 1970 02:00:00 SAST
jquery-ui-1.8.20.custom.min.js
myaccount.mweb.co.za/mwebcore/myaccount/shared/external/jqueryui/js/
97 KB
97 KB
Script
General
Full URL
https://myaccount.mweb.co.za/mwebcore/myaccount/shared/external/jqueryui/js/jquery-ui-1.8.20.custom.min.js
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS
myaccount.mweb.co.za
Software
Apache-Coyote/1.1 /
Resource Hash
a7a6de426780a73e047727676e7c100b064eb8a233dbc3c7884466ba42db5bd3

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 22 May 2019 18:07:43 GMT
Last-Modified
Tue, 21 May 2019 19:55:10 GMT
Server
Apache-Coyote/1.1
ETag
W/"98858-1558468510000"
Content-Type
application/javascript
Cache-Control
private
Accept-Ranges
bytes
Content-Length
98858
Expires
Thu, 01 Jan 1970 02:00:00 SAST
chosen.jquery.min.js
myaccount.mweb.co.za/mwebcore/myaccount/shared/external/chosen/
21 KB
21 KB
Script
General
Full URL
https://myaccount.mweb.co.za/mwebcore/myaccount/shared/external/chosen/chosen.jquery.min.js
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS
myaccount.mweb.co.za
Software
Apache-Coyote/1.1 /
Resource Hash
75f39ab402b946f758c69c88a6e334554349c17f912180a9cae257353dcf2400

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 22 May 2019 18:07:43 GMT
Last-Modified
Tue, 21 May 2019 19:55:10 GMT
Server
Apache-Coyote/1.1
ETag
W/"21601-1558468510000"
Content-Type
application/javascript
Cache-Control
private
Accept-Ranges
bytes
Content-Length
21601
Expires
Thu, 01 Jan 1970 02:00:00 SAST
myaccount.js
myaccount.mweb.co.za/mwebcore/myaccount/scripts/
12 KB
13 KB
Script
General
Full URL
https://myaccount.mweb.co.za/mwebcore/myaccount/scripts/myaccount.js
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS
myaccount.mweb.co.za
Software
Apache-Coyote/1.1 /
Resource Hash
b018a4f7294eaf5e5a1cabc070df53e2844ba7cc43e83123312389a6375b0bc4

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 22 May 2019 18:07:43 GMT
Last-Modified
Tue, 21 May 2019 19:55:10 GMT
Server
Apache-Coyote/1.1
ETag
W/"12789-1558468510000"
Content-Type
application/javascript
Cache-Control
private
Accept-Ranges
bytes
Content-Length
12789
Expires
Thu, 01 Jan 1970 02:00:00 SAST
scripts.js
myaccount.mweb.co.za/mwebcore/portal/scripts/
4 KB
4 KB
Script
General
Full URL
https://myaccount.mweb.co.za/mwebcore/portal/scripts/scripts.js
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS
myaccount.mweb.co.za
Software
Apache-Coyote/1.1 /
Resource Hash
3fb8c215a377fc82c8528fe8aaeb0f749f8f7cab75ba818480c5c42b9687c235

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 22 May 2019 18:07:43 GMT
Last-Modified
Tue, 21 May 2019 19:55:10 GMT
Server
Apache-Coyote/1.1
ETag
W/"4047-1558468510000"
Content-Type
application/javascript
Cache-Control
private
Accept-Ranges
bytes
Content-Length
4047
Expires
Thu, 01 Jan 1970 02:00:00 SAST
ispa.png
myaccount.mweb.co.za/mwebcore/myaccount/images/
962 B
1 KB
Image
General
Full URL
https://myaccount.mweb.co.za/mwebcore/myaccount/images/ispa.png
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS
myaccount.mweb.co.za
Software
Apache-Coyote/1.1 /
Resource Hash
af57e894c878a60dd459e64f88a9cf27752cbad2b341d06cf8afb6548c1e2bdd

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 22 May 2019 18:07:43 GMT
Last-Modified
Tue, 21 May 2019 19:55:10 GMT
Server
Apache-Coyote/1.1
ETag
W/"962-1558468510000"
Content-Type
image/png
Cache-Control
private
Accept-Ranges
bytes
Content-Length
962
Expires
Thu, 01 Jan 1970 02:00:00 SAST
icode.png
myaccount.mweb.co.za/mwebcore/myaccount/images/
1 KB
1 KB
Image
General
Full URL
https://myaccount.mweb.co.za/mwebcore/myaccount/images/icode.png
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS
myaccount.mweb.co.za
Software
Apache-Coyote/1.1 /
Resource Hash
76fe6b3e689e9eae484b8a75d5408eed23cbbcb6b3f414e8ebfab826e128f23c

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 22 May 2019 18:07:43 GMT
Last-Modified
Tue, 21 May 2019 19:55:10 GMT
Server
Apache-Coyote/1.1
ETag
W/"1179-1558468510000"
Content-Type
image/png
Cache-Control
private
Accept-Ranges
bytes
Content-Length
1179
Expires
Thu, 01 Jan 1970 02:00:00 SAST
gpt.js
www.googletagservices.com/tag/js/
32 KB
11 KB
Script
General
Full URL
http://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
HTTP/1.1
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
173e05cb7fecee270d29de68d331f58f0150a94ead32b7262cd184a41cb53827
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 22 May 2019 18:07:44 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"174 / 599 of 1000 / last-modified: 1558474620"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin
*
Content-Length
10586
X-XSS-Protection
0
Expires
Wed, 22 May 2019 18:07:44 GMT
pubads_impl_2019051601.js
securepubads.g.doubleclick.net/gpt/
148 KB
54 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019051601.js
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
sffe /
Resource Hash
59a7f48a8aee780fdcb4a0157e25b448e543bc4159b119e74dfd5c26c941b439
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 22 May 2019 18:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 16 May 2019 13:06:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
55338
x-xss-protection
0
expires
Wed, 22 May 2019 18:07:45 GMT
integrator.sync.js
adservice.google.de/adsid/
113 B
178 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.sync.js?domain=savannahcoachworks-co-za.ga
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 22 May 2019 18:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
108
x-xss-protection
0
em.js
za-cdn.effectivemeasure.net/
388 B
902 B
Script
General
Full URL
http://za-cdn.effectivemeasure.net/em.js
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
HTTP/1.1
Server
2600:9000:200d:6c00:b:3c99:a880:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdee1ce818db696fdef3ab7798694920c7b6b8f9056881dc2948567a74e4f43b

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id
cDTYrQqyEJsNectORaKm_pO6thBDcw45
Via
1.1 c76a5a41a8483a9e5dcccdfeb87a16ca.cloudfront.net (CloudFront)
Last-Modified
Mon, 25 Mar 2019 06:12:15 GMT
Server
AmazonS3
Age
320839
ETag
"0a9543c241d2ac1929ce114827986668"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Cache-Control
public, max-age=604800
Date
Sun, 19 May 2019 01:01:00 GMT
Connection
keep-alive
Content-Length
388
X-Amz-Cf-Id
GWBCYDUvYKPMuh8o2nR9E1zg9waPJXK7B5nw7gOCmAs6GlXtZAwA2g==
gtm.js
www.googletagmanager.com/
216 KB
39 KB
Script
General
Full URL
http://www.googletagmanager.com/gtm.js?id=GTM-588RWD
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
HTTP/1.1
Server
2a00:1450:4001:81e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
87c0084fef169b102df602153fa4886ae961779ce85823994fb0384d866b3e51
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 22 May 2019 18:07:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 May 2019 20:21:51 GMT
Server
Google Tag Manager (scaffolding)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
http://www.googletagmanager.com
Cache-Control
private, max-age=900
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Cache-Control
Content-Length
39402
X-XSS-Protection
0
Expires
Wed, 22 May 2019 18:07:45 GMT
headerLogo.png
myaccount.mweb.co.za/mwebcore/myaccount/images/
14 KB
14 KB
Image
General
Full URL
https://myaccount.mweb.co.za/mwebcore/myaccount/images/headerLogo.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019051601.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS
myaccount.mweb.co.za
Software
Apache-Coyote/1.1 /
Resource Hash
e6c0227b26bffe1d3ca83c9aba627d551351c33cd4085a05aea774b2279028ab

Request headers

Referer
https://myaccount.mweb.co.za/mwebcore/myaccount/styles/myaccount.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 22 May 2019 18:07:44 GMT
Last-Modified
Tue, 21 May 2019 19:55:10 GMT
Server
Apache-Coyote/1.1
ETag
W/"13973-1558468510000"
Content-Type
image/png
Cache-Control
private
Accept-Ranges
bytes
Content-Length
13973
Expires
Thu, 01 Jan 1970 02:00:00 SAST
ads
securepubads.g.doubleclick.net/gampad/
2 KB
929 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1941860482819223&correlator=1562821039276739&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21061864%2C21062452%2C21063635&vrg=2019051601&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=0&sfv=1-0-33&ecs=20190522&iu_parts=8900%2CMWEB%2CWeb%2CSMI&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=1000x1000%2C728x90%2C300x250%2C300x250%2C1x1&ists=1&prev_scp=%7C%7Cposno%3D1%7Cposno%3D2%7C&cookie_enabled=1&bc=23&abxe=1&lmt=1558548465&dt=1558548465257&dlt=1558548462324&idt=2797&frm=20&biw=1585&bih=1200&oid=3&adxs=393%2C-9%2C-9%2C-9%2C-9&adys=190%2C-9%2C-9%2C-9%2C-9&adks=3473091005%2C1181912292%2C2566326130%2C2566326129%2C1051701767&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&dssz=18&icsg=42&std=0&csl=62&vis=1&scr_x=0&scr_y=0&psz=800x1120%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=1000x1000%7C0x-1%7C0x-1%7C0x-1%7C0x-1&blev=1&bisch=1&ga_vid=1200592162.1558548465&ga_sid=1558548465&ga_hid=387531869&fws=0%2C2%2C2%2C2%2C2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019051601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
e9653749f7e4f9f04f41e463f3f1e6bf85bd9eb8c5b6b4efb006037df100f6da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Origin
http://savannahcoachworks-co-za.ga

Response headers

date
Wed, 22 May 2019 18:07:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
374
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
http://savannahcoachworks-co-za.ga
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019051601.js
securepubads.g.doubleclick.net/gpt/
65 KB
25 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019051601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019051601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
sffe /
Resource Hash
b87092d2e9ee42f19dcd43da6fe826d1ef1889c789a901ca4c0a6bd9ab02f0eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 22 May 2019 18:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 16 May 2019 13:06:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
25074
x-xss-protection
0
expires
Wed, 22 May 2019 18:07:45 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-33/html/
0
0
Other
General
Full URL
http://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019051601.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 May 2019 01:33:03 GMT
server
Golfe2
age
1249
date
Wed, 22 May 2019 17:46:56 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17779
expires
Wed, 22 May 2019 19:46:56 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
tag.js
t.effectivemeasure.net/
40 KB
12 KB
Script
General
Full URL
https://t.effectivemeasure.net/tag.js?1558
Requested by
Host: za-cdn.effectivemeasure.net
URL: http://za-cdn.effectivemeasure.net/em.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.203.107 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-203-107.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a40e53f7de59b98680c6768266b5ac5b6ad9bb71ef63cae6d7788fddaad1ea05

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id
HdydQdHrxcjzpHMsHbeBT57W6pogfIjk
content-encoding
gzip
last-modified
Mon, 25 Mar 2019 06:12:15 GMT
server
AmazonS3
age
274700
date
Sun, 19 May 2019 13:49:27 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
cache-control
public, max-age=604800
x-amz-cf-id
srJVqsHUpaee3LxXlFe7JnrdS1BfCjj87BHSgvwrmivphnpM9ntSvg==
via
1.1 c2890b1d84d781704a34b9aa5c069d4e.cloudfront.net (CloudFront)
collect
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&...
  • https://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us...
35 B
101 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAEAB~&jid=1223724438&gjid=202862832&cid=1200592162.1558548465&tid=UA-32716691-1&_gid=919297193.1558548465&_r=1&z=1625470823
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 May 2019 18:07:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAEAB~&jid=1223724438&gjid=202862832&cid=1200592162.1558548465&tid=UA-32716691-1&_gid=919297193.1558548465&_r=1&z=1625470823
Non-Authoritative-Reason
HSTS
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&...
  • https://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-32389807-1&cid=1200592162.1558548465&jid=368957090&_gid=919297193.1558548465&gjid=1587329934&_v=j75&z=834372535
35 B
102 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-32389807-1&cid=1200592162.1558548465&jid=368957090&_gid=919297193.1558548465&gjid=1587329934&_v=j75&z=834372535
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Wed, 22 May 2019 18:07:45 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 May 2019 18:07:45 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-32389807-1&cid=1200592162.1558548465&jid=368957090&_gid=919297193.1558548465&gjid=1587329934&_v=j75&z=834372535
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
417
expires
Fri, 01 Jan 1990 00:00:00 GMT
linkid.js
www.google-analytics.com/plugins/ua/
Redirect Chain
  • http://www.google-analytics.com/plugins/ua/linkid.js
  • https://www.google-analytics.com/plugins/ua/linkid.js
2 KB
947 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 22 May 2019 17:16:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
3069
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
856
x-xss-protection
0
expires
Wed, 22 May 2019 18:16:36 GMT

Redirect headers

Location
https://www.google-analytics.com/plugins/ua/linkid.js
Non-Authoritative-Reason
HSTS
ec.js
www.google-analytics.com/plugins/ua/
Redirect Chain
  • http://www.google-analytics.com/plugins/ua/ec.js
  • https://www.google-analytics.com/plugins/ua/ec.js
3 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 22 May 2019 17:10:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
3456
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1296
x-xss-protection
0
expires
Wed, 22 May 2019 18:10:09 GMT

Redirect headers

Location
https://www.google-analytics.com/plugins/ua/ec.js
Non-Authoritative-Reason
HSTS
conversion_async.js
www.googleadservices.com/pagead/
23 KB
9 KB
Script
General
Full URL
http://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-588RWD
Protocol
HTTP/1.1
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
cafe /
Resource Hash
d1014dd86ebf5e5b98a0fdee2ff1a8cb6c30c2a4c2bfd3bc15b0aaa3a8dd93c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 22 May 2019 18:07:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
2606668133852809251
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
8870
X-XSS-Protection
0
Expires
Wed, 22 May 2019 18:07:45 GMT
uwt.js
static.ads-twitter.com/
5 KB
2 KB
Script
General
Full URL
http://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-588RWD
Protocol
HTTP/1.1
Server
151.101.120.157 Paris, France, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 22 May 2019 18:07:45 GMT
Content-Encoding
gzip
Age
7195
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Connection
keep-alive
Content-Length
1954
X-Served-By
cache-cdg20745-CDG
Last-Modified
Tue, 23 Jan 2018 19:05:33 GMT
X-Timer
S1558548466.528201,VS0,VE0
Etag
"b7b33882a4f3ffd5cbf07434f3137166+gzip"
Vary
Accept-Encoding,Host
Content-Type
application/javascript; charset=utf-8
Via
1.1 varnish
Cache-Control
no-cache
Accept-Ranges
bytes
fbevents.js
connect.facebook.net/en_US/
54 KB
16 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
2da4bddb294dec8e9872bf3c62a19cc79557300ac8ae97da4ac318f58c6b3512
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
16355
x-xss-protection
0
pragma
public
x-fb-debug
HU0Nlpil2i5axQXYmEg2r2OoOqEYio4CBE+I3uoYjFtkf0wMIsI4bjNBk/e69gB6vG5KxlcdyBsOy+gyMka3Dg==
date
Wed, 22 May 2019 18:07:45 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
activityi;dc_pre=CMjln73dr-ICFRrHdwodGhMJUg;src=4905605;type=mweb_0;cat=mweb-012;ord=5046650378238;gtm=2wg5f2;auiddc=1095445088.1558548465;u1=%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc7...
4905605.fls.doubleclick.net/ Frame E59D
Redirect Chain
  • http://4905605.fls.doubleclick.net/activityi;src=4905605;type=mweb_0;cat=mweb-012;ord=5046650378238;gtm=2wg5f2;auiddc=1095445088.1558548465;u1=%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc...
  • http://4905605.fls.doubleclick.net/activityi;dc_pre=CMjln73dr-ICFRrHdwodGhMJUg;src=4905605;type=mweb_0;cat=mweb-012;ord=5046650378238;gtm=2wg5f2;auiddc=1095445088.1558548465;u1=%2Fmyaccount%2Femail...
0
0
Document
General
Full URL
http://4905605.fls.doubleclick.net/activityi;dc_pre=CMjln73dr-ICFRrHdwodGhMJUg;src=4905605;type=mweb_0;cat=mweb-012;ord=5046650378238;gtm=2wg5f2;auiddc=1095445088.1558548465;u1=%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F;u2=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F;~oref=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F?
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-588RWD
Protocol
HTTP/1.1
Server
172.217.18.102 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s42-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Host
4905605.fls.doubleclick.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Accept-Encoding
gzip, deflate
Cookie
IDE=AHWqTUkCgwG7Kno0XeP5UG7Q4rYViuNYziLKlwPrOXz_XYMYaGPpe7shbNjvm4g3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/

Response headers

P3P
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin
*
Date
Wed, 22 May 2019 18:07:46 GMT
Expires
Wed, 22 May 2019 18:07:46 GMT
Cache-Control
private, max-age=0
Strict-Transport-Security
max-age=21600
Content-Type
text/html; charset=UTF-8
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Server
cafe
Content-Length
396
X-XSS-Protection
0

Redirect headers

P3P
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin
*
Date
Wed, 22 May 2019 18:07:45 GMT
Pragma
no-cache
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control
no-cache, must-revalidate
Follow-Only-When-Prerender-Shown
1
Strict-Transport-Security
max-age=21600
Location
http://4905605.fls.doubleclick.net/activityi;dc_pre=CMjln73dr-ICFRrHdwodGhMJUg;src=4905605;type=mweb_0;cat=mweb-012;ord=5046650378238;gtm=2wg5f2;auiddc=1095445088.1558548465;u1=%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F;u2=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F;~oref=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F?
Content-Type
text/html; charset=UTF-8
X-Content-Type-Options
nosniff
Server
cafe
Content-Length
0
X-XSS-Protection
0
Set-Cookie
IDE=AHWqTUkCgwG7Kno0XeP5UG7Q4rYViuNYziLKlwPrOXz_XYMYaGPpe7shbNjvm4g3; expires=Mon, 15-Jun-2020 18:07:45 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
frame.494af32.html
t.effectivemeasure.net/ Frame 1475
0
0
Document
General
Full URL
http://t.effectivemeasure.net/frame.494af32.html
Requested by
Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1558
Protocol
HTTP/1.1
Server
54.192.203.2 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-203-2.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Host
t.effectivemeasure.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/

Response headers

Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 25 Mar 2019 06:12:16 GMT
x-amz-version-id
g7jtY6M9rU81hWhcBvItFZ6TXvRE2ZLS
Server
AmazonS3
P3P
policyref="https://www.effectivemeasure.net/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
Content-Encoding
gzip
Date
Wed, 22 May 2019 06:36:13 GMT
Cache-Control
"public, max-age=31536000"
Vary
Accept-Encoding
Age
60577
X-Cache
Hit from cloudfront
Via
1.1 8cd0e1b054d4e5083057646da4909e74.cloudfront.net (CloudFront)
X-Amz-Cf-Id
B4i38bHPvtsVmL9kcr-Op3WRJZ934q3Yp6lKpLLvWOJtrkSm4pAzLA==
1621298038114766
connect.facebook.net/signals/config/
317 KB
90 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1621298038114766?v=2.8.50&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
bd6e962a7c92dacf9efcf851f403ed3d35365c468ad8297fbb18b300bf866d5a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
L47GVdS5qXuJWJ4g4cwgaEkGpoY6hnsHn5t7dhsHqwH/sNwtwYCwVOwiYlRMHg6ZCfpU9drScXemYBpk8PtXJQ==
date
Wed, 22 May 2019 18:07:45 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/966096362/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/966096362/?random=1558548465689&cv=9&fst=1558548465689&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=0&url=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&tiba=My%20Email%20Login&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
33d16565c957736f4bc59ccd30c0a28c77868d071417f362afa1284cd5f7f3b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 May 2019 18:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
984
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/850038554/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/850038554/?random=1558548465699&cv=9&fst=1558548465699&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=0&url=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&tiba=My%20Email%20Login&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
17ca09cef4f60b0051b3255ad62a9869b144e44a3cfd036731f216f852921d3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 May 2019 18:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
983
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&...
  • https://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-51279388-1&cid=1200592162.1558548465&jid=1426904009&_gid=919297193.1558548465&gjid=827787956&_v=j75&z=457569554
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-1&cid=1200592162.1558548465&jid=1426904009&_v=j75&z=457569554
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-1&cid=1200592162.1558548465&jid=1426904009&_v=j75&z=457569554&slf_rd=1&random=1179711453
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-1&cid=1200592162.1558548465&jid=1426904009&_v=j75&z=457569554&slf_rd=1&random=1179711453
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 May 2019 18:07:46 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 May 2019 18:07:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-1&cid=1200592162.1558548465&jid=1426904009&_v=j75&z=457569554&slf_rd=1&random=1179711453
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de...
  • https://www.google-analytics.com/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&d...
35 B
122 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=&gjid=&cid=1200592162.1558548465&tid=UA-51279388-1&_gid=919297193.1558548465&gtm=2wg5f2588RWD&z=2015039235
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2019 00:45:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
6456112
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=&gjid=&cid=1200592162.1558548465&tid=UA-51279388-1&_gid=919297193.1558548465&gtm=2wg5f2588RWD&z=2015039235
Non-Authoritative-Reason
HSTS
ga-audiences
www.google.de/ads/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&...
  • https://www.google-analytics.com/r/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-51279388-5&cid=1200592162.1558548465&jid=889076641&_gid=919297193.1558548465&gjid=154171673&_v=j75&z=1274161219
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-5&cid=1200592162.1558548465&jid=889076641&_v=j75&z=1274161219
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-5&cid=1200592162.1558548465&jid=889076641&_v=j75&z=1274161219&slf_rd=1&random=1513840965
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-5&cid=1200592162.1558548465&jid=889076641&_v=j75&z=1274161219&slf_rd=1&random=1513840965
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 May 2019 18:07:46 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 May 2019 18:07:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-5&cid=1200592162.1558548465&jid=889076641&_v=j75&z=1274161219&slf_rd=1&random=1513840965
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
t.co/i/
Redirect Chain
  • http://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxho2&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
  • https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxho2&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
43 B
170 B
Image
General
Full URL
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxho2&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 22 May 2019 18:07:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=0
content-length
65
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
110
pragma
no-cache
last-modified
Wed, 22 May 2019 18:07:46 GMT
server
tsa_f
x-frame-options
SAMEORIGIN
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
9ffca98dfcf0891c3d277acdba2f937e
x-transaction
001962bc005d70a9
expires
Tue, 31 Mar 1981 05:00:00 GMT

Redirect headers

location
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxho2&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
x-response-time
107
date
Wed, 22 May 2019 18:07:46 GMT
server
tsa_f
x-connection-hash
49515d9bce53ed316fc0ed506461821b
content-length
0
/
www.google.com/pagead/1p-user-list/850038554/
42 B
120 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/850038554/?random=1558548465699&cv=9&fst=1558548000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=0&url=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&tiba=My%20Email%20Login&async=1&fmt=3&cdct=2&is_vtc=1&random=576691006&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 May 2019 18:07:45 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/850038554/
42 B
109 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/850038554/?random=1558548465699&cv=9&fst=1558548000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=0&url=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&tiba=My%20Email%20Login&async=1&fmt=3&cdct=2&is_vtc=1&random=576691006&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 May 2019 18:07:45 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/966096362/
42 B
120 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/966096362/?random=1558548465689&cv=9&fst=1558548000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=0&url=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&tiba=My%20Email%20Login&async=1&fmt=3&cdct=2&is_vtc=1&random=940622520&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 May 2019 18:07:45 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/966096362/
42 B
109 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/966096362/?random=1558548465689&cv=9&fst=1558548000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=0&url=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&tiba=My%20Email%20Login&async=1&fmt=3&cdct=2&is_vtc=1&random=940622520&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 May 2019 18:07:45 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
inferredEvents.js
connect.facebook.net/signals/plugins/
1 KB
919 B
Script
General
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.50
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
772
x-xss-protection
0
pragma
public
x-fb-debug
QaJCG3feHwnjTJNPPtsltFV4E4JTeFkmL0hZiD6C3DErbExPTQWswa4lCmQQhuV37r0tkE1BedY9vT2EYDAVOg==
date
Wed, 22 May 2019 18:07:46 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
301918573597990
connect.facebook.net/signals/config/
317 KB
90 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/301918573597990?v=2.8.50&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
7c4e48fafcdd53e960f5208716e2c61dbf64f9c7c32213e1f27a86e83a2776f3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
wLJG7b36l1UxJCWCPyZmPxXsmIqEQGgYqc4J1fw5ghZi22Zer4P13AkB+17ikfvhJwp+4j1S8y16hhQ4E004JA==
date
Wed, 22 May 2019 18:07:46 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
245 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1621298038114766&ev=PageView&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&rl=&if=false&ts=1558548466494&sw=1600&sh=1200&v=2.8.50&r=stable&ec=0&o=30&fbp=fb.1.1558548466489.119597943&it=1558548465660&coo=false&rqm=GET
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 22 May 2019 18:07:46 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 22 May 2019 18:07:46 GMT
pixel
collector.effectivemeasure.net/
43 B
296 B
Image
General
Full URL
http://collector.effectivemeasure.net/pixel?et=pageview&ed=&vn=494af32&tz=0&pu=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&pr=&sh=1200&sw=1600&tt=My%20Email%20Login&t=1558548466536&vt=93986e5a-b136-4405-814e-be3c527c2d3c-16ae0ba4794-0e4bf9da&c3=1&vi=5b408a48-ec95-44f1-bee1-a19ccfeccc20-16ae0ba4792-09d7ce5f&du=0&dt=0&c1=1&pc=0
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
HTTP/1.1
Server
34.242.8.248 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-242-8-248.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.1 / Express
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 May 2019 18:07:46 GMT
Server
nginx/1.14.1
X-Powered-By
Express
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
www.facebook.com/tr/
44 B
99 B
Image
General
Full URL
https://www.facebook.com/tr/?id=301918573597990&ev=PageView&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&rl=&if=false&ts=1558548466656&sw=1600&sh=1200&v=2.8.50&r=stable&ec=0&o=30&fbp=fb.1.1558548466489.119597943&it=1558548465660&coo=false&rqm=GET
Requested by
Host: savannahcoachworks-co-za.ga
URL: http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 22 May 2019 18:07:46 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 22 May 2019 18:07:46 GMT
adsct
analytics.twitter.com/i/
31 B
268 B
Script
General
Full URL
https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxho2&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F
Requested by
Host: static.ads-twitter.com
URL: http://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_f /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 22 May 2019 18:07:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
119
pragma
no-cache
last-modified
Wed, 22 May 2019 18:07:46 GMT
server
tsa_f
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
e7ad40ab18f3891e75d5b059589341b1
x-transaction
00606d6800b55094
expires
Tue, 31 Mar 1981 05:00:00 GMT
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de...
  • https://www.google-analytics.com/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&d...
35 B
99 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=&gjid=&cid=1200592162.1558548465&tid=UA-51279388-1&_gid=919297193.1558548465&gtm=2wg5f2588RWD&z=679375846
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2019 00:45:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
6456113
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j75&a=387531869&t=pageview&_s=1&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=&gjid=&cid=1200592162.1558548465&tid=UA-51279388-1&_gid=919297193.1558548465&gtm=2wg5f2588RWD&z=679375846
Non-Authoritative-Reason
HSTS
/
www.facebook.com/tr/
44 B
145 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1621298038114766&ev=Microdata&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&rl=&if=false&ts=1558548468011&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22My%20Email%20Login%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.50&r=stable&ec=1&o=30&fbp=fb.1.1558548466489.119597943&it=1558548465660&coo=false&es=automatic&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 22 May 2019 18:07:48 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 22 May 2019 18:07:48 GMT
/
www.facebook.com/tr/
44 B
99 B
Image
General
Full URL
https://www.facebook.com/tr/?id=301918573597990&ev=Microdata&dl=http%3A%2F%2Fsavannahcoachworks-co-za.ga%2Fmyaccount%2Femail.mweb%2F82b6cb9d295af2f71f9dc62efc79894b%2F&rl=&if=false&ts=1558548468158&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22My%20Email%20Login%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.50&r=stable&ec=1&o=30&fbp=fb.1.1558548466489.119597943&it=1558548465660&coo=false&es=automatic&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://savannahcoachworks-co-za.ga/myaccount/email.mweb/82b6cb9d295af2f71f9dc62efc79894b/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 22 May 2019 18:07:48 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 22 May 2019 18:07:48 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| DP_jQuery_1558548464894 function| SelectParser function| AbstractChosen function| get_side_border_padding function| gbl_signin function| browser_sniffer object| objB function| getElementById object| BrowserDetect function| CurrentYear number| randomnumber function| fncMakeBlockAd object| googletag object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleTokenSync undefined| google_measure_js_timing boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id object| dataLayer number| google_unique_id object| google_reactive_ads_global_state object| gaGlobal string| GoogleAnalyticsObject function| ga string| em_ns function| _em object| google_tag_manager object| google_tag_data object| gaplugins object| gaData function| twq function| fbq function| _fbq function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| __google_ad_urls object| __core-js_shared__ object| core object| em_pixels object| em_event_emitter function| getTag object| em_tag function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| twttr

17 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUkCgwG7Kno0XeP5UG7Q4rYViuNYziLKlwPrOXz_XYMYaGPpe7shbNjvm4g3
.savannahcoachworks-co-za.ga/ Name: _em_ft
Value: 1558548466535
.savannahcoachworks-co-za.ga/ Name: _em_lt
Value: 1558548466535
.savannahcoachworks-co-za.ga/ Name: _em_c3
Value: 1
.savannahcoachworks-co-za.ga/ Name: _em_pc
Value: 1
.savannahcoachworks-co-za.ga/ Name: _em_vi
Value: 5b408a48-ec95-44f1-bee1-a19ccfeccc20-16ae0ba4792-09d7ce5f
.effectivemeasure.net/ Name: vt
Value: 93986e5a-b136-4405-814e-be3c527c2d3c-16ae0ba4794-0e4bf9da
.savannahcoachworks-co-za.ga/ Name: _fbp
Value: fb.1.1558548466489.119597943
.savannahcoachworks-co-za.ga/ Name: _gat_UA-51279388-1
Value: 1
.savannahcoachworks-co-za.ga/ Name: _gat_UA-51279388-5
Value: 1
.savannahcoachworks-co-za.ga/ Name: __gads
Value: ID=cf2e6f8216990c36:T=1558548465:S=ALNI_Mbu8mnlL6rRuVpjFGWCwdvnE0HZ9Q
.savannahcoachworks-co-za.ga/ Name: _gat
Value: 1
.savannahcoachworks-co-za.ga/ Name: _em_vt
Value: 93986e5a-b136-4405-814e-be3c527c2d3c-16ae0ba4794-0e4bf9da
.savannahcoachworks-co-za.ga/ Name: _gcl_au
Value: 1.1.1095445088.1558548465
.savannahcoachworks-co-za.ga/ Name: _ga
Value: GA1.2.1200592162.1558548465
.savannahcoachworks-co-za.ga/ Name: _gat_overallTracker
Value: 1
.savannahcoachworks-co-za.ga/ Name: _gid
Value: GA1.2.919297193.1558548465

2 Console Messages

Source Level URL
Text
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019051601.js(Line 1)
Message:
GPT synchronous rendering is no longer supported, ads will be requested and rendered asynchronously. See https://support.google.com/admanager/answer/9212594 for more details.
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 25)
Message:
[Facebook Pixel] - Duplicate Pixel ID: 301918573597990.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4905605.fls.doubleclick.net
adservice.google.de
analytics.twitter.com
collector.effectivemeasure.net
connect.facebook.net
googleads.g.doubleclick.net
myaccount.mweb.co.za
savannahcoachworks-co-za.ga
securepubads.g.doubleclick.net
static.ads-twitter.com
stats.g.doubleclick.net
t.co
t.effectivemeasure.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
za-cdn.effectivemeasure.net
104.244.42.195
104.244.42.5
104.244.42.69
111.90.150.231
151.101.120.157
172.217.16.162
172.217.18.102
172.217.22.66
196.2.128.7
2600:9000:200d:6c00:b:3c99:a880:93a1
2a00:1450:4001:808::2003
2a00:1450:4001:814::2001
2a00:1450:4001:817::2002
2a00:1450:4001:817::200e
2a00:1450:4001:819::2002
2a00:1450:4001:81e::2008
2a00:1450:4001:820::2004
2a00:1450:400c:c08::9b
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.242.8.248
54.192.203.107
54.192.203.2
00e83aa5f667c4ee219411f6cf6ba69a0746294f1753dba050f93259a48c2747
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
173e05cb7fecee270d29de68d331f58f0150a94ead32b7262cd184a41cb53827
17ca09cef4f60b0051b3255ad62a9869b144e44a3cfd036731f216f852921d3a
2da4bddb294dec8e9872bf3c62a19cc79557300ac8ae97da4ac318f58c6b3512
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
33d16565c957736f4bc59ccd30c0a28c77868d071417f362afa1284cd5f7f3b1
3fb8c215a377fc82c8528fe8aaeb0f749f8f7cab75ba818480c5c42b9687c235
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59a7f48a8aee780fdcb4a0157e25b448e543bc4159b119e74dfd5c26c941b439
6f6ff747d398937bbb894ee907858755b6a800a952993f8053197b9d5ca0a26a
6f83ebc7a31c0153f578a3407f43d2370c3a0ff271e86b33f1acf008c7356abd
75f39ab402b946f758c69c88a6e334554349c17f912180a9cae257353dcf2400
76fe6b3e689e9eae484b8a75d5408eed23cbbcb6b3f414e8ebfab826e128f23c
7c4e48fafcdd53e960f5208716e2c61dbf64f9c7c32213e1f27a86e83a2776f3
7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834e67fcf50c34f6214fa0e520e73a8305db5e3b1ee23235eb065aba0b53a089
87c0084fef169b102df602153fa4886ae961779ce85823994fb0384d866b3e51
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
a40e53f7de59b98680c6768266b5ac5b6ad9bb71ef63cae6d7788fddaad1ea05
a7a6de426780a73e047727676e7c100b064eb8a233dbc3c7884466ba42db5bd3
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af57e894c878a60dd459e64f88a9cf27752cbad2b341d06cf8afb6548c1e2bdd
b018a4f7294eaf5e5a1cabc070df53e2844ba7cc43e83123312389a6375b0bc4
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
b87092d2e9ee42f19dcd43da6fe826d1ef1889c789a901ca4c0a6bd9ab02f0eb
bd6e962a7c92dacf9efcf851f403ed3d35365c468ad8297fbb18b300bf866d5a
bdee1ce818db696fdef3ab7798694920c7b6b8f9056881dc2948567a74e4f43b
c90c676abfb92d38da509eff2fcca3ffec9caf00140c79d1542f006de2be976b
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
d1014dd86ebf5e5b98a0fdee2ff1a8cb6c30c2a4c2bfd3bc15b0aaa3a8dd93c2
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e6c0227b26bffe1d3ca83c9aba627d551351c33cd4085a05aea774b2279028ab
e9653749f7e4f9f04f41e463f3f1e6bf85bd9eb8c5b6b4efb006037df100f6da
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
febf051238d01475887907d23ce5eadb2179d9e573f099c50eb2e33de8392f3f