urlscan.io logo urlscan.io
SecurityTrails logo

gozafu.com Open in urlscan Pro
45.86.37.178  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://gozafu.com/
Submission: On November 29 via manual from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 1 countries across 6 domains to perform 39 HTTP transactions. The main IP is 45.86.37.178, located in St Louis, United States and belongs to CYBERCON, US. The main domain is gozafu.com.
This is the only time gozafu.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banca Mediolanum (Financial)

Domain & IP information

IP Address AS Autonomous System
24 45.86.37.178 7393 (CYBERCON)
2 45.60.124.166 19551 (INCAPSULA)
1 151.101.66.137 54113 (FASTLY)
1 4 142.250.185.104 15169 (GOOGLE)
3 216.239.32.178 15169 (GOOGLE)
4 216.239.34.36 15169 (GOOGLE)
2 64.233.166.156 15169 (GOOGLE)
39 7
24    45.86.37.178 (St Louis, United States)

ASN7393 (CYBERCON, US)
PTR: server.sarahflashing.com
gozafu.com
2    45.60.124.166 (United States)

ASN19551 (INCAPSULA, US)
www.bmedonline.it
1    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
4    142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net
www.googletagmanager.com
3    216.239.32.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    64.233.166.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f156.1e100.net
stats.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
24 gozafu.com
gozafu.com
633 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2462
21 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
257 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
409 B
2 bmedonline.it
www.bmedonline.it
37 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 762
32 KB
39 6
Domain Requested by
24 gozafu.com gozafu.com
code.jquery.com
4 region1.google-analytics.com www.googletagmanager.com
4 www.googletagmanager.com 1 redirects gozafu.com
3 www.google-analytics.com gozafu.com
www.google-analytics.com
2 stats.g.doubleclick.net www.google-analytics.com
2 www.bmedonline.it gozafu.com
1 code.jquery.com gozafu.com
39 7
Subject Issuer Validity Valid
www.bmedonline.it
DigiCert EV RSA CA G2		 2023-06-28 -
2024-07-28		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://gozafu.com/
Frame ID: 8A2C0990CCC8A9F5B79376A5D0FEF1AB
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home Page

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

28 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

7
IPs

1
Countries

981 kB
Transfer

2093 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • http://www.googletagmanager.com/gtm.js?id=GTM-W5NR82 HTTP 302
  • https://www.googletagmanager.com/gtm.js?id=GTM-W5NR82
Request Chain 21
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 22
  • http://www.googletagmanager.com/gtag/js?id=G-QBPVM0NLBR&l=dataLayer&cx=c HTTP 307
  • https://www.googletagmanager.com/gtag/js?id=G-QBPVM0NLBR&l=dataLayer&cx=c
Request Chain 23
  • http://www.googletagmanager.com/gtag/js?id=G-LF895BPLT1&l=dataLayer&cx=c HTTP 307
  • https://www.googletagmanager.com/gtag/js?id=G-LF895BPLT1&l=dataLayer&cx=c

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gozafu.com/ 		36 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://gozafu.com/
Protocol
HTTP/1.1
Server
45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
server.sarahflashing.com
Software
LiteSpeed /
Resource Hash
1846449135af23016e56843a1e21c027e4c1875cbae5f39ac7eda4bd7d6ba1a3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
accept-ranges
bytes
content-encoding
gzip
content-length
8786
content-type
text/html
date
Wed, 29 Nov 2023 11:20:15 GMT
last-modified
Tue, 31 Oct 2023 11:09:44 GMT
server
LiteSpeed
vary
Accept-Encoding
bootstrap.min.css
gozafu.com/files/ 		138 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://gozafu.com/files/bootstrap.min.css
Requested by
Host: gozafu.com
URL: http://gozafu.com/
Protocol
HTTP/1.1
Server
45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
server.sarahflashing.com
Software
LiteSpeed /
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://gozafu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 11:20:15 GMT
content-encoding
gzip
last-modified
Tue, 25 Jul 2023 22:46:35 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
21072
expires
Wed, 06 Dec 2023 11:20:15 GMT
login-psd2.css
gozafu.com/files/ 		942 B
817 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://gozafu.com/files/login-psd2.css
Requested by
Host: gozafu.com
URL: http://gozafu.com/
Protocol
HTTP/1.1
Server
45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
server.sarahflashing.com
Software
LiteSpeed /
Resource Hash
08d5c60640ba612b7a723d496429c9007cb287fa49f5c3d2d422adb8ab57511c

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://gozafu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 11:20:15 GMT
content-encoding
gzip
last-modified
Tue, 25 Jul 2023 22:46:35 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
447
expires
Wed, 06 Dec 2023 11:20:15 GMT
fonts.css
gozafu.com/files/ 		7 KB
963 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://gozafu.com/files/fonts.css
Requested by
Host: gozafu.com
URL: http://gozafu.com/
Protocol
HTTP/1.1
Server
45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
server.sarahflashing.com
Software
LiteSpeed /
Resource Hash
737b9346c66562c4fcde8e59454b4324a34f03964f0440bde4c43eea5b2bb329

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://gozafu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 11:20:15 GMT
content-encoding
gzip
last-modified
Tue, 25 Jul 2023 22:46:35 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
593
expires
Wed, 06 Dec 2023 11:20:15 GMT
all.min.css
gozafu.com/files/ 		55 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://gozafu.com/files/all.min.css
Requested by
Host: gozafu.com
URL: http://gozafu.com/
Protocol
HTTP/1.1
Server
45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
server.sarahflashing.com
Software
LiteSpeed /
Resource Hash
d5a8d663a91d95976670c5cf5ec1e4a62fa884a49023ffff3b434f8a858c99ad

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://gozafu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 11:20:15 GMT
content-encoding
gzip
last-modified
Tue, 25 Jul 2023 22:46:35 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
12306
expires
Wed, 06 Dec 2023 11:20:15 GMT
jquery-3.3.1.js
gozafu.com/files/ 		276 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://gozafu.com/files/jquery-3.3.1.js
Requested by
Host: gozafu.com
URL: http://gozafu.com/
Protocol
HTTP/1.1
Server
45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
server.sarahflashing.com
Software
LiteSpeed /
Resource Hash
efabc1df81a1c0ffd40244dfee5a978cc4c78f5abcdd32bab65fb95967dd364f

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://gozafu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 11:20:15 GMT
content-encoding
gzip
last-modified
Tue, 25 Jul 2023 22:46:35 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
81433
expires
Wed, 06 Dec 2023 11:20:15 GMT
HB-bmed-logo.jpeg
gozafu.com/files/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://gozafu.com/files/HB-bmed-logo.jpeg
Requested by
Host: gozafu.com
URL: http://gozafu.com/
Protocol
HTTP/1.1
Server
45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
server.sarahflashing.com
Software
LiteSpeed /
Resource Hash
3a3cebc4d7a4938330f7ae34c9ddb7318805a2c1f275bd460c6377be4b4efc2e

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://gozafu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 11:20:15 GMT
last-modified
Fri, 06 Oct 2023 22:35:49 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
33872
expires
Wed, 06 Dec 2023 11:20:15 GMT
user.png
gozafu.com/files/ 		788 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://gozafu.com/files/user.png
Requested by
Host: gozafu.com
URL: http://gozafu.com/
Protocol
HTTP/1.1
Server
45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
server.sarahflashing.com
Software
LiteSpeed /
Resource Hash
8887872dfa818a2c63ba2a496f811cbcbef2e6444c0d343e295e832cece0f510

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://gozafu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 11:20:16 GMT
last-modified
Tue, 31 Oct 2023 11:08:12 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
788
expires
Wed, 06 Dec 2023 11:20:16 GMT
ico-alert-new.png
gozafu.com/files/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://gozafu.com/files/ico-alert-new.png
Requested by
Host: gozafu.com
URL: http://gozafu.com/
Protocol
HTTP/1.1
Server
45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
server.sarahflashing.com
Software
LiteSpeed /
Resource Hash
d287be0e320369cd079d543be40255dd263750b71cf2b3d6d402fe8894262d5f

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://gozafu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 11:20:16 GMT
last-modified
Tue, 31 Oct 2023 11:08:49 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
3064
expires
Wed, 06 Dec 2023 11:20:16 GMT
20230608_Mediolanum_selfypay_bmedonline_767%C3%97587.png
gozafu.com/files/ 		381 KB
381 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://gozafu.com/files/20230608_Mediolanum_selfypay_bmedonline_767%C3%97587.png
Requested by
Host: gozafu.com
URL: http://gozafu.com/
Protocol
HTTP/1.1
Server
45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
server.sarahflashing.com
Software
LiteSpeed /
Resource Hash
83aba45d0a6b45b0911d0a5435385b54bdcd3275e71399772f146c4a378f6300

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://gozafu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 11:20:16 GMT
last-modified
Fri, 06 Oct 2023 22:33:00 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
390145
expires
Wed, 06 Dec 2023 11:20:16 GMT
logo-mediolanum.png
gozafu.com/files/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://gozafu.com/files/logo-mediolanum.png
Requested by
Host: gozafu.com
URL: http://gozafu.com/
Protocol
HTTP/1.1
Server
45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
server.sarahflashing.com
Software
LiteSpeed /
Resource Hash
4521d2660af14ced6628837ff5ec772f2f7bc4467acfaee5d45529065bc322d4

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://gozafu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 11:20:16 GMT
last-modified
Tue, 31 Oct 2023 11:09:35 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
2985
expires
Wed, 06 Dec 2023 11:20:16 GMT
popper.js
www.bmedonline.it/ecm/static-assets/login-psd2/dist/ 		88 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bmedonline.it/ecm/static-assets/login-psd2/dist/popper.js
Requested by
Host: gozafu.com
URL: http://gozafu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.166 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ec4fc7a65067ee9d86c889521f335efa20a53b6a86997b3aca9dfc74afd7767f

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://gozafu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 11:20:16 GMT
content-encoding
gzip
x-cdn
Imperva
etag
"06b0101d152ae79c9be6b02e01c699e95"
content-type
application/javascript
x-iinfo
14-143829968-0 0CNN RT(1701256816085 20) q(0 -1 -1 3) r(0 -1)
cache-control
max-age=230, public
x-incap-sess-cookie-hdr
kY10V7kBKU0wt4T+K97QFXAeZ2UAAAAAoSSIk4GfVQffl/tJyl2PjQ==
content-length
22564
expires
Wed, 29 Nov 2023 11:24:06 GMT
bootstrap.min.js
www.bmedonline.it/ecm/static-assets/login-psd2/dist/ 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bmedonline.it/ecm/static-assets/login-psd2/dist/bootstrap.min.js
Requested by
Host: gozafu.com
URL: http://gozafu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.166 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://gozafu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 11:20:16 GMT
content-encoding
gzip
x-cdn
Imperva
etag
"067176c242e1bdc20603c878dee836df3"
content-type
application/javascript
x-iinfo
14-143829968-0 0CNN RT(1701256816085 21) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=245, public
x-incap-sess-cookie-hdr
Ic5Bedn3qAEwt4T+K97QFXAeZ2UAAAAA+dWXp5prFYCll7jOsqjVnA==
content-length
14026
expires
Wed, 29 Nov 2023 11:24:21 GMT
jquery-1.9.1.min.js
code.jquery.com/ 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.9.1.min.js
Requested by
Host: gozafu.com
URL: http://gozafu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://gozafu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 11:20:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
2648155
x-cache
HIT, HIT
content-length
32772
x-served-by
cache-lga13625-LGA, cache-lin2290021-LIN
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1701256817.799559,VS0,VE0
etag
W/"28feccc0-169d5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
17, 9517441
gtm.js
www.googletagmanager.com/
Redirect Chain
  • http://www.googletagmanager.com/gtm.js?id=GTM-W5NR82
  • https://www.googletagmanager.com/gtm.js?id=GTM-W5NR82
261 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W5NR82
Requested by
Host: gozafu.com
URL: http://gozafu.com/
Protocol
H2
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
be3d565867aca1f2465cb58327c6006a972b369ad725d6eae180f1c6fb8c0e98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://gozafu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 11:20:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88734
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 29 Nov 2023 11:20:16 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtm.js?id=GTM-W5NR82
Date
Wed, 29 Nov 2023 11:20:16 GMT
Cross-Origin-Resource-Policy
cross-origin
Server
Google Tag Manager
Content-Length
250
X-XSS-Protection
0
Content-Type
text/html; charset=UTF-8
arrow-down-nav-gruppo-off.png
gozafu.com/files/ 		155 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://gozafu.com/files/arrow-down-nav-gruppo-off.png
Requested by
Host: gozafu.com
URL: http://gozafu.com/
Protocol
HTTP/1.1
Server
45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
server.sarahflashing.com
Software
LiteSpeed /
Resource Hash
feaaf4e9e2f8cd65ece2416845dbd7513d07029557275eb440497f17a6edd520

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://gozafu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 11:20:16 GMT
last-modified
Tue, 25 Jul 2023 22:46:35 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
155
expires
Wed, 06 Dec 2023 11:20:16 GMT
mediolanumsans-regular.otf
gozafu.com/files/fonts/webfontkit-20150730-065551/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://gozafu.com/files/fonts/webfontkit-20150730-065551/mediolanumsans-regular.otf
Requested by
Host: gozafu.com
URL: http://gozafu.com/files/fonts.css
Protocol
HTTP/1.1
Server
45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
server.sarahflashing.com
Software
LiteSpeed /
Resource Hash

Request headers

Referer
http://gozafu.com/files/fonts.css
Origin
http://gozafu.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 11:20:16 GMT
server
LiteSpeed
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
1238
mediolanumsans-bold.otf
gozafu.com/files/fonts/webfontkit-20150730-065025/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://gozafu.com/files/fonts/webfontkit-20150730-065025/mediolanumsans-bold.otf
Requested by
Host: gozafu.com
URL: http://gozafu.com/files/fonts.css
Protocol
HTTP/1.1
Server
45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
server.sarahflashing.com
Software
LiteSpeed /
Resource Hash

Request headers

Referer
http://gozafu.com/files/fonts.css
Origin
http://gozafu.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 11:20:16 GMT
server
LiteSpeed
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
1238
fa-brands-400.woff2
gozafu.com/files/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://gozafu.com/files/fonts/fa-brands-400.woff2
Requested by
Host: gozafu.com
URL: http://gozafu.com/files/all.min.css
Protocol
HTTP/1.1
Server
45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
server.sarahflashing.com
Software
LiteSpeed /
Resource Hash

Request headers

Referer
http://gozafu.com/files/all.min.css
Origin
http://gozafu.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 11:20:16 GMT
server
LiteSpeed
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
1238
mediolanumsans-regular.woff2
gozafu.com/files/fonts/webfontkit-20150730-065551/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://gozafu.com/files/fonts/webfontkit-20150730-065551/mediolanumsans-regular.woff2
Requested by
Host: gozafu.com
URL: http://gozafu.com/files/fonts.css
Protocol
HTTP/1.1
Server
45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
server.sarahflashing.com
Software
LiteSpeed /
Resource Hash

Request headers

Referer
http://gozafu.com/files/fonts.css
Origin
http://gozafu.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 11:20:16 GMT
server
LiteSpeed
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
1238
fa-brands-400.woff
gozafu.com/files/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://gozafu.com/files/fonts/fa-brands-400.woff
Requested by
Host: gozafu.com
URL: http://gozafu.com/files/all.min.css
Protocol
HTTP/1.1
Server
45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
server.sarahflashing.com
Software
LiteSpeed /
Resource Hash

Request headers

Referer
http://gozafu.com/files/all.min.css
Origin
http://gozafu.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 11:20:16 GMT
server
LiteSpeed
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
1238
mediolanumsans-bold.woff2
gozafu.com/files/fonts/webfontkit-20150730-065025/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://gozafu.com/files/fonts/webfontkit-20150730-065025/mediolanumsans-bold.woff2
Requested by
Host: gozafu.com
URL: http://gozafu.com/files/fonts.css
Protocol
HTTP/1.1
Server
45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
server.sarahflashing.com
Software
LiteSpeed /
Resource Hash

Request headers

Referer
http://gozafu.com/files/fonts.css
Origin
http://gozafu.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 11:20:16 GMT
server
LiteSpeed
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
1238
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: gozafu.com
URL: http://gozafu.com/
Protocol
H2
Server
216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://gozafu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 29 Nov 2023 09:29:14 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6663
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 29 Nov 2023 11:29:14 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
js
www.googletagmanager.com/gtag/
Redirect Chain
  • http://www.googletagmanager.com/gtag/js?id=G-QBPVM0NLBR&l=dataLayer&cx=c
  • https://www.googletagmanager.com/gtag/js?id=G-QBPVM0NLBR&l=dataLayer&cx=c
243 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QBPVM0NLBR&l=dataLayer&cx=c
Requested by
Host: gozafu.com
URL: http://gozafu.com/
Protocol
H2
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
6ac37fa6eed93678c3434d66513b8152b0a173aba827dbb831272947660f874d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://gozafu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 11:20:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85945
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 29 Nov 2023 11:20:17 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtag/js?id=G-QBPVM0NLBR&l=dataLayer&cx=c
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
js
www.googletagmanager.com/gtag/
Redirect Chain
  • http://www.googletagmanager.com/gtag/js?id=G-LF895BPLT1&l=dataLayer&cx=c
  • https://www.googletagmanager.com/gtag/js?id=G-LF895BPLT1&l=dataLayer&cx=c
247 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LF895BPLT1&l=dataLayer&cx=c
Requested by
Host: gozafu.com
URL: http://gozafu.com/
Protocol
H2
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
4a2a5ea4607c4d6186bb46f01c333b73320eadf21ac1f24295ab3356b4d99ea8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://gozafu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 11:20:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87281
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 29 Nov 2023 11:20:16 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtag/js?id=G-LF895BPLT1&l=dataLayer&cx=c
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
mediolanumsans-bold.woff
gozafu.com/files/fonts/webfontkit-20150730-065025/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://gozafu.com/files/fonts/webfontkit-20150730-065025/mediolanumsans-bold.woff
Requested by
Host: gozafu.com
URL: http://gozafu.com/files/fonts.css
Protocol
HTTP/1.1
Server
45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
server.sarahflashing.com
Software
LiteSpeed /
Resource Hash

Request headers

Referer
http://gozafu.com/files/fonts.css
Origin
http://gozafu.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 11:20:16 GMT
server
LiteSpeed
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
1238
mediolanumsans-regular.woff
gozafu.com/files/fonts/webfontkit-20150730-065551/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://gozafu.com/files/fonts/webfontkit-20150730-065551/mediolanumsans-regular.woff
Requested by
Host: gozafu.com
URL: http://gozafu.com/files/fonts.css
Protocol
HTTP/1.1
Server
45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
server.sarahflashing.com
Software
LiteSpeed /
Resource Hash

Request headers

Referer
http://gozafu.com/files/fonts.css
Origin
http://gozafu.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 11:20:16 GMT
server
LiteSpeed
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
1238
fa-brands-400.ttf
gozafu.com/files/fonts/ 		128 KB
87 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://gozafu.com/files/fonts/fa-brands-400.ttf
Requested by
Host: gozafu.com
URL: http://gozafu.com/files/all.min.css
Protocol
HTTP/1.1
Server
45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
server.sarahflashing.com
Software
LiteSpeed /
Resource Hash
ca785b3a0d0f4c1bd0cbbe298a989af28aff3086b6522c2eaf9f7c110f080874

Request headers

Referer
http://gozafu.com/files/all.min.css
Origin
http://gozafu.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 11:20:16 GMT
content-encoding
gzip
last-modified
Tue, 25 Jul 2023 22:46:35 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
font/ttf
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
88235
expires
Wed, 06 Dec 2023 11:20:16 GMT
collect
region1.google-analytics.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-LF895BPLT1&gtm=45je3b81v872518050z871516773&_p=1701256816750&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=676071449.1701256817&ul=en-us&sr=1600x1200&_s=1&dt=%2F&sid=1701256817&sct=1&seg=0&dl=http%3A%2F%2Fgozafu.com%2F&en=page_view&_fv=1&_nsi=1&_ss=1&ep.area_sito=PUBBLICA&ep.hit_timestamp=2023-11-29T12%3A20%3A16.968%2B01%3A00&up.timestamp=2023-11-29T12%3A20%3A16.967%2B01%3A00&tfd=1105
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=G-LF895BPLT1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://gozafu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 11:20:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://gozafu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1064278662&t=pageview&_s=1&dl=http%3A%2F%2Fgozafu.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Home%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChAiEABBAAAACAAM~&jid=878585521&gjid=1853219014&cid=676071449.1701256817&tid=UA-75985629-1&_gid=1515648593.1701256817&_slc=1&gtm=45He3b81n71W5NR82v71516773&cd1=PUBBLICA&cd3=1701256816960.ox09zyo&cd4=2023-11-29T12%3A20%3A16.960%2B01%3A00&cd11=1701256816959.f6xuuydg&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=382764550
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://gozafu.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 11:20:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://gozafu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-75985629-1&cid=676071449.1701256817&jid=878585521&gjid=1853219014&_gid=1515648593.1701256817&_u=YChAiEABBAAAAGAAM~&z=1896221525
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.166.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://gozafu.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 29 Nov 2023 11:20:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://gozafu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1064278662&t=pageview&_s=1&dl=http%3A%2F%2Fgozafu.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Home%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCjAiEABBAAAAGAAM~&jid=324573316&gjid=915368208&cid=676071449.1701256817&tid=UA-42757807-1&_gid=2075318991.1701256817&_slc=1&gtm=45He3b81n71W5NR82v71516773&cd1=PUBBLICA&cd3=2023-11-29T12%3A20%3A16.969%2B01%3A00&cd11=1701256816970.0s2spdub&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=958001941
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://gozafu.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 11:20:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://gozafu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-42757807-1&cid=676071449.1701256817&jid=324573316&gjid=915368208&_gid=2075318991.1701256817&_u=YCjAiEABBAAAAGAAM~&z=329973613
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.166.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://gozafu.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 29 Nov 2023 11:20:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://gozafu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-QBPVM0NLBR&gtm=45je3b81v889410321z871516773&_p=1701256816750&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=676071449.1701256817&ul=en-us&sr=1600x1200&_s=1&dt=%2F&sid=1701256817&sct=1&seg=0&dl=http%3A%2F%2Fgozafu.com%2F&en=page_view&_fv=1&_ss=1&ep.area_sito=PUBBLICA&ep.hit_timestamp=2023-11-29T12%3A20%3A16.964%2B01%3A00&up.timestamp=2023-11-29T12%3A20%3A16.963%2B01%3A00&tfd=1144
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=G-QBPVM0NLBR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://gozafu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 11:20:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://gozafu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-LF895BPLT1&gtm=45je3b81v872518050&_p=1701256816750&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=676071449.1701256817&ul=en-us&sr=1600x1200&_eu=AEA&_s=2&dt=%2F&sid=1701256817&sct=1&seg=0&dl=http%3A%2F%2Fgozafu.com%2F&en=scroll&ep.area_sito=PUBBLICA&ep.hit_timestamp=2023-11-29T12%3A20%3A16.968%2B01%3A00&epn.percent_scrolled=90&_et=7&tfd=1153
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=G-LF895BPLT1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://gozafu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 11:20:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://gozafu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-QBPVM0NLBR&gtm=45je3b81v889410321&_p=1701256816750&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=676071449.1701256817&ul=en-us&sr=1600x1200&_eu=AEA&_s=2&dt=%2F&sid=1701256817&sct=1&seg=0&dl=http%3A%2F%2Fgozafu.com%2F&en=scroll&ep.area_sito=PUBBLICA&ep.hit_timestamp=2023-11-29T12%3A20%3A16.964%2B01%3A00&epn.percent_scrolled=90&_et=5&tfd=1155
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=G-QBPVM0NLBR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://gozafu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 11:20:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://gozafu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mediolanumsans-bold.ttf
gozafu.com/files/fonts/webfontkit-20150730-065025/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://gozafu.com/files/fonts/webfontkit-20150730-065025/mediolanumsans-bold.ttf
Requested by
Host: gozafu.com
URL: http://gozafu.com/files/fonts.css
Protocol
HTTP/1.1
Server
45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
server.sarahflashing.com
Software
LiteSpeed /
Resource Hash

Request headers

Referer
http://gozafu.com/files/fonts.css
Origin
http://gozafu.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 11:20:16 GMT
server
LiteSpeed
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
1238
mediolanumsans-regular.ttf
gozafu.com/files/fonts/webfontkit-20150730-065551/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://gozafu.com/files/fonts/webfontkit-20150730-065551/mediolanumsans-regular.ttf
Requested by
Host: gozafu.com
URL: http://gozafu.com/files/fonts.css
Protocol
HTTP/1.1
Server
45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
server.sarahflashing.com
Software
LiteSpeed /
Resource Hash

Request headers

Referer
http://gozafu.com/files/fonts.css
Origin
http://gozafu.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 11:20:16 GMT
server
LiteSpeed
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
1238
access.php
gozafu.com/panel/ 		88 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://gozafu.com/panel/access.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.9.1.min.js
Protocol
HTTP/1.1
Server
45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
server.sarahflashing.com
Software
LiteSpeed /
Resource Hash
fea1078f1c89033344ccd1179dfb9e24cd64acddbccbc9157997348f194e9367

Request headers

Accept
*/*
Referer
http://gozafu.com/
X-Requested-With
XMLHttpRequest
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 11:20:17 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
95

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banca Mediolanum (Financial)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery object| dataLayer function| Popper object| bootstrap object| jQuery19105276649141254826 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| mousedown function| gtag function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData string| campagnaClick function| listenIframe undefined| promobc

8 Cookies

Domain/Path Name / Value
.gozafu.com/ Name: _rollupGA
Value: GA1.2.676071449.1701256817
.gozafu.com/ Name: _rollupGA_gid
Value: GA1.2.1515648593.1701256817
.gozafu.com/ Name: _dc_gtm_UA-75985629-1
Value: 1
.gozafu.com/ Name: _gid
Value: GA1.2.2075318991.1701256817
.gozafu.com/ Name: _dc_gtm_UA-42757807-1
Value: 1
.gozafu.com/ Name: _ga
Value: GA1.1.676071449.1701256817
.gozafu.com/ Name: _ga_LF895BPLT1
Value: GS1.1.1701256817.1.0.1701256817.0.0.0
.gozafu.com/ Name: _ga_QBPVM0NLBR
Value: GS1.1.1701256817.1.0.1701256817.0.0.0

10 Console Messages

Source Level URL
Text
network error URL: http://gozafu.com/files/fonts/webfontkit-20150730-065551/mediolanumsans-regular.otf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://gozafu.com/files/fonts/fa-brands-400.woff2
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://gozafu.com/files/fonts/webfontkit-20150730-065025/mediolanumsans-bold.otf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://gozafu.com/files/fonts/webfontkit-20150730-065025/mediolanumsans-bold.woff2
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://gozafu.com/files/fonts/webfontkit-20150730-065551/mediolanumsans-regular.woff2
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://gozafu.com/files/fonts/fa-brands-400.woff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://gozafu.com/files/fonts/webfontkit-20150730-065025/mediolanumsans-bold.woff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://gozafu.com/files/fonts/webfontkit-20150730-065551/mediolanumsans-regular.woff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://gozafu.com/files/fonts/webfontkit-20150730-065025/mediolanumsans-bold.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://gozafu.com/files/fonts/webfontkit-20150730-065551/mediolanumsans-regular.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
gozafu.com
region1.google-analytics.com
stats.g.doubleclick.net
www.bmedonline.it
www.google-analytics.com
www.googletagmanager.com
142.250.185.104
151.101.66.137
216.239.32.178
216.239.34.36
45.60.124.166
45.86.37.178
64.233.166.156
08d5c60640ba612b7a723d496429c9007cb287fa49f5c3d2d422adb8ab57511c
1846449135af23016e56843a1e21c027e4c1875cbae5f39ac7eda4bd7d6ba1a3
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
3a3cebc4d7a4938330f7ae34c9ddb7318805a2c1f275bd460c6377be4b4efc2e
4521d2660af14ced6628837ff5ec772f2f7bc4467acfaee5d45529065bc322d4
4a2a5ea4607c4d6186bb46f01c333b73320eadf21ac1f24295ab3356b4d99ea8
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
6ac37fa6eed93678c3434d66513b8152b0a173aba827dbb831272947660f874d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
737b9346c66562c4fcde8e59454b4324a34f03964f0440bde4c43eea5b2bb329
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
83aba45d0a6b45b0911d0a5435385b54bdcd3275e71399772f146c4a378f6300
8887872dfa818a2c63ba2a496f811cbcbef2e6444c0d343e295e832cece0f510
be3d565867aca1f2465cb58327c6006a972b369ad725d6eae180f1c6fb8c0e98
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
ca785b3a0d0f4c1bd0cbbe298a989af28aff3086b6522c2eaf9f7c110f080874
d287be0e320369cd079d543be40255dd263750b71cf2b3d6d402fe8894262d5f
d5a8d663a91d95976670c5cf5ec1e4a62fa884a49023ffff3b434f8a858c99ad
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec4fc7a65067ee9d86c889521f335efa20a53b6a86997b3aca9dfc74afd7767f
efabc1df81a1c0ffd40244dfee5a978cc4c78f5abcdd32bab65fb95967dd364f
fea1078f1c89033344ccd1179dfb9e24cd64acddbccbc9157997348f194e9367
feaaf4e9e2f8cd65ece2416845dbd7513d07029557275eb440497f17a6edd520