Submitted URL: http://www.totsk.ru/TgKpvHg/
Effective URL: http://costruzioniperregrini.it/local/addon.php
Submission: On March 29 via automatic, source openphish

Summary

This website contacted 10 IPs in 4 countries across 10 domains to perform 15 HTTP transactions. The main IP is 195.110.124.188, located in Italy and belongs to REGISTER-AS, IT. The main domain is costruzioniperregrini.it.
This is the only time costruzioniperregrini.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 81.177.141.132 8342 (RTCOMM-AS)
1 195.110.124.188 39729 (REGISTER-AS)
3 52.24.72.253 16509 (AMAZON-02)
1 204.194.122.42 10390 (TELECHECK)
1 2.16.186.83 20940 (AKAMAI-ASN1)
4 216.58.206.3 15169 (GOOGLE)
1 2 216.58.206.14 15169 (GOOGLE)
1 2 104.16.84.55 13335 (CLOUDFLAR...)
1 52.222.162.89 16509 (AMAZON-02)
1 108.177.15.155 15169 (GOOGLE)
1 52.4.108.171 14618 (AMAZON-AES)
15 10
Domain Requested by
4 fonts.gstatic.com costruzioniperregrini.it
2 v2.zopim.com 1 redirects costruzioniperregrini.it
2 www.google-analytics.com 1 redirects cashfactoryusa.com
2 cashfactoryusa.com costruzioniperregrini.it
1 heapanalytics.com
1 stats.g.doubleclick.net costruzioniperregrini.it
1 cdn.heapanalytics.com cashfactoryusa.com
1 image.notifications.intuit.com costruzioniperregrini.it
1 directpay.irs.gov costruzioniperregrini.it
1 www.cashfactoryusa.com costruzioniperregrini.it
1 costruzioniperregrini.it
1 www.totsk.ru 1 redirects
15 12

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://costruzioniperregrini.it/local/addon.php
Frame ID: 38993F76F3BDF5A845A437F5C3F160CE
Requests: 15 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://www.totsk.ru/TgKpvHg/ HTTP 301
    http://costruzioniperregrini.it/local/addon.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /v2\.zopim\.com/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Overall confidence: 100%
Detected patterns
  • script /heap-\d+.js/i
  • env /^heap$/i

Overall confidence: 100%
Detected patterns
  • env /^moment$/i

Overall confidence: 100%
Detected patterns
  • env /^swal$/i

Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

15
Requests

0 %
HTTPS

0 %
IPv6

10
Domains

12
Subdomains

10
IPs

4
Countries

540 kB
Transfer

1933 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.totsk.ru/TgKpvHg/ HTTP 301
    http://costruzioniperregrini.it/local/addon.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • http://v2.zopim.com/?1ZcYtwiUw6XdooiAJpBBz2OgOkoMrnkv HTTP 302
  • http://v2.zopim.com/bin/v/widget_v2.242.js
Request Chain 12
  • https://www.google-analytics.com/r/collect?v=1&_v=j66&a=2071991831&t=pageview&_s=1&dl=http%3A%2F%2Fcostruzioniperregrini.it%2Flocal%2Faddon.php&ul=en-us&de=UTF-8&dt=Internal%20Revenue%20Service%20%7C%20An%20official%20website%20of%20the%20United%20States%20government&sd=24-bit&sr=1600x1200&vp=1600x1185&je=0&_u=IEBAAEAB~&jid=1979633743&gjid=137918112&cid=263727140.1522345336&tid=UA-34748636-11&_gid=604530774.1522345336&_r=1&z=1548855666 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-34748636-11&cid=263727140.1522345336&jid=1979633743&_gid=604530774.1522345336&gjid=137918112&_v=j66&z=1548855666

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request addon.php
costruzioniperregrini.it/local/
Redirect Chain
  • http://www.totsk.ru/TgKpvHg/
  • http://costruzioniperregrini.it/local/addon.php
9 KB
9 KB
Document
General
Full URL
http://costruzioniperregrini.it/local/addon.php
Protocol
HTTP/1.1
Server
195.110.124.188 , Italy, ASN39729 (REGISTER-AS, IT),
Reverse DNS
opus.register.it
Software
Apache / PHP/5.2.5
Resource Hash
277db6a1e2e471f49ff0b97573ebfb4f4b8f04aead564064162f641750348b61

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
costruzioniperregrini.it
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 29 Mar 2018 17:42:13 GMT
Server
Apache
Connection
close
Content-Type
text/html
X-Powered-By
PHP/5.2.5
Transfer-Encoding
chunked
Content-Language
it

Redirect headers

Date
Thu, 29 Mar 2018 17:42:12 GMT
Content-Encoding
gzip
Server
Jino.ru/mod_pizza
Vary
Accept-Encoding
Content-Type
text/html
Location
http://costruzioniperregrini.it/local/addon.php
Connection
keep-alive
Content-Length
211
bundle-cf066df6dd.css
www.cashfactoryusa.com/build/css/
242 KB
44 KB
Stylesheet
General
Full URL
https://www.cashfactoryusa.com/build/css/bundle-cf066df6dd.css
Requested by
Host: costruzioniperregrini.it
URL: http://costruzioniperregrini.it/local/addon.php
Protocol
HTTP/1.1
Server
52.24.72.253 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-24-72-253.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
06db6b15d261c13a3747efcfb4f880e33f34c4b5489d3ec81839e97339032665
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://costruzioniperregrini.it/local/addon.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 29 Mar 2018 17:42:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Thu, 26 Oct 2017 21:32:17 GMT
Server
Apache
ETag
"3c6c3-55c79e8097c7b-gzip"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
44385
Expires
Thu, 05 Apr 2018 17:42:13 GMT
irs_logo.svg
directpay.irs.gov/directpay/resources/img/
7 KB
8 KB
Image
General
Full URL
https://directpay.irs.gov/directpay/resources/img/irs_logo.svg
Requested by
Host: costruzioniperregrini.it
URL: http://costruzioniperregrini.it/local/addon.php
Protocol
HTTP/1.1
Server
204.194.122.42 Omaha, United States, ASN10390 (TELECHECK - TeleCheck International, Inc., US),
Reverse DNS
Software
/
Resource Hash
fe9120c4420fc998e66591ffea67ad58ee3ffb68ef40f5d3e8988e4acc828328
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://costruzioniperregrini.it/local/addon.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 29 Mar 2018 17:42:14 GMT
Last-Modified
Wed, 28 Feb 2018 18:31:42 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000
Content-Language
en
Cache-Control
max-age=31536000
Connection
Keep-Alive
OPTR_CXT
010001000000000000-0000-0000-0000-00000000000000000000-0000-0000-0000-000000000000 HTTP ;
Content-Type
image/svg+xml
Keep-Alive
timeout=10, max=100
Content-Length
7606
Expires
Fri, 29 Mar 2019 17:42:14 GMT
b005d0f5-3.gif
image.notifications.intuit.com/lib/fef01d75716203/i/1/
1 KB
2 KB
Image
General
Full URL
http://image.notifications.intuit.com/lib/fef01d75716203/i/1/b005d0f5-3.gif
Requested by
Host: costruzioniperregrini.it
URL: http://costruzioniperregrini.it/local/addon.php
Protocol
HTTP/1.1
Server
2.16.186.83 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-83.deploy.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
874c9ed316cd006b5a0ce6345035141aa4ffa627ca4fcffc01a580d48842014a

Request headers

Referer
http://costruzioniperregrini.it/local/addon.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 29 Mar 2018 17:42:14 GMT
Last-Modified
Fri, 30 Sep 2016 17:12:09 GMT
Server
AkamaiNetStorage
ETag
"6aac7d576f6a44ea057fd38b5af41373:1475255529"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1307
verified-logos.png
cashfactoryusa.com/images/
17 KB
18 KB
Image
General
Full URL
https://cashfactoryusa.com/images/verified-logos.png
Requested by
Host: costruzioniperregrini.it
URL: http://costruzioniperregrini.it/local/addon.php
Protocol
HTTP/1.1
Server
52.24.72.253 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-24-72-253.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
eafa0d5e4b55f69243abe774ab788e8879e74a560e9e77ff30419e3342308e5d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://costruzioniperregrini.it/local/addon.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 29 Mar 2018 17:42:14 GMT
Last-Modified
Sun, 05 Jun 2016 22:19:20 GMT
Server
Apache
ETag
"454d-5348f58ee82d5"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=2678400
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
17741
Expires
Sun, 29 Apr 2018 17:42:14 GMT
bundle-a282ca6412.js
cashfactoryusa.com/build/js/
489 KB
143 KB
Script
General
Full URL
https://cashfactoryusa.com/build/js/bundle-a282ca6412.js
Requested by
Host: costruzioniperregrini.it
URL: http://costruzioniperregrini.it/local/addon.php
Protocol
HTTP/1.1
Server
52.24.72.253 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-24-72-253.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
a9264a2c17d4b0c75a07d7065664b21375fc74ef13613192d5f1e5802e179774
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://costruzioniperregrini.it/local/addon.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 29 Mar 2018 17:42:14 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Thu, 14 Sep 2017 01:12:43 GMT
Server
Apache
ETag
"7a31b-5591bf935c5fb-gzip"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Expires
Thu, 05 Apr 2018 17:42:14 GMT
HqHm7BVC_nzzTui2lzQTDZBw1xU1rKptJj_0jans920.woff2
fonts.gstatic.com/s/oswald/v11/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v11/HqHm7BVC_nzzTui2lzQTDZBw1xU1rKptJj_0jans920.woff2
Requested by
Host: costruzioniperregrini.it
URL: http://costruzioniperregrini.it/local/addon.php
Protocol
SPDY
Server
216.58.206.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f3.1e100.net
Software
sffe /
Resource Hash
56e340c947eee8550a256926a24633207474d9ee53fbb84c280bcfbde62cf565
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://www.cashfactoryusa.com/build/css/bundle-cf066df6dd.css
Origin
http://costruzioniperregrini.it

Response headers

date
Mon, 12 Feb 2018 20:52:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 19 May 2016 23:55:44 GMT
server
sffe
age
3876587
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length
10056
x-xss-protection
1; mode=block
expires
Tue, 12 Feb 2019 20:52:27 GMT
bH7276GfdCjMjApa_dkG6ZBw1xU1rKptJj_0jans920.woff2
fonts.gstatic.com/s/oswald/v11/
10 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v11/bH7276GfdCjMjApa_dkG6ZBw1xU1rKptJj_0jans920.woff2
Requested by
Host: costruzioniperregrini.it
URL: http://costruzioniperregrini.it/local/addon.php
Protocol
SPDY
Server
216.58.206.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f3.1e100.net
Software
sffe /
Resource Hash
ffda9b99db7303f6fe08adac990e7804b83eafb92ef96e96512d62b1ff904038
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://www.cashfactoryusa.com/build/css/bundle-cf066df6dd.css
Origin
http://costruzioniperregrini.it

Response headers

date
Mon, 12 Feb 2018 19:18:24 GMT
x-content-type-options
nosniff
last-modified
Thu, 19 May 2016 23:55:37 GMT
server
sffe
age
3882230
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length
10668
x-xss-protection
1; mode=block
expires
Tue, 12 Feb 2019 19:18:24 GMT
_P8jt3Y65hJ9c4AzRE0V1OvvDin1pK8aKteLpeZ5c0A.woff2
fonts.gstatic.com/s/oswald/v11/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v11/_P8jt3Y65hJ9c4AzRE0V1OvvDin1pK8aKteLpeZ5c0A.woff2
Requested by
Host: costruzioniperregrini.it
URL: http://costruzioniperregrini.it/local/addon.php
Protocol
SPDY
Server
216.58.206.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f3.1e100.net
Software
sffe /
Resource Hash
3f7b09d82d621a4e337fe59b60e059934866427c8ecbd524917cabd3610681e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://www.cashfactoryusa.com/build/css/bundle-cf066df6dd.css
Origin
http://costruzioniperregrini.it

Response headers

date
Mon, 19 Mar 2018 20:09:24 GMT
x-content-type-options
nosniff
last-modified
Thu, 19 May 2016 23:52:47 GMT
server
sffe
age
855170
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length
9964
x-xss-protection
1; mode=block
expires
Tue, 19 Mar 2019 20:09:24 GMT
oMMgfZMQthOryQo9n22dcuvvDin1pK8aKteLpeZ5c0A.woff2
fonts.gstatic.com/s/roboto/v15/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v15/oMMgfZMQthOryQo9n22dcuvvDin1pK8aKteLpeZ5c0A.woff2
Requested by
Host: costruzioniperregrini.it
URL: http://costruzioniperregrini.it/local/addon.php
Protocol
SPDY
Server
216.58.206.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f3.1e100.net
Software
sffe /
Resource Hash
b6cb334272988052b287ab0af9b48c6cd1a53d2d685712a3941e90f4e8ba2e46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://www.cashfactoryusa.com/build/css/bundle-cf066df6dd.css
Origin
http://costruzioniperregrini.it

Response headers

date
Mon, 05 Mar 2018 04:14:53 GMT
x-content-type-options
nosniff
last-modified
Wed, 14 Jan 2015 22:48:18 GMT
server
sffe
age
2122041
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length
10292
x-xss-protection
1; mode=block
expires
Tue, 05 Mar 2019 04:14:53 GMT
analytics.js
www.google-analytics.com/
35 KB
14 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cashfactoryusa.com
URL: https://cashfactoryusa.com/build/js/bundle-a282ca6412.js
Protocol
SPDY
Server
216.58.206.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://costruzioniperregrini.it/local/addon.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 Nov 2017 20:19:12 GMT
server
Golfe2
age
3608
date
Thu, 29 Mar 2018 16:42:07 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length
14597
expires
Thu, 29 Mar 2018 18:42:07 GMT
widget_v2.242.js
v2.zopim.com/bin/v/
Redirect Chain
  • http://v2.zopim.com/?1ZcYtwiUw6XdooiAJpBBz2OgOkoMrnkv
  • http://v2.zopim.com/bin/v/widget_v2.242.js
1 MB
238 KB
Script
General
Full URL
http://v2.zopim.com/bin/v/widget_v2.242.js
Requested by
Host: costruzioniperregrini.it
URL: http://costruzioniperregrini.it/local/addon.php
Protocol
HTTP/1.1
Server
104.16.84.55 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f95a9607f8571da2cfbba60b8bfd07fbee7245e8ed3c2227dc8c235c39cdcd4e

Request headers

Referer
http://costruzioniperregrini.it/local/addon.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 29 Mar 2018 17:42:15 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Tue, 20 Mar 2018 06:25:50 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
403421cba35797ec-FRA
Expires
Sun, 26 Mar 2028 17:42:15 GMT

Redirect headers

Date
Thu, 29 Mar 2018 17:42:15 GMT
CF-Cache-Status
HIT
Server
cloudflare
ETag
"5abc56c0-0"
Vary
Accept-Encoding
Content-Type
application/octet-stream
Location
http://v2.zopim.com/bin/v/widget_v2.242.js
Cache-Control
max-age=14400, max-age=14400, public, must-revalidate, proxy-revalidate
Connection
keep-alive
CF-RAY
403421cb733d97ec-FRA
Content-Length
0
Expires
Thu, 29 Mar 2018 21:37:20 GMT
heap-3970199429.js
cdn.heapanalytics.com/js/
55 KB
24 KB
Script
General
Full URL
http://cdn.heapanalytics.com/js/heap-3970199429.js
Requested by
Host: cashfactoryusa.com
URL: https://cashfactoryusa.com/build/js/bundle-a282ca6412.js
Protocol
HTTP/1.1
Server
52.222.162.89 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-162-89.fra54.r.cloudfront.net
Software
nginx /
Resource Hash
56e77b9ce26f6869fd3d1409da8d88976b757e920f60987760d16535b66dbf66

Request headers

Referer
http://costruzioniperregrini.it/local/addon.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 29 Mar 2018 17:42:15 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"db09-JNy73Nv9ozo670zu9s6U1g"
Vary
Accept-Encoding
X-Cache
Miss from cloudfront
Content-Type
application/javascript; charset=utf-8
Via
1.1 9f190c53aa1fad1d6d54f8cc88bdeb16.cloudfront.net (CloudFront)
Cache-Control
public, max-age=120
Connection
keep-alive
Content-Length
23713
X-Amz-Cf-Id
3MLzQ0q8xmoo7Ks9qAgLEsReDUS99NxiCLTpT-7aF9jef3FYyKE-Kg==
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j66&a=2071991831&t=pageview&_s=1&dl=http%3A%2F%2Fcostruzioniperregrini.it%2Flocal%2Faddon.php&ul=en-us&de=UTF-8&dt=Internal%20Revenue%20Service%20%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-34748636-11&cid=263727140.1522345336&jid=1979633743&_gid=604530774.1522345336&gjid=137918112&_v=j66&z=1548855666
35 B
107 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-34748636-11&cid=263727140.1522345336&jid=1979633743&_gid=604530774.1522345336&gjid=137918112&_v=j66&z=1548855666
Requested by
Host: costruzioniperregrini.it
URL: http://costruzioniperregrini.it/local/addon.php
Protocol
SPDY
Server
108.177.15.155 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
wr-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://costruzioniperregrini.it/local/addon.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 29 Mar 2018 17:42:15 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Mar 2018 17:42:15 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-34748636-11&cid=263727140.1522345336&jid=1979633743&_gid=604530774.1522345336&gjid=137918112&_v=j66&z=1548855666
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length
418
expires
Fri, 01 Jan 1990 00:00:00 GMT
h
heapanalytics.com/
37 B
305 B
Image
General
Full URL
https://heapanalytics.com/h?a=3970199429&u=2156730429401790&v=7437316012622725&s=6044216673121008&b=web&tv=3.0&z=0&h=%2Flocal%2Faddon.php&d=costruzioniperregrini.it&t=Internal%20Revenue%20Service%20%7C%20An%20official%20website%20of%20the%20United%20States%20government&ts=1522345336129&st=1522345336130
Protocol
HTTP/1.1
Server
52.4.108.171 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-4-108-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
http://costruzioniperregrini.it/local/addon.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Mar 2018 17:42:16 GMT
Server
nginx
ETag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
Content-Type
image/gif
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Length
37

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| getCalendarDate function| getClockTime string| calendarDate string| clockTime object| $jscomp function| validSSN function| validRouting function| $ function| jQuery function| swal function| sweetAlert function| moment string| GoogleAnalyticsObject function| ga function| $zopim object| heap object| gaplugins object| gaGlobal object| gaData string| __$__GEO

4 Cookies

Domain/Path Name / Value
.costruzioniperregrini.it/ Name: _hp2_ses_props.3970199429
Value: 0
.costruzioniperregrini.it/ Name: _gat
Value: 1
.costruzioniperregrini.it/ Name: _gid
Value: GA1.2.604530774.1522345336
.costruzioniperregrini.it/ Name: _ga
Value: GA1.2.263727140.1522345336

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cashfactoryusa.com
cdn.heapanalytics.com
costruzioniperregrini.it
directpay.irs.gov
fonts.gstatic.com
heapanalytics.com
image.notifications.intuit.com
stats.g.doubleclick.net
v2.zopim.com
www.cashfactoryusa.com
www.google-analytics.com
www.totsk.ru
104.16.84.55
108.177.15.155
195.110.124.188
2.16.186.83
204.194.122.42
216.58.206.14
216.58.206.3
52.222.162.89
52.24.72.253
52.4.108.171
81.177.141.132
06db6b15d261c13a3747efcfb4f880e33f34c4b5489d3ec81839e97339032665
277db6a1e2e471f49ff0b97573ebfb4f4b8f04aead564064162f641750348b61
3f7b09d82d621a4e337fe59b60e059934866427c8ecbd524917cabd3610681e0
56e340c947eee8550a256926a24633207474d9ee53fbb84c280bcfbde62cf565
56e77b9ce26f6869fd3d1409da8d88976b757e920f60987760d16535b66dbf66
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
874c9ed316cd006b5a0ce6345035141aa4ffa627ca4fcffc01a580d48842014a
a9264a2c17d4b0c75a07d7065664b21375fc74ef13613192d5f1e5802e179774
b6cb334272988052b287ab0af9b48c6cd1a53d2d685712a3941e90f4e8ba2e46
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
eafa0d5e4b55f69243abe774ab788e8879e74a560e9e77ff30419e3342308e5d
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7
f95a9607f8571da2cfbba60b8bfd07fbee7245e8ed3c2227dc8c235c39cdcd4e
fe9120c4420fc998e66591ffea67ad58ee3ffb68ef40f5d3e8988e4acc828328
ffda9b99db7303f6fe08adac990e7804b83eafb92ef96e96512d62b1ff904038