URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card...
Submission Tags: @phish_report
Submission: On September 13 via api from FI — Scanned from FI

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 60 HTTP transactions. The main IP is 41.185.8.245, located in South Africa and belongs to ZA-1-Grid, ZA. The main domain is westganzi.mom.
TLS certificate: Issued by cPanel, Inc. Certification Authority on September 11th 2023. Valid for: 3 months.
This is the only time westganzi.mom was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
35 westganzi.mom
westganzi.mom
274 KB
12 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 44
region1.google-analytics.com — Cisco Umbrella Rank: 2288
95 KB
4 fnb.co.za
www.online.fnb.co.za — Cisco Umbrella Rank: 828348
7 KB
3 google.no
www.google.no — Cisco Umbrella Rank: 25416
625 B
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
googleads.g.doubleclick.net — Cisco Umbrella Rank: 47
2 KB
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2787
www.google.com — Cisco Umbrella Rank: 2
1 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 63
273 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 186
52 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 151
2 KB
60 9
Domain Requested by
35 westganzi.mom westganzi.mom
11 www.google-analytics.com 1 redirects westganzi.mom
4 www.online.fnb.co.za westganzi.mom
3 www.google.no westganzi.mom
3 www.googletagmanager.com westganzi.mom
www.googletagmanager.com
2 www.google.com 2 redirects
2 stats.g.doubleclick.net 1 redirects www.googletagmanager.com
1 googleads.g.doubleclick.net 1 redirects
1 region1.analytics.google.com www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 connect.facebook.net westganzi.mom
1 www.googleadservices.com www.googletagmanager.com
60 12

This site contains links to these domains. Also see Links.

Domain
www.fnb.co.za
Subject Issuer Validity Valid
westganzi.mom
cPanel, Inc. Certification Authority
2023-09-11 -
2023-12-10
3 months crt.sh
www.fnb.co.za
Entrust Certification Authority - L1M
2023-05-08 -
2024-06-07
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-06-23 -
2023-09-21
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
*.google.no
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh

This page contains 3 frames:

Primary Page: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Frame ID: A539D9A4087C61B3D9F77805E39C0B72
Requests: 35 HTTP requests in this frame

Frame: https://westganzi.mom/4ecab54ecab45/Online%20Banking_files/blankpage.html
Frame ID: 606E2481660CE830B39E03232E02B391
Requests: 1 HTTP requests in this frame

Frame: https://westganzi.mom/4ecab54ecab45/Online%20Banking_files/ga_bridge.html
Frame ID: B338BAA16C374F22147F012B3CF67CB5
Requests: 24 HTTP requests in this frame

Screenshot

Page Title

Online Banking

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

60
Requests

97 %
HTTPS

73 %
IPv6

9
Domains

12
Subdomains

9
IPs

4
Countries

704 kB
Transfer

2182 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/923716104/?random=1366368107&cv=11&fst=1694632792599&bg=ffffff&guid=ON&async=1&gtm=45He39b0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwestganzi.mom%2F4ecab54ecab45%2FxvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php%3FUsername%3D&ref=https%3A%2F%2Fwestganzi.mom%2F4ecab54ecab45%2FxvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php%3FUsername%3D&label=OexWCMTv8b0DEIiUu7gD&hn=www.googleadservices.com&frm=1&value=0&auid=1246134713.1694632792&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=WAsCZc-uM6ih78EP-pyWuAc&sscte=1&crd=CKG4sQI&eitems=ChEI8LuFqAYQttCFgbT67sOqARIdAPHyXTB_GJARb4EAJpLhInuhsOpvXU8KAZW89HM&pscrd=Ek9DaEVJOEx1RnFBWVE3SXl5alpfQ3NKVF9BUkltQUFvdkRSd3E1dEVCQ2FaTEszbXlfSENfOFdLcnFqVVNXZ1RSaGVFSE5ZeVZtWVg0Y2JnGlpDaEVJOEx1RnFBWVF5X255akpEeGhhM0RBUkl1QVBPWlhWQ3lzbHVZUWhUREJKLUhqMlN6WGw5UVh4MDAyYUx3S0R3eDZlYzdMMlZiWlB4R0lWRnNHRWZlanciEwjPupGNp6iBAxWo0DsCHXqOBXc HTTP 302
  • https://www.google.com/pagead/1p-conversion/923716104/?random=1366368107&cv=11&fst=1694632792599&bg=ffffff&guid=ON&async=1&gtm=45He39b0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwestganzi.mom%2F4ecab54ecab45%2FxvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php%3FUsername%3D&ref=https%3A%2F%2Fwestganzi.mom%2F4ecab54ecab45%2FxvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php%3FUsername%3D&label=OexWCMTv8b0DEIiUu7gD&hn=www.googleadservices.com&frm=1&value=0&auid=1246134713.1694632792&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKG4sQI&pscrd=Ek9DaEVJOEx1RnFBWVE3SXl5alpfQ3NKVF9BUkltQUFvdkRSd3E1dEVCQ2FaTEszbXlfSENfOFdLcnFqVVNXZ1RSaGVFSE5ZeVZtWVg0Y2JnGlpDaEVJOEx1RnFBWVF5X255akpEeGhhM0RBUkl1QVBPWlhWQ3lzbHVZUWhUREJKLUhqMlN6WGw5UVh4MDAyYUx3S0R3eDZlYzdMMlZiWlB4R0lWRnNHRWZlanciEwjPupGNp6iBAxWo0DsCHXqOBXc&is_vtc=1&ocp_id=WAsCZc-uM6ih78EP-pyWuAc&eitems=ChEI8LuFqAYQttCFgbT67sOqARIdAPHyXTAgTzNXjOHNI2Y6EejxYh556FtQ_UR4cNQ&random=148226521 HTTP 302
  • https://www.google.no/pagead/1p-conversion/923716104/?random=1366368107&cv=11&fst=1694632792599&bg=ffffff&guid=ON&async=1&gtm=45He39b0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwestganzi.mom%2F4ecab54ecab45%2FxvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php%3FUsername%3D&ref=https%3A%2F%2Fwestganzi.mom%2F4ecab54ecab45%2FxvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php%3FUsername%3D&label=OexWCMTv8b0DEIiUu7gD&hn=www.googleadservices.com&frm=1&value=0&auid=1246134713.1694632792&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKG4sQI&pscrd=Ek9DaEVJOEx1RnFBWVE3SXl5alpfQ3NKVF9BUkltQUFvdkRSd3E1dEVCQ2FaTEszbXlfSENfOFdLcnFqVVNXZ1RSaGVFSE5ZeVZtWVg0Y2JnGlpDaEVJOEx1RnFBWVF5X255akpEeGhhM0RBUkl1QVBPWlhWQ3lzbHVZUWhUREJKLUhqMlN6WGw5UVh4MDAyYUx3S0R3eDZlYzdMMlZiWlB4R0lWRnNHRWZlanciEwjPupGNp6iBAxWo0DsCHXqOBXc&is_vtc=1&ocp_id=WAsCZc-uM6ih78EP-pyWuAc&eitems=ChEI8LuFqAYQttCFgbT67sOqARIdAPHyXTAgTzNXjOHNI2Y6EejxYh556FtQ_UR4cNQ&random=148226521&ipr=y
Request Chain 51
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=282485442&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwestganzi.mom%2F4ecab54ecab45%2FOnline%2520Banking_files%2Fga_bridge.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=Scroll%20Depth&ea=%2F4ecab54ecab45%2FOnline%2520Banking_files%2Fga_bridge.html&el=25&ev=0&_u=aGDAAEADU~&jid=186359947&gjid=1395624566&cid=1604470240.1694632792&tid=UA-5815571-8&_gid=798657888.1694632792&_r=1&gtm=2wg941KH76K8&cd1=1604470240.1694632792&z=2026615396 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5815571-8&cid=1604470240.1694632792&jid=186359947&_gid=798657888.1694632792&gjid=1395624566&_v=j79&z=2026615396 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5815571-8&cid=1604470240.1694632792&jid=186359947&_v=j79&z=2026615396 HTTP 302
  • https://www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5815571-8&cid=1604470240.1694632792&jid=186359947&_v=j79&z=2026615396&slf_rd=1&random=2357719449

60 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php
westganzi.mom/4ecab54ecab45/
44 KB
9 KB
Document
General
Full URL
https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx / PHP/5.6.40
Resource Hash
965c714278688607c70a6866f276170fb155db6a9f6c3b1be0826a0add10ae52

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
8834
content-type
text/html; charset=UTF-8
date
Wed, 13 Sep 2023 19:19:50 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/5.6.40
x-turbo-charged-by
LiteSpeed
reset.css
westganzi.mom/4ecab54ecab45/ebucks-rewards_files/
1 KB
890 B
Stylesheet
General
Full URL
https://westganzi.mom/4ecab54ecab45/ebucks-rewards_files/reset.css
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
c190330a5ba709d97f6d2bc4a40f60dee9e99c4af9e906c7df22898c6945a9d9

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:51 GMT
content-encoding
br
last-modified
Fri, 15 Nov 2019 06:08:42 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
496
expires
Wed, 20 Sep 2023 19:19:51 GMT
initials_combined.css
westganzi.mom/4ecab54ecab45/ebucks-rewards_files/
45 KB
9 KB
Stylesheet
General
Full URL
https://westganzi.mom/4ecab54ecab45/ebucks-rewards_files/initials_combined.css
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
5f3fcd835ce63ee79223ba7894c8997ebb29b0d51662350695585bbc9ebfa47e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:51 GMT
content-encoding
br
last-modified
Fri, 15 Nov 2019 06:08:42 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
8520
expires
Wed, 20 Sep 2023 19:19:51 GMT
frame_combined.css
westganzi.mom/4ecab54ecab45/ebucks-rewards_files/
15 KB
3 KB
Stylesheet
General
Full URL
https://westganzi.mom/4ecab54ecab45/ebucks-rewards_files/frame_combined.css
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
bd1879ddf5566fac5cb6da123531ea880c4ef2325ecdb14f096e96eafc4ba432

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:51 GMT
content-encoding
br
last-modified
Fri, 15 Nov 2019 06:08:42 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
3042
expires
Wed, 20 Sep 2023 19:19:51 GMT
forms_combined.css
westganzi.mom/4ecab54ecab45/ebucks-rewards_files/
38 KB
7 KB
Stylesheet
General
Full URL
https://westganzi.mom/4ecab54ecab45/ebucks-rewards_files/forms_combined.css
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
d70b2437043890e166b4ccdd263de560424b957dccd5d244c601dc06a10507d1

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:51 GMT
content-encoding
br
last-modified
Fri, 15 Nov 2019 06:08:42 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
6316
expires
Wed, 20 Sep 2023 19:19:51 GMT
markup_combined.css
westganzi.mom/4ecab54ecab45/ebucks-rewards_files/
16 KB
3 KB
Stylesheet
General
Full URL
https://westganzi.mom/4ecab54ecab45/ebucks-rewards_files/markup_combined.css
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
6641533ea642ceea235b8091b17f4fb2ea4b2b90c5cf3fb8373a596c2eddd094

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:51 GMT
content-encoding
br
last-modified
Fri, 15 Nov 2019 06:08:42 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
2822
expires
Wed, 20 Sep 2023 19:19:51 GMT
utils_combined.css
westganzi.mom/4ecab54ecab45/ebucks-rewards_files/
36 KB
7 KB
Stylesheet
General
Full URL
https://westganzi.mom/4ecab54ecab45/ebucks-rewards_files/utils_combined.css
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
1623b3486d1a6d83c620d57229ec894b6c984c200a4237c57877ba73bb06daac

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:51 GMT
content-encoding
br
last-modified
Fri, 15 Nov 2019 06:08:42 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
6270
expires
Wed, 20 Sep 2023 19:19:51 GMT
instantSales.css
westganzi.mom/4ecab54ecab45/ebucks-rewards_files/
17 KB
3 KB
Stylesheet
General
Full URL
https://westganzi.mom/4ecab54ecab45/ebucks-rewards_files/instantSales.css
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
5df5e2df58451fd5fe182895bee45dbd9c65792bbf93203362f7ab70ca81a5f7

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:51 GMT
content-encoding
br
last-modified
Fri, 15 Nov 2019 06:08:42 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
2884
expires
Wed, 20 Sep 2023 19:19:51 GMT
final_combined.css
westganzi.mom/4ecab54ecab45/ebucks-rewards_files/
853 B
624 B
Stylesheet
General
Full URL
https://westganzi.mom/4ecab54ecab45/ebucks-rewards_files/final_combined.css
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
c9553327130e497d2e9685c74851ffeac2c23d33998d47818c552ab2ecddb84c

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:51 GMT
content-encoding
br
last-modified
Fri, 15 Nov 2019 06:08:42 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
230
expires
Wed, 20 Sep 2023 19:19:51 GMT
skin.css
westganzi.mom/4ecab54ecab45/ebucks-rewards_files/
12 KB
3 KB
Stylesheet
General
Full URL
https://westganzi.mom/4ecab54ecab45/ebucks-rewards_files/skin.css
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
9b2d90fd246736c8c795a54f84ee67f7b1ace8b672308f7da17ef99fd13b7180

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:51 GMT
content-encoding
br
last-modified
Fri, 15 Nov 2019 06:08:42 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
2691
expires
Wed, 20 Sep 2023 19:19:51 GMT
icons.css
westganzi.mom/4ecab54ecab45/ebucks-rewards_files/
98 KB
11 KB
Stylesheet
General
Full URL
https://westganzi.mom/4ecab54ecab45/ebucks-rewards_files/icons.css
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
2c409f409e226d9627a73788ebb7075d2aac225fc32b627e0817cc8ac1a58ad0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:51 GMT
content-encoding
br
last-modified
Fri, 15 Nov 2019 06:08:42 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
10498
expires
Wed, 20 Sep 2023 19:19:51 GMT
stylesheet_002.css
westganzi.mom/4ecab54ecab45/ebucks-rewards_files/
3 KB
758 B
Stylesheet
General
Full URL
https://westganzi.mom/4ecab54ecab45/ebucks-rewards_files/stylesheet_002.css
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
9f2f49f02ef060ef019df5cdce2b25365d89bd5ad3bebd460c8db54e3af7320a

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:51 GMT
content-encoding
br
last-modified
Fri, 15 Nov 2019 06:08:42 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
364
expires
Wed, 20 Sep 2023 19:19:51 GMT
dashBoardLayout.css
westganzi.mom/4ecab54ecab45/ebucks-rewards_files/
5 KB
1 KB
Stylesheet
General
Full URL
https://westganzi.mom/4ecab54ecab45/ebucks-rewards_files/dashBoardLayout.css
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
af7f1b0834d98245ad0ed6eebc023e3c583d289921f3306e142ec196935f683e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:51 GMT
content-encoding
br
last-modified
Fri, 15 Nov 2019 06:08:42 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
995
expires
Wed, 20 Sep 2023 19:19:51 GMT
reset_002.css
westganzi.mom/4ecab54ecab45/ebucks-rewards_files/
920 B
847 B
Stylesheet
General
Full URL
https://westganzi.mom/4ecab54ecab45/ebucks-rewards_files/reset_002.css
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
a3645b11132dd905d0bf1131bce0da3debce080dcf805f917a947d6c73e96350

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:51 GMT
content-encoding
br
last-modified
Fri, 15 Nov 2019 06:08:42 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
453
expires
Wed, 20 Sep 2023 19:19:51 GMT
topMenu.css
westganzi.mom/4ecab54ecab45/ebucks-rewards_files/
5 KB
2 KB
Stylesheet
General
Full URL
https://westganzi.mom/4ecab54ecab45/ebucks-rewards_files/topMenu.css
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
8bebf7da93d1297de1b66bbd2f12efda07a0cdff503d4809696643cc4be0fd75

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:51 GMT
content-encoding
br
last-modified
Fri, 15 Nov 2019 06:08:42 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1304
expires
Wed, 20 Sep 2023 19:19:51 GMT
core.css
westganzi.mom/4ecab54ecab45/ebucks-rewards_files/
184 KB
34 KB
Stylesheet
General
Full URL
https://westganzi.mom/4ecab54ecab45/ebucks-rewards_files/core.css
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
41b88e2de50153634651fbae3bead31d89a469955593d45776be466cd0c97aa3

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:51 GMT
content-encoding
br
last-modified
Fri, 15 Nov 2019 06:08:42 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
34273
expires
Wed, 20 Sep 2023 19:19:51 GMT
nonGlobal.css
westganzi.mom/4ecab54ecab45/ebucks-rewards_files/
22 KB
5 KB
Stylesheet
General
Full URL
https://westganzi.mom/4ecab54ecab45/ebucks-rewards_files/nonGlobal.css
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
9c83c5a306aa168493c67f809fa030f3e43868748306b47c73b33346c79b242c

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:51 GMT
content-encoding
br
last-modified
Fri, 15 Nov 2019 06:08:42 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
5161
expires
Wed, 20 Sep 2023 19:19:51 GMT
print.css
westganzi.mom/4ecab54ecab45/ebucks-rewards_files/
18 KB
4 KB
Stylesheet
General
Full URL
https://westganzi.mom/4ecab54ecab45/ebucks-rewards_files/print.css
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
770f85165e765e17bb4fe7b1b18f942e3a4194825326038a2acf25b8ed12f053

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:51 GMT
content-encoding
br
last-modified
Fri, 15 Nov 2019 06:08:42 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
3700
expires
Wed, 20 Sep 2023 19:19:51 GMT
mobile.css
westganzi.mom/4ecab54ecab45/ebucks-rewards_files/
315 B
583 B
Stylesheet
General
Full URL
https://westganzi.mom/4ecab54ecab45/ebucks-rewards_files/mobile.css
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:51 GMT
content-encoding
br
last-modified
Fri, 15 Nov 2019 06:08:42 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
189
expires
Wed, 20 Sep 2023 19:19:51 GMT
stylesheet.css
westganzi.mom/4ecab54ecab45/ebucks-rewards_files/
4 KB
681 B
Stylesheet
General
Full URL
https://westganzi.mom/4ecab54ecab45/ebucks-rewards_files/stylesheet.css
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
83e8b1885442e959b06d9dba3a43af5866af1965f6a79c604f587ec6dbb32569

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:51 GMT
content-encoding
br
last-modified
Fri, 15 Nov 2019 06:08:42 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
287
expires
Wed, 20 Sep 2023 19:19:51 GMT
jquery.css
westganzi.mom/4ecab54ecab45/ebucks-rewards_files/
508 B
647 B
Stylesheet
General
Full URL
https://westganzi.mom/4ecab54ecab45/ebucks-rewards_files/jquery.css
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
19dbb085d719a24a541c85d34d9800f3136b07b65bf6038e7f11f0157ff048ca

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:51 GMT
content-encoding
br
last-modified
Fri, 15 Nov 2019 06:08:42 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
253
expires
Wed, 20 Sep 2023 19:19:51 GMT
applet.css
westganzi.mom/4ecab54ecab45/ebucks-rewards_files/
149 B
522 B
Stylesheet
General
Full URL
https://westganzi.mom/4ecab54ecab45/ebucks-rewards_files/applet.css
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
0b978a7900b1ea0965aa1eaffb657fe7175e14439f74ca127906754992684bea

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:51 GMT
last-modified
Fri, 15 Nov 2019 06:08:42 GMT
server
nginx
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
149
expires
Wed, 20 Sep 2023 19:19:51 GMT
jquery.min.js
westganzi.mom/4ecab54ecab45/ebucks-rewards_files/
95 KB
33 KB
Script
General
Full URL
https://westganzi.mom/4ecab54ecab45/ebucks-rewards_files/jquery.min.js
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:51 GMT
content-encoding
br
last-modified
Fri, 15 Nov 2019 06:08:44 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
32851
expires
Wed, 20 Sep 2023 19:19:51 GMT
none.php
westganzi.mom/4ecab54ecab45/ebucks-rewards_files/
7 KB
2 KB
Script
General
Full URL
https://westganzi.mom/4ecab54ecab45/ebucks-rewards_files/none.php
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx / PHP/5.6.40
Resource Hash
31a4bcb881fd4f9e40e1e4431f0f55f8ca5be0a1bd17e498b3da1a6897af0d0a

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:51 GMT
content-encoding
br
server
nginx
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
x-turbo-charged-by
LiteSpeed
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1552
print-logo.jpg
westganzi.mom/4ecab54ecab45/Online%20Banking_files/
11 KB
11 KB
Image
General
Full URL
https://westganzi.mom/4ecab54ecab45/Online%20Banking_files/print-logo.jpg
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
7ce488a49ee0c7d38c742d530ed163266899cb6e83f8a63a03de4dd7078c3e80

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:51 GMT
last-modified
Fri, 13 Sep 2019 09:19:30 GMT
server
nginx
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
11110
expires
Wed, 20 Sep 2023 19:19:51 GMT
mark.png
westganzi.mom/4ecab54ecab45/
778 B
1 KB
Image
General
Full URL
https://westganzi.mom/4ecab54ecab45/mark.png
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
03360e2229e27725405eb79db637399f3d96792ce0595adba70fc40ea02486aa

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:51 GMT
last-modified
Wed, 18 Sep 2019 12:33:42 GMT
server
nginx
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
778
expires
Wed, 20 Sep 2023 19:19:51 GMT
tick.JPG
westganzi.mom/4ecab54ecab45/
8 KB
8 KB
Image
General
Full URL
https://westganzi.mom/4ecab54ecab45/tick.JPG
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
8a279ecd289dec3ca7d8910f9b942ad787d5c72d70bdedc2b097f2c2d3c8cbf3

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:51 GMT
last-modified
Fri, 13 Sep 2019 10:07:52 GMT
server
nginx
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
8303
expires
Wed, 20 Sep 2023 19:19:51 GMT
confirm.png
westganzi.mom/4ecab54ecab45/
60 KB
61 KB
Image
General
Full URL
https://westganzi.mom/4ecab54ecab45/confirm.png
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
50402915f33f8a4d7e02b43f804185ab5c77619aa637b0284fab4beba55c9b56

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:51 GMT
last-modified
Sat, 14 Sep 2019 08:55:40 GMT
server
nginx
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
61662
expires
Wed, 20 Sep 2023 19:19:51 GMT
init.js
westganzi.mom/4ecab54ecab45/Online%20Banking_files/
723 B
583 B
Script
General
Full URL
https://westganzi.mom/4ecab54ecab45/Online%20Banking_files/init.js
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
076c7efc87c1b71f280205e1f993ec26d104df08dcd13aee7a77897f2971beca

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:51 GMT
content-encoding
br
last-modified
Fri, 13 Sep 2019 09:19:30 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
175
expires
Wed, 20 Sep 2023 19:19:51 GMT
blankpage.html
westganzi.mom/4ecab54ecab45/Online%20Banking_files/ Frame 606E
108 B
427 B
Document
General
Full URL
https://westganzi.mom/4ecab54ecab45/Online%20Banking_files/blankpage.html
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
ad3cc24a66bae714bcb1536ba2be070d636f61bbdfedf1e66de4d2a610a4f9e1

Request headers

Referer
https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
108
content-type
text/html
date
Wed, 13 Sep 2023 19:19:51 GMT
last-modified
Fri, 13 Sep 2019 09:19:30 GMT
server
nginx
x-turbo-charged-by
LiteSpeed
settings.png
www.online.fnb.co.za/banking/00Assets/skins/00/images/0new/
1 KB
2 KB
Image
General
Full URL
https://www.online.fnb.co.za/banking/00Assets/skins/00/images/0new/settings.png?v=12345678
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/ebucks-rewards_files/initials_combined.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
196.11.125.155 , South Africa, ASN37028 (FNBCONNECT, ZA),
Reverse DNS
www.online.fnb.co.za
Software
IIS / Sun One
Resource Hash
f61309b5ff0c44dc567d72ce14e72ef151c88a5397a27dc1b131c8cc77272993
Security Headers
Name Value
Content-Security-Policy frame-src 'self' data: application/pdf *.ebucks.com authentication.cardinalcommerce.com *.google.com *.vimeo.com *.fnbbotswana.co.bw 9689447.fls.doubleclick.net *.vodacomcreditcard.co.za *.fnbconnect.co.za *.rmb.co.za:10443 *.fnbswaziland.co.sz:10443 *.fnbtanzania.co.tz:10443 *.fnbzambia.co.zm:10443 *.firstnationalbank.com.gh:10443 *.fnb.co.ls:10443 *.fnbci.co.uk:10443 *.fnbnamibia.com.na:10443 *.rmbprivatebank.com:10443 *.fnb.co.za:10443 *.rmb.co.za *.fnbswaziland.co.sz *.fnbtanzania.co.tz *.google.com *.gstatic.com *.fnbzambia.co.zm msgfnb.bankserv.co.za *.firstnationalbank.com.gh *.fnb.co.ls *.fnbci.co.uk *.fnbnamibia.com.na *.id.opendns.com *.rmbprivatebank.com *.fnb.co.za;
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Security-Policy
frame-src 'self' data: application/pdf *.ebucks.com authentication.cardinalcommerce.com *.google.com *.vimeo.com *.fnbbotswana.co.bw 9689447.fls.doubleclick.net *.vodacomcreditcard.co.za *.fnbconnect.co.za *.rmb.co.za:10443 *.fnbswaziland.co.sz:10443 *.fnbtanzania.co.tz:10443 *.fnbzambia.co.zm:10443 *.firstnationalbank.com.gh:10443 *.fnb.co.ls:10443 *.fnbci.co.uk:10443 *.fnbnamibia.com.na:10443 *.rmbprivatebank.com:10443 *.fnb.co.za:10443 *.rmb.co.za *.fnbswaziland.co.sz *.fnbtanzania.co.tz *.google.com *.gstatic.com *.fnbzambia.co.zm msgfnb.bankserv.co.za *.firstnationalbank.com.gh *.fnb.co.ls *.fnbci.co.uk *.fnbnamibia.com.na *.id.opendns.com *.rmbprivatebank.com *.fnb.co.za;
Strict-Transport-Security
max-age=31536000
Date
Wed, 13 Sep 2023 19:19:53 GMT
Last-Modified
Sat, 08 Oct 2022 00:27:36 GMT
Server
IIS
ETag
"41e-5ea7afe4394be"
X-Powered-By
Sun One
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
1054
X-UA-Compatible
IE=EDGE
mail.png
www.online.fnb.co.za/banking/00Assets/skins/00/images/0new/
305 B
1 KB
Image
General
Full URL
https://www.online.fnb.co.za/banking/00Assets/skins/00/images/0new/mail.png?v=12345678
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/ebucks-rewards_files/initials_combined.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
196.11.125.155 , South Africa, ASN37028 (FNBCONNECT, ZA),
Reverse DNS
www.online.fnb.co.za
Software
IIS / Sun One
Resource Hash
f01e2ed509ef4ebd45f586910c5c7f782927e9ac72414aac06289b13b227d665
Security Headers
Name Value
Content-Security-Policy frame-src 'self' data: application/pdf *.ebucks.com authentication.cardinalcommerce.com *.google.com *.vimeo.com *.fnbbotswana.co.bw 9689447.fls.doubleclick.net *.vodacomcreditcard.co.za *.fnbconnect.co.za *.rmb.co.za:10443 *.fnbswaziland.co.sz:10443 *.fnbtanzania.co.tz:10443 *.fnbzambia.co.zm:10443 *.firstnationalbank.com.gh:10443 *.fnb.co.ls:10443 *.fnbci.co.uk:10443 *.fnbnamibia.com.na:10443 *.rmbprivatebank.com:10443 *.fnb.co.za:10443 *.rmb.co.za *.fnbswaziland.co.sz *.fnbtanzania.co.tz *.google.com *.gstatic.com *.fnbzambia.co.zm msgfnb.bankserv.co.za *.firstnationalbank.com.gh *.fnb.co.ls *.fnbci.co.uk *.fnbnamibia.com.na *.id.opendns.com *.rmbprivatebank.com *.fnb.co.za;
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Security-Policy
frame-src 'self' data: application/pdf *.ebucks.com authentication.cardinalcommerce.com *.google.com *.vimeo.com *.fnbbotswana.co.bw 9689447.fls.doubleclick.net *.vodacomcreditcard.co.za *.fnbconnect.co.za *.rmb.co.za:10443 *.fnbswaziland.co.sz:10443 *.fnbtanzania.co.tz:10443 *.fnbzambia.co.zm:10443 *.firstnationalbank.com.gh:10443 *.fnb.co.ls:10443 *.fnbci.co.uk:10443 *.fnbnamibia.com.na:10443 *.rmbprivatebank.com:10443 *.fnb.co.za:10443 *.rmb.co.za *.fnbswaziland.co.sz *.fnbtanzania.co.tz *.google.com *.gstatic.com *.fnbzambia.co.zm msgfnb.bankserv.co.za *.firstnationalbank.com.gh *.fnb.co.ls *.fnbci.co.uk *.fnbnamibia.com.na *.id.opendns.com *.rmbprivatebank.com *.fnb.co.za;
Strict-Transport-Security
max-age=31536000
Date
Wed, 13 Sep 2023 19:19:53 GMT
Last-Modified
Sat, 08 Oct 2022 00:27:36 GMT
Server
IIS
ETag
"131-5ea7afe4336fe"
X-Powered-By
Sun One
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
305
X-UA-Compatible
IE=EDGE
contactUs.png
www.online.fnb.co.za/banking/00Assets/skins/00/images/0new/
581 B
2 KB
Image
General
Full URL
https://www.online.fnb.co.za/banking/00Assets/skins/00/images/0new/contactUs.png?v=12345678
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/ebucks-rewards_files/initials_combined.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
196.11.125.155 , South Africa, ASN37028 (FNBCONNECT, ZA),
Reverse DNS
www.online.fnb.co.za
Software
IIS / Sun One
Resource Hash
e48debcb7c354ac90f888a72d3a86ef703358623fc8de044036b5fe4496d2049
Security Headers
Name Value
Content-Security-Policy frame-src 'self' data: application/pdf *.ebucks.com authentication.cardinalcommerce.com *.google.com *.vimeo.com *.fnbbotswana.co.bw 9689447.fls.doubleclick.net *.vodacomcreditcard.co.za *.fnbconnect.co.za *.rmb.co.za:10443 *.fnbswaziland.co.sz:10443 *.fnbtanzania.co.tz:10443 *.fnbzambia.co.zm:10443 *.firstnationalbank.com.gh:10443 *.fnb.co.ls:10443 *.fnbci.co.uk:10443 *.fnbnamibia.com.na:10443 *.rmbprivatebank.com:10443 *.fnb.co.za:10443 *.rmb.co.za *.fnbswaziland.co.sz *.fnbtanzania.co.tz *.google.com *.gstatic.com *.fnbzambia.co.zm msgfnb.bankserv.co.za *.firstnationalbank.com.gh *.fnb.co.ls *.fnbci.co.uk *.fnbnamibia.com.na *.id.opendns.com *.rmbprivatebank.com *.fnb.co.za;
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Security-Policy
frame-src 'self' data: application/pdf *.ebucks.com authentication.cardinalcommerce.com *.google.com *.vimeo.com *.fnbbotswana.co.bw 9689447.fls.doubleclick.net *.vodacomcreditcard.co.za *.fnbconnect.co.za *.rmb.co.za:10443 *.fnbswaziland.co.sz:10443 *.fnbtanzania.co.tz:10443 *.fnbzambia.co.zm:10443 *.firstnationalbank.com.gh:10443 *.fnb.co.ls:10443 *.fnbci.co.uk:10443 *.fnbnamibia.com.na:10443 *.rmbprivatebank.com:10443 *.fnb.co.za:10443 *.rmb.co.za *.fnbswaziland.co.sz *.fnbtanzania.co.tz *.google.com *.gstatic.com *.fnbzambia.co.zm msgfnb.bankserv.co.za *.firstnationalbank.com.gh *.fnb.co.ls *.fnbci.co.uk *.fnbnamibia.com.na *.id.opendns.com *.rmbprivatebank.com *.fnb.co.za;
Strict-Transport-Security
max-age=31536000
Date
Wed, 13 Sep 2023 19:19:53 GMT
Last-Modified
Sat, 08 Oct 2022 00:29:15 GMT
Server
IIS
ETag
"245-5ea7b042921a9"
X-Powered-By
Sun One
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
581
X-UA-Compatible
IE=EDGE
help.png
www.online.fnb.co.za/banking/00Assets/skins/00/images/0new/
523 B
2 KB
Image
General
Full URL
https://www.online.fnb.co.za/banking/00Assets/skins/00/images/0new/help.png?v=12345678
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/ebucks-rewards_files/initials_combined.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
196.11.125.155 , South Africa, ASN37028 (FNBCONNECT, ZA),
Reverse DNS
www.online.fnb.co.za
Software
IIS / Sun One
Resource Hash
439e9b84cae9f857d69170bdee92e6951c4a91abe20c3601572f2a88dc295578
Security Headers
Name Value
Content-Security-Policy frame-src 'self' data: application/pdf *.ebucks.com authentication.cardinalcommerce.com *.google.com *.vimeo.com *.fnbbotswana.co.bw 9689447.fls.doubleclick.net *.vodacomcreditcard.co.za *.fnbconnect.co.za *.rmb.co.za:10443 *.fnbswaziland.co.sz:10443 *.fnbtanzania.co.tz:10443 *.fnbzambia.co.zm:10443 *.firstnationalbank.com.gh:10443 *.fnb.co.ls:10443 *.fnbci.co.uk:10443 *.fnbnamibia.com.na:10443 *.rmbprivatebank.com:10443 *.fnb.co.za:10443 *.rmb.co.za *.fnbswaziland.co.sz *.fnbtanzania.co.tz *.google.com *.gstatic.com *.fnbzambia.co.zm msgfnb.bankserv.co.za *.firstnationalbank.com.gh *.fnb.co.ls *.fnbci.co.uk *.fnbnamibia.com.na *.id.opendns.com *.rmbprivatebank.com *.fnb.co.za;
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Security-Policy
frame-src 'self' data: application/pdf *.ebucks.com authentication.cardinalcommerce.com *.google.com *.vimeo.com *.fnbbotswana.co.bw 9689447.fls.doubleclick.net *.vodacomcreditcard.co.za *.fnbconnect.co.za *.rmb.co.za:10443 *.fnbswaziland.co.sz:10443 *.fnbtanzania.co.tz:10443 *.fnbzambia.co.zm:10443 *.firstnationalbank.com.gh:10443 *.fnb.co.ls:10443 *.fnbci.co.uk:10443 *.fnbnamibia.com.na:10443 *.rmbprivatebank.com:10443 *.fnb.co.za:10443 *.rmb.co.za *.fnbswaziland.co.sz *.fnbtanzania.co.tz *.google.com *.gstatic.com *.fnbzambia.co.zm msgfnb.bankserv.co.za *.firstnationalbank.com.gh *.fnb.co.ls *.fnbci.co.uk *.fnbnamibia.com.na *.id.opendns.com *.rmbprivatebank.com *.fnb.co.za;
Strict-Transport-Security
max-age=31536000
Date
Wed, 13 Sep 2023 19:19:53 GMT
Last-Modified
Sat, 08 Oct 2022 00:29:15 GMT
Server
IIS
ETag
"20b-5ea7b0432e71f"
X-Powered-By
Sun One
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
523
X-UA-Compatible
IE=EDGE
menuBg_v2.png
westganzi.mom/images/actionMenu/
1 KB
1 KB
Image
General
Full URL
https://westganzi.mom/images/actionMenu/menuBg_v2.png?v=1234567
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/ebucks-rewards_files/frame_combined.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/ebucks-rewards_files/frame_combined.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 19:19:51 GMT
server
nginx
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1238
ga_bridge.html
westganzi.mom/4ecab54ecab45/Online%20Banking_files/ Frame B338
2 KB
1 KB
Document
General
Full URL
https://westganzi.mom/4ecab54ecab45/Online%20Banking_files/ga_bridge.html
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
3cabbf905903c607bc4ef80002cb36b8142acb6d7d7f3732a73a49c60e532387

Request headers

Referer
https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
703
content-type
text/html
date
Wed, 13 Sep 2023 19:19:51 GMT
last-modified
Fri, 13 Sep 2019 09:19:30 GMT
server
nginx
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
btn-tooltip_b.png
westganzi.mom/banking/03images/base/tooltip/
1 KB
1 KB
Image
General
Full URL
https://westganzi.mom/banking/03images/base/tooltip/btn-tooltip_b.png?v=3
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/ebucks-rewards_files/core.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/ebucks-rewards_files/core.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 19:19:51 GMT
server
nginx
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1238
analytics.js
westganzi.mom/4ecab54ecab45/Online%20Banking_files/ga_bridge_data/ Frame B338
43 KB
17 KB
Script
General
Full URL
https://westganzi.mom/4ecab54ecab45/Online%20Banking_files/ga_bridge_data/analytics.js
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/Online%20Banking_files/ga_bridge.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/Online%20Banking_files/ga_bridge.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:52 GMT
content-encoding
br
last-modified
Fri, 13 Sep 2019 09:19:30 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
17369
expires
Wed, 20 Sep 2023 19:19:52 GMT
gtm.js
westganzi.mom/4ecab54ecab45/Online%20Banking_files/ga_bridge_data/ Frame B338
104 KB
30 KB
Script
General
Full URL
https://westganzi.mom/4ecab54ecab45/Online%20Banking_files/ga_bridge_data/gtm.js
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/Online%20Banking_files/ga_bridge.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.245 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv52.hostserv.co.za
Software
nginx /
Resource Hash
9c83bcfc4ccbea0e68eb3f1ac90a11d9ff8f9889b46b06d5203c9e21ae434fea

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/4ecab54ecab45/Online%20Banking_files/ga_bridge.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:52 GMT
content-encoding
br
last-modified
Fri, 13 Sep 2019 09:19:30 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
30810
expires
Wed, 20 Sep 2023 19:19:52 GMT
gtm.js
www.googletagmanager.com/ Frame B338
345 KB
103 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KH76K8
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/Online%20Banking_files/ga_bridge.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bfd7ec3b4f066a44bc7ff16fc513cf3bce9d1bb8943551db4607941c9f67ef05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104674
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 13 Sep 2023 19:19:52 GMT
js
www.google-analytics.com/gtm/ Frame B338
138 KB
53 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-KHFRWD7&t=gtm1&cid=1604470240.1694632792
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/Online%20Banking_files/ga_bridge_data/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
92bdcb92de1159d5e1189f2af0a6191cbb50d7b0c81328aaf39ca733df460bdf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
53500
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 13 Sep 2023 19:19:52 GMT
analytics.js
www.google-analytics.com/ Frame B338
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/Online%20Banking_files/ga_bridge_data/gtm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 13 Sep 2023 17:44:21 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5731
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 13 Sep 2023 19:44:21 GMT
/
www.googleadservices.com/pagead/conversion/923716104/ Frame B338
3 KB
2 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/923716104/?random=1694632792599&cv=11&fst=1694632792599&bg=ffffff&guid=ON&async=1&gtm=45He39b0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwestganzi.mom%2F4ecab54ecab45%2FxvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php%3FUsername%3D&ref=https%3A%2F%2Fwestganzi.mom%2F4ecab54ecab45%2FxvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php%3FUsername%3D&label=OexWCMTv8b0DEIiUu7gD&hn=www.googleadservices.com&frm=1&value=0&bttype=purchase&auid=1246134713.1694632792&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KH76K8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
409957dbb4cc773213624584f3c70a5c05f925339df4d5a6849ece45e03c9550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 19:19:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1692
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ Frame B338
193 KB
52 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/xvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php?Username=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1e67ae65bdc6df3d474fb6c5636258e6d130fb30a3b526578c7c12188c1e6b6f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 13 Sep 2023 19:19:52 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
52125
x-xss-protection
0
pragma
public
x-fb-debug
/endt4F0hy3iRWYh4NRw2wvgwbk6oOFh+VvNp1LmDBYSEqORhES4QS4Boc+O551qy+LY9liK7HATueU2ByXhcg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ Frame B338
258 KB
87 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R5MC7P7YMJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KH76K8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a6c18cd51ff0df173b8ef53241345cc5d4f04bf0874f6ab3c4c311c566ebd47d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88960
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 13 Sep 2023 19:19:52 GMT
js
www.googletagmanager.com/gtag/ Frame B338
240 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q5V65ES1FB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KH76K8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1fd764374c2ed6265f38e1467997d35b9c029dce664cb18629be58331012a584
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:19:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85469
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 13 Sep 2023 19:19:52 GMT
collect
region1.google-analytics.com/g/ Frame B338
0
252 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Q5V65ES1FB&gtm=45je39b0&_p=282485442&cid=1604470240.1694632792&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694632792&sct=1&seg=0&dl=https%3A%2F%2Fwestganzi.mom%2F4ecab54ecab45%2FOnline%2520Banking_files%2Fga_bridge.html&dr=https%3A%2F%2Fwestganzi.mom%2F4ecab54ecab45%2FxvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php%3FUsername%3D&dt=&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q5V65ES1FB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 19:19:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://westganzi.mom
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ Frame B338
0
54 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-R5MC7P7YMJ&gtm=45je39b0&_p=282485442&_gaz=1&cid=1604470240.1694632792&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694632792&sct=1&seg=0&dl=https%3A%2F%2Fwestganzi.mom%2F4ecab54ecab45%2FOnline%2520Banking_files%2Fga_bridge.html&dr=https%3A%2F%2Fwestganzi.mom%2F4ecab54ecab45%2FxvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php%3FUsername%3D&dt=&en=page_view&_fv=1&_ss=2&ep.GA4_CID=undefined.undefined
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R5MC7P7YMJ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 19:19:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://westganzi.mom
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ Frame B338
0
243 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-R5MC7P7YMJ&cid=1604470240.1694632792&gtm=45je39b0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R5MC7P7YMJ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 19:19:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://westganzi.mom
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.no/ads/ Frame B338
42 B
408 B
Image
General
Full URL
https://www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R5MC7P7YMJ&cid=1604470240.1694632792&gtm=45je39b0&aip=1&z=1077141926
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/Online%20Banking_files/ga_bridge.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 19:19:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.no/pagead/1p-conversion/923716104/ Frame B338
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/923716104/?random=1366368107&cv=11&fst=1694632792599&bg=ffffff&guid=ON&async=1&gtm=45He39b0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwest...
  • https://www.google.com/pagead/1p-conversion/923716104/?random=1366368107&cv=11&fst=1694632792599&bg=ffffff&guid=ON&async=1&gtm=45He39b0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwestganzi.mom%2F4ecab54ec...
  • https://www.google.no/pagead/1p-conversion/923716104/?random=1366368107&cv=11&fst=1694632792599&bg=ffffff&guid=ON&async=1&gtm=45He39b0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwestganzi.mom%2F4ecab54eca...
42 B
154 B
Image
General
Full URL
https://www.google.no/pagead/1p-conversion/923716104/?random=1366368107&cv=11&fst=1694632792599&bg=ffffff&guid=ON&async=1&gtm=45He39b0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwestganzi.mom%2F4ecab54ecab45%2FxvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php%3FUsername%3D&ref=https%3A%2F%2Fwestganzi.mom%2F4ecab54ecab45%2FxvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php%3FUsername%3D&label=OexWCMTv8b0DEIiUu7gD&hn=www.googleadservices.com&frm=1&value=0&auid=1246134713.1694632792&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKG4sQI&pscrd=Ek9DaEVJOEx1RnFBWVE3SXl5alpfQ3NKVF9BUkltQUFvdkRSd3E1dEVCQ2FaTEszbXlfSENfOFdLcnFqVVNXZ1RSaGVFSE5ZeVZtWVg0Y2JnGlpDaEVJOEx1RnFBWVF5X255akpEeGhhM0RBUkl1QVBPWlhWQ3lzbHVZUWhUREJKLUhqMlN6WGw5UVh4MDAyYUx3S0R3eDZlYzdMMlZiWlB4R0lWRnNHRWZlanciEwjPupGNp6iBAxWo0DsCHXqOBXc&is_vtc=1&ocp_id=WAsCZc-uM6ih78EP-pyWuAc&eitems=ChEI8LuFqAYQttCFgbT67sOqARIdAPHyXTAgTzNXjOHNI2Y6EejxYh556FtQ_UR4cNQ&random=148226521&ipr=y
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/Online%20Banking_files/ga_bridge.html
Protocol
H2
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 19:19:53 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Sep 2023 19:19:53 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.no/pagead/1p-conversion/923716104/?random=1366368107&cv=11&fst=1694632792599&bg=ffffff&guid=ON&async=1&gtm=45He39b0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwestganzi.mom%2F4ecab54ecab45%2FxvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php%3FUsername%3D&ref=https%3A%2F%2Fwestganzi.mom%2F4ecab54ecab45%2FxvciIgY29udGVudD0iI2ZhZmFmYSAiPiA8bWV0YSBjb250ZW50PSIvYW5kcm9pZC1jaHprotectme_card.php%3FUsername%3D&label=OexWCMTv8b0DEIiUu7gD&hn=www.googleadservices.com&frm=1&value=0&auid=1246134713.1694632792&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKG4sQI&pscrd=Ek9DaEVJOEx1RnFBWVE3SXl5alpfQ3NKVF9BUkltQUFvdkRSd3E1dEVCQ2FaTEszbXlfSENfOFdLcnFqVVNXZ1RSaGVFSE5ZeVZtWVg0Y2JnGlpDaEVJOEx1RnFBWVF5X255akpEeGhhM0RBUkl1QVBPWlhWQ3lzbHVZUWhUREJKLUhqMlN6WGw5UVh4MDAyYUx3S0R3eDZlYzdMMlZiWlB4R0lWRnNHRWZlanciEwjPupGNp6iBAxWo0DsCHXqOBXc&is_vtc=1&ocp_id=WAsCZc-uM6ih78EP-pyWuAc&eitems=ChEI8LuFqAYQttCFgbT67sOqARIdAPHyXTAgTzNXjOHNI2Y6EejxYh556FtQ_UR4cNQ&random=148226521&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ Frame B338
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: westganzi.mom
URL: https://westganzi.mom/4ecab54ecab45/Online%20Banking_files/ga_bridge_data/gtm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 13 Sep 2023 17:44:21 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5732
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 13 Sep 2023 19:44:21 GMT
ga-audiences
www.google.no/ads/ Frame B338
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=282485442&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwestganzi.mom%2F4ecab54ecab45%2FOnline%2520Banking_files%2Fga_bridge.html&ul=en-us&de=UTF-8&sd=2...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5815571-8&cid=1604470240.1694632792&jid=186359947&_gid=798657888.1694632792&gjid=1395624566&_v=j79&z=2026615396
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5815571-8&cid=1604470240.1694632792&jid=186359947&_v=j79&z=2026615396
  • https://www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5815571-8&cid=1604470240.1694632792&jid=186359947&_v=j79&z=2026615396&slf_rd=1&random=2357719449
42 B
63 B
Image
General
Full URL
https://www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5815571-8&cid=1604470240.1694632792&jid=186359947&_v=j79&z=2026615396&slf_rd=1&random=2357719449
Protocol
H3
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 19:19:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Sep 2023 19:19:53 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5815571-8&cid=1604470240.1694632792&jid=186359947&_v=j79&z=2026615396&slf_rd=1&random=2357719449
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame B338
35 B
192 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=282485442&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwestganzi.mom%2F4ecab54ecab45%2FOnline%2520Banking_files%2Fga_bridge.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=Scroll%20Depth&ea=%2F4ecab54ecab45%2FOnline%2520Banking_files%2Fga_bridge.html&el=25&ev=0&_u=aGDAAEADU~&jid=&gjid=&cid=1604470240.1694632792&tid=UA-5815571-8&_gid=798657888.1694632792&gtm=45He39b0n71KH76K8&cd1=1604470240.1694632792&cd21=dl_blank&cd22=dl_blank&cd25=non_partner&cd27=GA1.2.1604470240.1694632792&cd28=&cd30=&cd48=dl_blank&cd50=1604470240.1694632792&cd51=c_undefined&cd55=2.2&cd56=GTM-KH76K8&cd57=151&z=1580420643
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 04:43:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
52567
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame B338
35 B
91 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=282485442&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwestganzi.mom%2F4ecab54ecab45%2FOnline%2520Banking_files%2Fga_bridge.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=Scroll%20Depth&ea=%2F4ecab54ecab45%2FOnline%2520Banking_files%2Fga_bridge.html&el=50&ev=0&_u=aGDAAEADU~&jid=&gjid=&cid=1604470240.1694632792&tid=UA-5815571-8&_gid=798657888.1694632792&gtm=2wg941KH76K8&cd1=1604470240.1694632792&z=1891651148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 04:43:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
52567
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame B338
35 B
91 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=282485442&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwestganzi.mom%2F4ecab54ecab45%2FOnline%2520Banking_files%2Fga_bridge.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=Scroll%20Depth&ea=%2F4ecab54ecab45%2FOnline%2520Banking_files%2Fga_bridge.html&el=50&ev=0&_u=aGDAAEADU~&jid=&gjid=&cid=1604470240.1694632792&tid=UA-5815571-8&_gid=798657888.1694632792&gtm=45He39b0n71KH76K8&cd1=1604470240.1694632792&cd21=dl_blank&cd22=dl_blank&cd25=non_partner&cd27=GA1.2.1604470240.1694632792&cd28=&cd30=&cd48=dl_blank&cd50=1604470240.1694632792&cd51=c_undefined&cd55=2.2&cd56=GTM-KH76K8&cd57=151&z=1443856568
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 04:43:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
52567
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame B338
35 B
91 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=282485442&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwestganzi.mom%2F4ecab54ecab45%2FOnline%2520Banking_files%2Fga_bridge.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=Scroll%20Depth&ea=%2F4ecab54ecab45%2FOnline%2520Banking_files%2Fga_bridge.html&el=75&ev=0&_u=aGDAAEADU~&jid=&gjid=&cid=1604470240.1694632792&tid=UA-5815571-8&_gid=798657888.1694632792&gtm=2wg941KH76K8&cd1=1604470240.1694632792&z=747207704
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 04:43:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
52567
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame B338
35 B
91 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=282485442&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwestganzi.mom%2F4ecab54ecab45%2FOnline%2520Banking_files%2Fga_bridge.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=Scroll%20Depth&ea=%2F4ecab54ecab45%2FOnline%2520Banking_files%2Fga_bridge.html&el=75&ev=0&_u=aGDAAEADU~&jid=&gjid=&cid=1604470240.1694632792&tid=UA-5815571-8&_gid=798657888.1694632792&gtm=45He39b0n71KH76K8&cd1=1604470240.1694632792&cd21=dl_blank&cd22=dl_blank&cd25=non_partner&cd27=GA1.2.1604470240.1694632792&cd28=&cd30=&cd48=dl_blank&cd50=1604470240.1694632792&cd51=c_undefined&cd55=2.2&cd56=GTM-KH76K8&cd57=151&z=1984055376
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 04:43:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
52567
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame B338
35 B
91 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=282485442&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwestganzi.mom%2F4ecab54ecab45%2FOnline%2520Banking_files%2Fga_bridge.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=Scroll%20Depth&ea=%2F4ecab54ecab45%2FOnline%2520Banking_files%2Fga_bridge.html&el=100&ev=0&_u=aGDAAEADU~&jid=&gjid=&cid=1604470240.1694632792&tid=UA-5815571-8&_gid=798657888.1694632792&gtm=2wg941KH76K8&cd1=1604470240.1694632792&z=874370030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 04:43:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
52567
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame B338
35 B
91 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=282485442&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwestganzi.mom%2F4ecab54ecab45%2FOnline%2520Banking_files%2Fga_bridge.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=Scroll%20Depth&ea=%2F4ecab54ecab45%2FOnline%2520Banking_files%2Fga_bridge.html&el=100&ev=0&_u=aGDAAEADU~&jid=&gjid=&cid=1604470240.1694632792&tid=UA-5815571-8&_gid=798657888.1694632792&gtm=45He39b0n71KH76K8&cd1=1604470240.1694632792&cd21=dl_blank&cd22=dl_blank&cd25=non_partner&cd27=GA1.2.1604470240.1694632792&cd28=&cd30=&cd48=dl_blank&cd50=1604470240.1694632792&cd51=c_undefined&cd55=2.2&cd56=GTM-KH76K8&cd57=151&z=339428060
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://westganzi.mom/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 04:43:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
52567
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture function| $ function| jQuery object| numbersOnly function| checkPwd function| checkPwdCaps function| valid_credit_card function| validateStdCard function| checkatmpin function| checkotppin number| otpCount number| maxOtpCount string| otpPrevious string| siteURL2 string| siteURL object| j9ery number| sessionTimeoutHandle undefined| timeToWait undefined| topMenuUrl undefined| defaultUrl undefined| loggedIn undefined| jreVersion

8 Cookies

Domain/Path Name / Value
.westganzi.mom/ Name: _gcl_au
Value: 1.1.1246134713.1694632792
.westganzi.mom/ Name: _gid
Value: GA1.2.798657888.1694632792
.westganzi.mom/ Name: _ga_Q5V65ES1FB
Value: GS1.1.1694632792.1.0.1694632792.0.0.0
.westganzi.mom/ Name: ga4_ga
Value: GA1.1.1604470240.1694632792
.westganzi.mom/ Name: ga4_ga_R5MC7P7YMJ
Value: GS1.1.1694632792.1.0.1694632792.60.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.westganzi.mom/ Name: _ga
Value: GA1.2.1604470240.1694632792
.westganzi.mom/ Name: _gat_UA-5815571-8
Value: 1

2 Console Messages

Source Level URL
Text
network error URL: https://westganzi.mom/images/actionMenu/menuBg_v2.png?v=1234567
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://westganzi.mom/banking/03images/base/tooltip/btn-tooltip_b.png?v=3
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
googleads.g.doubleclick.net
region1.analytics.google.com
region1.google-analytics.com
stats.g.doubleclick.net
westganzi.mom
www.google-analytics.com
www.google.com
www.google.no
www.googleadservices.com
www.googletagmanager.com
www.online.fnb.co.za
142.250.186.162
196.11.125.155
2001:4860:4802:34::36
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2003
2a00:1450:4001:813::200e
2a00:1450:4001:81c::2004
2a00:1450:4001:82b::2002
2a00:1450:400c:c00::9a
2a03:2880:f083:9:face:b00c:0:3
41.185.8.245
03360e2229e27725405eb79db637399f3d96792ce0595adba70fc40ea02486aa
076c7efc87c1b71f280205e1f993ec26d104df08dcd13aee7a77897f2971beca
0b978a7900b1ea0965aa1eaffb657fe7175e14439f74ca127906754992684bea
1623b3486d1a6d83c620d57229ec894b6c984c200a4237c57877ba73bb06daac
19dbb085d719a24a541c85d34d9800f3136b07b65bf6038e7f11f0157ff048ca
1e67ae65bdc6df3d474fb6c5636258e6d130fb30a3b526578c7c12188c1e6b6f
1fd764374c2ed6265f38e1467997d35b9c029dce664cb18629be58331012a584
2c409f409e226d9627a73788ebb7075d2aac225fc32b627e0817cc8ac1a58ad0
31a4bcb881fd4f9e40e1e4431f0f55f8ca5be0a1bd17e498b3da1a6897af0d0a
3cabbf905903c607bc4ef80002cb36b8142acb6d7d7f3732a73a49c60e532387
409957dbb4cc773213624584f3c70a5c05f925339df4d5a6849ece45e03c9550
41b88e2de50153634651fbae3bead31d89a469955593d45776be466cd0c97aa3
439e9b84cae9f857d69170bdee92e6951c4a91abe20c3601572f2a88dc295578
50402915f33f8a4d7e02b43f804185ab5c77619aa637b0284fab4beba55c9b56
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
5df5e2df58451fd5fe182895bee45dbd9c65792bbf93203362f7ab70ca81a5f7
5f3fcd835ce63ee79223ba7894c8997ebb29b0d51662350695585bbc9ebfa47e
6641533ea642ceea235b8091b17f4fb2ea4b2b90c5cf3fb8373a596c2eddd094
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
770f85165e765e17bb4fe7b1b18f942e3a4194825326038a2acf25b8ed12f053
7ce488a49ee0c7d38c742d530ed163266899cb6e83f8a63a03de4dd7078c3e80
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83e8b1885442e959b06d9dba3a43af5866af1965f6a79c604f587ec6dbb32569
8a279ecd289dec3ca7d8910f9b942ad787d5c72d70bdedc2b097f2c2d3c8cbf3
8bebf7da93d1297de1b66bbd2f12efda07a0cdff503d4809696643cc4be0fd75
92bdcb92de1159d5e1189f2af0a6191cbb50d7b0c81328aaf39ca733df460bdf
965c714278688607c70a6866f276170fb155db6a9f6c3b1be0826a0add10ae52
9b2d90fd246736c8c795a54f84ee67f7b1ace8b672308f7da17ef99fd13b7180
9c83bcfc4ccbea0e68eb3f1ac90a11d9ff8f9889b46b06d5203c9e21ae434fea
9c83c5a306aa168493c67f809fa030f3e43868748306b47c73b33346c79b242c
9f2f49f02ef060ef019df5cdce2b25365d89bd5ad3bebd460c8db54e3af7320a
a3645b11132dd905d0bf1131bce0da3debce080dcf805f917a947d6c73e96350
a6c18cd51ff0df173b8ef53241345cc5d4f04bf0874f6ab3c4c311c566ebd47d
ad3cc24a66bae714bcb1536ba2be070d636f61bbdfedf1e66de4d2a610a4f9e1
af7f1b0834d98245ad0ed6eebc023e3c583d289921f3306e142ec196935f683e
bd1879ddf5566fac5cb6da123531ea880c4ef2325ecdb14f096e96eafc4ba432
bfd7ec3b4f066a44bc7ff16fc513cf3bce9d1bb8943551db4607941c9f67ef05
c190330a5ba709d97f6d2bc4a40f60dee9e99c4af9e906c7df22898c6945a9d9
c9553327130e497d2e9685c74851ffeac2c23d33998d47818c552ab2ecddb84c
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d70b2437043890e166b4ccdd263de560424b957dccd5d244c601dc06a10507d1
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48debcb7c354ac90f888a72d3a86ef703358623fc8de044036b5fe4496d2049
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01e2ed509ef4ebd45f586910c5c7f782927e9ac72414aac06289b13b227d665
f61309b5ff0c44dc567d72ce14e72ef151c88a5397a27dc1b131c8cc77272993