gozafu.com Open in urlscan Pro
45.86.37.178 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://gozafu.com/
Submission: On December 14 via manual (December 14th 2023, 1:48:41 pm UTC) from NL — Scanned from NL

Summary HTTP 39 Redirects Links 36 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 39 HTTP transactions. The main IP is 45.86.37.178, located in St Louis, United States and belongs to CYBERCON, US. The main domain is gozafu.com.

This is the only time gozafu.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banca Mediolanum (Financial)

Domain & IP information

	IP Address	AS Autonomous System
24	45.86.37.178 45.86.37.178	7393 (CYBERCON) (CYBERCON)
2	45.60.124.166 45.60.124.166	19551 (INCAPSULA) (INCAPSULA)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
1 4	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
39	7

24 45.86.37.178 (St Louis, United States)

ASN7393 (CYBERCON, US)
PTR: server.sarahflashing.com

gozafu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.60.124.166 (United States)

ASN19551 (INCAPSULA, US)

www.bmedonline.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	gozafu.com gozafu.com	633 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	21 KB
4	googletagmanager.com 1 redirects www.googletagmanager.com — Cisco Umbrella Rank: 36	258 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 75	409 B
2	bmedonline.it www.bmedonline.it	37 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 735	32 KB
39	6

	Domain	Requested by
24	gozafu.com	gozafu.com code.jquery.com
4	region1.google-analytics.com	www.googletagmanager.com
4	www.googletagmanager.com	1 redirects gozafu.com
3	www.google-analytics.com	gozafu.com www.google-analytics.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	www.bmedonline.it	gozafu.com
1	code.jquery.com	gozafu.com
39	7

This site contains links to these domains. Also see Links.

Domain
www.bancamediolanum.it
www.familybanker.it
www.fondazionemediolanum.it
www.mediolanumcorporateuniversity.it
www.mediolanumfiduciaria.it
www.mediolanuminvestmentbanking.it
www.bancomediolanum.es
www.banklenz.de
www.gamaxfunds.com
www.eurocqs.it
www.flowe.com
www.mediolanumprivatebanker.it
www.centodieci.it
www.mediolanumassicurazioni.it
www.mediolanumgestionefondi.it
www.mediolanuminternationalfunds.it
www.mediolanuminternationallife.it
www.mediolanumvita.it
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com

Subject Issuer	Validity	Valid
www.bmedonline.it DigiCert EV RSA CA G2	`2023-06-28` - `2024-07-28`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://gozafu.com/
Frame ID: 1B49659FAF0154E8D8F1A4267169DC98
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home Page

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

28 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

982 kB
Transfer

2095 kB
Size

8
Cookies

36 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bancamediolanum.it/
Title: BANCA MEDIOLANUM

Search URL Search Domain Scan URL

URL: http://www.familybanker.it/
Title: FAMILY BANKER

Search URL Search Domain Scan URL

URL: http://www.fondazionemediolanum.it/
Title: FONDAZIONE MEDIOLANUM ONLUS

Search URL Search Domain Scan URL

URL: http://www.mediolanumcorporateuniversity.it/
Title: Mediolanum Corporate University

Search URL Search Domain Scan URL

URL: http://www.mediolanumfiduciaria.it/
Title: Mediolanum Fiduciaria

Search URL Search Domain Scan URL

URL: https://www.mediolanuminvestmentbanking.it/
Title: Mediolanum Investment Banking

Search URL Search Domain Scan URL

URL: https://www.bancomediolanum.es/
Title: Banco Mediolanum

Search URL Search Domain Scan URL

URL: https://www.banklenz.de/
Title: Bankhaus August Lenz

Search URL Search Domain Scan URL

URL: http://www.gamaxfunds.com/
Title: Gamax Management AG

Search URL Search Domain Scan URL

URL: http://www.eurocqs.it/
Title: EuroCQS S.p.A.

Search URL Search Domain Scan URL

URL: https://www.flowe.com/
Title: Flowe S.p.A. Società Benefit

Search URL Search Domain Scan URL

URL: http://www.mediolanumprivatebanker.it/
Title: Private Banking

Search URL Search Domain Scan URL

URL: http://www.centodieci.it/
Title: Centodieci

Search URL Search Domain Scan URL

URL: https://www.mediolanumassicurazioni.it/
Title: Mediolanum Assicurazioni

Search URL Search Domain Scan URL

URL: http://www.mediolanumgestionefondi.it/
Title: Mediolanum Gestione Fondi

Search URL Search Domain Scan URL

URL: http://www.mediolanuminternationalfunds.it/
Title: Mediolanum International Funds

Search URL Search Domain Scan URL

URL: https://www.mediolanuminternationallife.it/
Title: Mediolanum International Life

Search URL Search Domain Scan URL

URL: https://www.mediolanumvita.it/
Title: Mediolanum Vita

Search URL Search Domain Scan URL

URL: https://www.bancamediolanum.it/mutui-prestiti-online/selfy-paytime

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BancaMediolanum

Search URL Search Domain Scan URL

URL: https://twitter.com/BancaMediolanum

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/bancamediolanum

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/banca-mediolanum?trk=tyah

Search URL Search Domain Scan URL

URL: https://www.bancamediolanum.it/corporate-governance/dati-societari
Title: Dati societari

Search URL Search Domain Scan URL

URL: https://www.bancamediolanum.it/sicurezza
Title: Sicurezza

Search URL Search Domain Scan URL

URL: https://www.bancamediolanum.it/trasparenza
Title: Trasparenza

Search URL Search Domain Scan URL

URL: https://www.bancamediolanum.it/accessibilita-bmedonline
Title: Accessibilità

Search URL Search Domain Scan URL

URL: https://www.bancamediolanum.it/reclami-ricorsi-conciliazione
Title: Reclami, ricorsi e conciliazioni

Search URL Search Domain Scan URL

URL: https://www.bancamediolanum.it/promozioni-manifestazioni-a-premio
Title: Promozioni e manifestazioni a premio

Search URL Search Domain Scan URL

URL: https://www.bancamediolanum.it/informazioni-al-cliente/distribuzione-assicurativa
Title: Distribuzione assicurativa

Search URL Search Domain Scan URL

URL: https://www.bancamediolanum.it/corporate-governance/governance
Title: Governance

Search URL Search Domain Scan URL

URL: https://www.bancamediolanum.it/rapporti-dormienti
Title: Rapporti dormienti

Search URL Search Domain Scan URL

URL: https://www.bancamediolanum.it/aml-ctf
Title: AML & CTF

Search URL Search Domain Scan URL

URL: https://www.bancamediolanum.it/privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.bancamediolanum.it/corporate/investors/informative
Title: Bilanci

Search URL Search Domain Scan URL

URL: https://www.bancamediolanum.it/contatti-sede-mediolanum
Title: Contattaci

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

http://www.googletagmanager.com/gtm.js?id=GTM-W5NR82 HTTP 302
https://www.googletagmanager.com/gtm.js?id=GTM-W5NR82

Request Chain 24

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 29

http://www.googletagmanager.com/gtag/js?id=G-QBPVM0NLBR&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=G-QBPVM0NLBR&l=dataLayer&cx=c

Request Chain 30

http://www.googletagmanager.com/gtag/js?id=G-LF895BPLT1&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=G-LF895BPLT1&l=dataLayer&cx=c

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
gozafu.com/ 36 KB
9 KB 711ms
122ms Document
text/html 45.86.37.178
CYBERCON

General

Check archive.org

Show headers Download Go to

Full URL: http://gozafu.com/
Protocol: HTTP/1.1
Server: 45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS: server.sarahflashing.com
Software: LiteSpeed /
Resource Hash: 1846449135af23016e56843a1e21c027e4c1875cbae5f39ac7eda4bd7d6ba1a3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
accept-ranges: bytes
content-encoding: gzip
content-length: 8786
content-type: text/html
date: Thu, 14 Dec 2023 13:48:34 GMT
last-modified: Tue, 31 Oct 2023 11:09:44 GMT
server: LiteSpeed
vary: Accept-Encoding

GET
H/1.1 200
OK bootstrap.min.css
gozafu.com/files/ 138 KB
21 KB 122ms
122ms Stylesheet
text/css 45.86.37.178
CYBERCON

General

Check archive.org

Show headers Download Go to

Full URL: http://gozafu.com/files/bootstrap.min.css
Requested by: Host: gozafu.com
URL: http://gozafu.com/
Protocol: HTTP/1.1
Server: 45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS: server.sarahflashing.com
Software: LiteSpeed /
Resource Hash: 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gozafu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:48:34 GMT
content-encoding: gzip
last-modified: Tue, 25 Jul 2023 22:46:35 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 21072
expires: Thu, 21 Dec 2023 13:48:34 GMT

GET
H/1.1 200
OK login-psd2.css
gozafu.com/files/ 942 B
817 B 125ms
124ms Stylesheet
text/css 45.86.37.178
CYBERCON

General

Check archive.org

Show headers Download Go to

Full URL: http://gozafu.com/files/login-psd2.css
Requested by: Host: gozafu.com
URL: http://gozafu.com/
Protocol: HTTP/1.1
Server: 45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS: server.sarahflashing.com
Software: LiteSpeed /
Resource Hash: 08d5c60640ba612b7a723d496429c9007cb287fa49f5c3d2d422adb8ab57511c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gozafu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:48:34 GMT
content-encoding: gzip
last-modified: Tue, 25 Jul 2023 22:46:35 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 447
expires: Thu, 21 Dec 2023 13:48:34 GMT

GET
H/1.1 200
OK fonts.css
gozafu.com/files/ 7 KB
963 B 244ms
122ms Stylesheet
text/css 45.86.37.178
CYBERCON

General

Check archive.org

Show headers Download Go to

Full URL: http://gozafu.com/files/fonts.css
Requested by: Host: gozafu.com
URL: http://gozafu.com/
Protocol: HTTP/1.1
Server: 45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS: server.sarahflashing.com
Software: LiteSpeed /
Resource Hash: 737b9346c66562c4fcde8e59454b4324a34f03964f0440bde4c43eea5b2bb329

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gozafu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:48:35 GMT
content-encoding: gzip
last-modified: Tue, 25 Jul 2023 22:46:35 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 593
expires: Thu, 21 Dec 2023 13:48:35 GMT

GET
H/1.1 200
OK all.min.css
gozafu.com/files/ 55 KB
12 KB 245ms
122ms Stylesheet
text/css 45.86.37.178
CYBERCON

General

Check archive.org

Show headers Download Go to

Full URL: http://gozafu.com/files/all.min.css
Requested by: Host: gozafu.com
URL: http://gozafu.com/
Protocol: HTTP/1.1
Server: 45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS: server.sarahflashing.com
Software: LiteSpeed /
Resource Hash: d5a8d663a91d95976670c5cf5ec1e4a62fa884a49023ffff3b434f8a858c99ad

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gozafu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:48:35 GMT
content-encoding: gzip
last-modified: Tue, 25 Jul 2023 22:46:35 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 12306
expires: Thu, 21 Dec 2023 13:48:35 GMT

GET
H/1.1 200
OK jquery-3.3.1.js Show response
gozafu.com/files/ 276 KB
80 KB 245ms
123ms Script
application/javascript 45.86.37.178
CYBERCON

General

Check archive.org

Show headers Download Go to

Full URL: http://gozafu.com/files/jquery-3.3.1.js
Requested by: Host: gozafu.com
URL: http://gozafu.com/
Protocol: HTTP/1.1
Server: 45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS: server.sarahflashing.com
Software: LiteSpeed /
Resource Hash: efabc1df81a1c0ffd40244dfee5a978cc4c78f5abcdd32bab65fb95967dd364f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gozafu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:48:35 GMT
content-encoding: gzip
last-modified: Tue, 25 Jul 2023 22:46:35 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 81433
expires: Thu, 21 Dec 2023 13:48:35 GMT

GET
H/1.1 200
OK HB-bmed-logo.jpeg
gozafu.com/files/ 33 KB
33 KB 246ms
123ms Image
image/jpeg 45.86.37.178
CYBERCON

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gozafu.com/files/HB-bmed-logo.jpeg
Requested by: Host: gozafu.com
URL: http://gozafu.com/
Protocol: HTTP/1.1
Server: 45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS: server.sarahflashing.com
Software: LiteSpeed /
Resource Hash: 3a3cebc4d7a4938330f7ae34c9ddb7318805a2c1f275bd460c6377be4b4efc2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gozafu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:48:35 GMT
last-modified: Fri, 06 Oct 2023 22:35:49 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 33872
expires: Thu, 21 Dec 2023 13:48:35 GMT

GET
H/1.1 200
OK user.png
gozafu.com/files/ 788 B
1 KB 122ms
122ms Image
image/png 45.86.37.178
CYBERCON

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gozafu.com/files/user.png
Requested by: Host: gozafu.com
URL: http://gozafu.com/
Protocol: HTTP/1.1
Server: 45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS: server.sarahflashing.com
Software: LiteSpeed /
Resource Hash: 8887872dfa818a2c63ba2a496f811cbcbef2e6444c0d343e295e832cece0f510

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gozafu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:48:35 GMT
last-modified: Tue, 31 Oct 2023 11:08:12 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 788
expires: Thu, 21 Dec 2023 13:48:35 GMT

GET
H/1.1 200
OK ico-alert-new.png
gozafu.com/files/ 3 KB
3 KB 122ms
122ms Image
image/png 45.86.37.178
CYBERCON

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gozafu.com/files/ico-alert-new.png
Requested by: Host: gozafu.com
URL: http://gozafu.com/
Protocol: HTTP/1.1
Server: 45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS: server.sarahflashing.com
Software: LiteSpeed /
Resource Hash: d287be0e320369cd079d543be40255dd263750b71cf2b3d6d402fe8894262d5f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gozafu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:48:35 GMT
last-modified: Tue, 31 Oct 2023 11:08:49 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 3064
expires: Thu, 21 Dec 2023 13:48:35 GMT

GET
H/1.1 200
OK 20230608_Mediolanum_selfypay_bmedonline_767%C3%97587.png
gozafu.com/files/ 381 KB
381 KB 123ms
123ms Image
image/png 45.86.37.178
CYBERCON

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gozafu.com/files/20230608_Mediolanum_selfypay_bmedonline_767%C3%97587.png
Requested by: Host: gozafu.com
URL: http://gozafu.com/
Protocol: HTTP/1.1
Server: 45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS: server.sarahflashing.com
Software: LiteSpeed /
Resource Hash: 83aba45d0a6b45b0911d0a5435385b54bdcd3275e71399772f146c4a378f6300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gozafu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:48:35 GMT
last-modified: Fri, 06 Oct 2023 22:33:00 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 390145
expires: Thu, 21 Dec 2023 13:48:35 GMT

GET
H/1.1 200
OK logo-mediolanum.png
gozafu.com/files/ 3 KB
3 KB 122ms
122ms Image
image/png 45.86.37.178
CYBERCON

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gozafu.com/files/logo-mediolanum.png
Requested by: Host: gozafu.com
URL: http://gozafu.com/
Protocol: HTTP/1.1
Server: 45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS: server.sarahflashing.com
Software: LiteSpeed /
Resource Hash: 4521d2660af14ced6628837ff5ec772f2f7bc4467acfaee5d45529065bc322d4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gozafu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:48:35 GMT
last-modified: Tue, 31 Oct 2023 11:09:35 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 2985
expires: Thu, 21 Dec 2023 13:48:35 GMT

GET
H2 200 popper.js Show response
www.bmedonline.it/ecm/static-assets/login-psd2/dist/ 88 KB
23 KB 116ms
28ms Script
application/javascript 45.60.124.166
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bmedonline.it/ecm/static-assets/login-psd2/dist/popper.js
Requested by: Host: gozafu.com
URL: http://gozafu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.166 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: ec4fc7a65067ee9d86c889521f335efa20a53b6a86997b3aca9dfc74afd7767f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gozafu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:48:35 GMT
content-encoding: gzip
x-cdn: Imperva
etag: "06b0101d152ae79c9be6b02e01c699e95"
content-type: application/javascript
x-iinfo: 33-2332356-0 0CNN RT(1702561715501 32) q(0 -1 -1 0) r(0 -1)
cache-control: max-age=237, public
x-incap-sess-cookie-hdr: q9/UQKHgZwE0hIiClG1pF7MHe2UAAAAAyGrqCk2O5tRPJswbPCRlWA==
content-length: 22564
expires: Thu, 14 Dec 2023 13:52:32 GMT

GET
H2 200 bootstrap.min.js Show response
www.bmedonline.it/ecm/static-assets/login-psd2/dist/ 50 KB
14 KB 28ms
28ms Script
application/javascript 45.60.124.166
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bmedonline.it/ecm/static-assets/login-psd2/dist/bootstrap.min.js
Requested by: Host: gozafu.com
URL: http://gozafu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.166 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gozafu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:48:35 GMT
content-encoding: gzip
x-cdn: Imperva
etag: "067176c242e1bdc20603c878dee836df3"
content-type: application/javascript
x-iinfo: 33-2332356-0 0CNN RT(1702561715501 77) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=237, public
x-incap-sess-cookie-hdr: 0UlJVFCpnyo0hIiClG1pF7MHe2UAAAAAQfEO9mVu7Ntf1WzYa695Dw==
content-length: 14085
expires: Thu, 14 Dec 2023 13:52:32 GMT

GET
H2 200 jquery-1.9.1.min.js Show response
code.jquery.com/ 90 KB
32 KB 504ms
165ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.9.1.min.js
Requested by: Host: gozafu.com
URL: http://gozafu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gozafu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:48:36 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3953054
x-cache: HIT, HIT
content-length: 32772
x-served-by: cache-lga13625-LGA, cache-bom4720-BOM
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1702561717.595416,VS0,VE0
etag: W/"28feccc0-169d5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 56, 13571490

GET
H2

200

gtm.js Show response
www.googletagmanager.com/
Redirect Chain

http://www.googletagmanager.com/gtm.js?id=GTM-W5NR82
https://www.googletagmanager.com/gtm.js?id=GTM-W5NR82

262 KB
87 KB

124ms
50ms

Script
application/javascript

2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W5NR82

Requested by

Host: gozafu.com
URL: http://gozafu.com/

Protocol

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f03d51b5bb8b8e092eb80c4aad72f9b9e65f7c95f13b88a502394a2b3b7d1338

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gozafu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:48:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89141
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Dec 2023 13:48:36 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtm.js?id=GTM-W5NR82
Date: Thu, 14 Dec 2023 13:48:36 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK arrow-down-nav-gruppo-off.png
gozafu.com/files/ 155 B
479 B 122ms
122ms Image
image/png 45.86.37.178
CYBERCON

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gozafu.com/files/arrow-down-nav-gruppo-off.png
Requested by: Host: gozafu.com
URL: http://gozafu.com/
Protocol: HTTP/1.1
Server: 45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS: server.sarahflashing.com
Software: LiteSpeed /
Resource Hash: feaaf4e9e2f8cd65ece2416845dbd7513d07029557275eb440497f17a6edd520

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gozafu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:48:35 GMT
last-modified: Tue, 25 Jul 2023 22:46:35 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 155
expires: Thu, 21 Dec 2023 13:48:35 GMT

GET
H/1.1 404
Not Found mediolanumsans-regular.otf
gozafu.com/files/fonts/webfontkit-20150730-065551/ 0
0 122ms
122ms Font
text/html 45.86.37.178
CYBERCON

General

Check archive.org

Show headers Download Go to

Full URL: http://gozafu.com/files/fonts/webfontkit-20150730-065551/mediolanumsans-regular.otf
Requested by: Host: gozafu.com
URL: http://gozafu.com/files/fonts.css
Protocol: HTTP/1.1
Server: 45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS: server.sarahflashing.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: http://gozafu.com/files/fonts.css
Origin: http://gozafu.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 13:48:35 GMT
server: LiteSpeed
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 1238

GET
H/1.1 404
Not Found mediolanumsans-bold.otf
gozafu.com/files/fonts/webfontkit-20150730-065025/ 0
0 123ms
123ms Font
text/html 45.86.37.178
CYBERCON

General

Check archive.org

Show headers Download Go to

Full URL: http://gozafu.com/files/fonts/webfontkit-20150730-065025/mediolanumsans-bold.otf
Requested by: Host: gozafu.com
URL: http://gozafu.com/files/fonts.css
Protocol: HTTP/1.1
Server: 45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS: server.sarahflashing.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: http://gozafu.com/files/fonts.css
Origin: http://gozafu.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 13:48:35 GMT
server: LiteSpeed
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 1238

GET
H/1.1 404
Not Found fa-brands-400.woff2
gozafu.com/files/fonts/ 0
0 122ms
122ms Font
text/html 45.86.37.178
CYBERCON

General

Check archive.org

Show headers Download Go to

Full URL: http://gozafu.com/files/fonts/fa-brands-400.woff2
Requested by: Host: gozafu.com
URL: http://gozafu.com/files/all.min.css
Protocol: HTTP/1.1
Server: 45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS: server.sarahflashing.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: http://gozafu.com/files/all.min.css
Origin: http://gozafu.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 13:48:35 GMT
server: LiteSpeed
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 1238

GET
H/1.1 404
Not Found mediolanumsans-regular.woff2
gozafu.com/files/fonts/webfontkit-20150730-065551/ 0
0 122ms
122ms Font
text/html 45.86.37.178
CYBERCON

General

Check archive.org

Show headers Download Go to

Full URL: http://gozafu.com/files/fonts/webfontkit-20150730-065551/mediolanumsans-regular.woff2
Requested by: Host: gozafu.com
URL: http://gozafu.com/files/fonts.css
Protocol: HTTP/1.1
Server: 45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS: server.sarahflashing.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: http://gozafu.com/files/fonts.css
Origin: http://gozafu.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 13:48:35 GMT
server: LiteSpeed
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 1238

GET
H/1.1 404
Not Found mediolanumsans-bold.woff2
gozafu.com/files/fonts/webfontkit-20150730-065025/ 0
0 123ms
123ms Font
text/html 45.86.37.178
CYBERCON

General

Check archive.org

Show headers Download Go to

Full URL: http://gozafu.com/files/fonts/webfontkit-20150730-065025/mediolanumsans-bold.woff2
Requested by: Host: gozafu.com
URL: http://gozafu.com/files/fonts.css
Protocol: HTTP/1.1
Server: 45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS: server.sarahflashing.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: http://gozafu.com/files/fonts.css
Origin: http://gozafu.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 13:48:35 GMT
server: LiteSpeed
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 1238

GET
H/1.1 404
Not Found fa-brands-400.woff
gozafu.com/files/fonts/ 0
0 122ms
122ms Font
text/html 45.86.37.178
CYBERCON

General

Check archive.org

Show headers Download Go to

Full URL: http://gozafu.com/files/fonts/fa-brands-400.woff
Requested by: Host: gozafu.com
URL: http://gozafu.com/files/all.min.css
Protocol: HTTP/1.1
Server: 45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS: server.sarahflashing.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: http://gozafu.com/files/all.min.css
Origin: http://gozafu.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 13:48:35 GMT
server: LiteSpeed
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 1238

GET
H/1.1 404
Not Found mediolanumsans-regular.woff
gozafu.com/files/fonts/webfontkit-20150730-065551/ 0
0 122ms
122ms Font
text/html 45.86.37.178
CYBERCON

General

Check archive.org

Show headers Download Go to

Full URL: http://gozafu.com/files/fonts/webfontkit-20150730-065551/mediolanumsans-regular.woff
Requested by: Host: gozafu.com
URL: http://gozafu.com/files/fonts.css
Protocol: HTTP/1.1
Server: 45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS: server.sarahflashing.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: http://gozafu.com/files/fonts.css
Origin: http://gozafu.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 13:48:35 GMT
server: LiteSpeed
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 1238

GET
H/1.1 404
Not Found mediolanumsans-bold.woff
gozafu.com/files/fonts/webfontkit-20150730-065025/ 0
0 123ms
123ms Font
text/html 45.86.37.178
CYBERCON

General

Check archive.org

Show headers Download Go to

Full URL: http://gozafu.com/files/fonts/webfontkit-20150730-065025/mediolanumsans-bold.woff
Requested by: Host: gozafu.com
URL: http://gozafu.com/files/fonts.css
Protocol: HTTP/1.1
Server: 45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS: server.sarahflashing.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: http://gozafu.com/files/fonts.css
Origin: http://gozafu.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 13:48:35 GMT
server: LiteSpeed
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 1238

GET
H/1.1 200
OK fa-brands-400.ttf
gozafu.com/files/fonts/ 128 KB
87 KB 124ms
123ms Font
font/ttf 45.86.37.178
CYBERCON

General

Check archive.org

Show headers Download Go to

Full URL: http://gozafu.com/files/fonts/fa-brands-400.ttf
Requested by: Host: gozafu.com
URL: http://gozafu.com/files/all.min.css
Protocol: HTTP/1.1
Server: 45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS: server.sarahflashing.com
Software: LiteSpeed /
Resource Hash: ca785b3a0d0f4c1bd0cbbe298a989af28aff3086b6522c2eaf9f7c110f080874

Request headers

Referer: http://gozafu.com/files/all.min.css
Origin: http://gozafu.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:48:35 GMT
content-encoding: gzip
last-modified: Tue, 25 Jul 2023 22:46:35 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 88235
expires: Thu, 21 Dec 2023 13:48:35 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

52 KB
21 KB

102ms
31ms

Script
text/javascript

2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: gozafu.com
URL: http://gozafu.com/

Protocol

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gozafu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 14 Dec 2023 13:48:14 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 22
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 14 Dec 2023 15:48:14 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 404
Not Found mediolanumsans-regular.ttf
gozafu.com/files/fonts/webfontkit-20150730-065551/ 0
0 122ms
122ms Font
text/html 45.86.37.178
CYBERCON

General

Check archive.org

Show headers Download Go to

Full URL: http://gozafu.com/files/fonts/webfontkit-20150730-065551/mediolanumsans-regular.ttf
Requested by: Host: gozafu.com
URL: http://gozafu.com/files/fonts.css
Protocol: HTTP/1.1
Server: 45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS: server.sarahflashing.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: http://gozafu.com/files/fonts.css
Origin: http://gozafu.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 13:48:35 GMT
server: LiteSpeed
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 1238

GET
H/1.1 404
Not Found mediolanumsans-bold.ttf
gozafu.com/files/fonts/webfontkit-20150730-065025/ 0
0 123ms
123ms Font
text/html 45.86.37.178
CYBERCON

General

Check archive.org

Show headers Download Go to

Full URL: http://gozafu.com/files/fonts/webfontkit-20150730-065025/mediolanumsans-bold.ttf
Requested by: Host: gozafu.com
URL: http://gozafu.com/files/fonts.css
Protocol: HTTP/1.1
Server: 45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS: server.sarahflashing.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: http://gozafu.com/files/fonts.css
Origin: http://gozafu.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 13:48:35 GMT
server: LiteSpeed
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 1238

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
204 B 39ms
38ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=131789390&t=pageview&_s=1&dl=http%3A%2F%2Fgozafu.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Home%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAACAAM~&jid=1080770576&gjid=428399558&cid=1775486825.1702561717&tid=UA-75985629-1&_gid=1227802759.1702561717&_slc=1&gtm=45He3bt0n71W5NR82v71516773&cd1=PUBBLICA&cd3=1702561716455.dphzvx5s&cd4=2023-12-14T14%3A48%3A36.455%2B01%3A00&cd11=1702561716454.rh2etgjs&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=22909165

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://gozafu.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 13:48:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://gozafu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
342 B 101ms
34ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-75985629-1&cid=1775486825.1702561717&jid=1080770576&gjid=428399558&_gid=1227802759.1702561717&_u=YGBAiEABBAAAAGAAM~&z=544130803

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://gozafu.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 14 Dec 2023 13:48:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://gozafu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=G-QBPVM0NLBR&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=G-QBPVM0NLBR&l=dataLayer&cx=c

244 KB
84 KB

50ms
50ms

Script
application/javascript

2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QBPVM0NLBR&l=dataLayer&cx=c

Requested by

Host: gozafu.com
URL: http://gozafu.com/

Protocol

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ad46e7d3084f544d1fe6daaa4e792084930cf3f5618438dc82017525de7ea730

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gozafu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:48:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86227
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Dec 2023 13:48:36 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=G-QBPVM0NLBR&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=G-LF895BPLT1&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=G-LF895BPLT1&l=dataLayer&cx=c

248 KB
86 KB

59ms
59ms

Script
application/javascript

2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LF895BPLT1&l=dataLayer&cx=c

Requested by

Host: gozafu.com
URL: http://gozafu.com/

Protocol

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2276f02fb52019f20a4d42c0a5e5a44fa7158140b50e1681ffec52c03609bcba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gozafu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:48:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87464
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Dec 2023 13:48:36 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=G-LF895BPLT1&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 38ms
38ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=131789390&t=pageview&_s=1&dl=http%3A%2F%2Fgozafu.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Home%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGhAiEABBAAAAGAAM~&jid=1159351952&gjid=518388201&cid=1775486825.1702561717&tid=UA-42757807-1&_gid=225887756.1702561717&_slc=1&gtm=45He3bt0n71W5NR82v71516773&cd1=PUBBLICA&cd3=2023-12-14T14%3A48%3A36.747%2B01%3A00&cd11=1702561716747.evf28eae&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1613537879

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://gozafu.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 13:48:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://gozafu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 33ms
33ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-42757807-1&cid=1775486825.1702561717&jid=1159351952&gjid=518388201&_gid=225887756.1702561717&_u=aGhAiEABBAAAAGAAM~&z=528958857

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://gozafu.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 14 Dec 2023 13:48:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://gozafu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
241 B 82ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QBPVM0NLBR&gtm=45je3bt0v889410321z871516773&_p=1702561716172&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1775486825.1702561717&ul=en-us&sr=1600x1200&_s=1&dt=%2F&sid=1702561716&sct=1&seg=0&dl=http%3A%2F%2Fgozafu.com%2F&en=page_view&_fv=1&_ss=1&ep.area_sito=PUBBLICA&ep.hit_timestamp=2023-12-14T14%3A48%3A36.743%2B01%3A00&up.timestamp=2023-12-14T14%3A48%3A36.743%2B01%3A00&tfd=1909
Requested by: Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=G-QBPVM0NLBR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gozafu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 13:48:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://gozafu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 77ms
31ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QBPVM0NLBR&gtm=45je3bt0v889410321&_p=1702561716172&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1775486825.1702561717&ul=en-us&sr=1600x1200&_eu=AEA&_s=2&dt=%2F&sid=1702561716&sct=1&seg=0&dl=http%3A%2F%2Fgozafu.com%2F&en=scroll&ep.area_sito=PUBBLICA&ep.hit_timestamp=2023-12-14T14%3A48%3A36.743%2B01%3A00&epn.percent_scrolled=90&_et=4&tfd=1917
Requested by: Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=G-QBPVM0NLBR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gozafu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 13:48:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://gozafu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 58ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LF895BPLT1&gtm=45je3bt0v872518050z871516773&_p=1702561716172&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1775486825.1702561717&ul=en-us&sr=1600x1200&_s=1&dt=%2F&sid=1702561716&sct=1&seg=0&dl=http%3A%2F%2Fgozafu.com%2F&en=page_view&_fv=1&_ss=1&ep.area_sito=PUBBLICA&ep.hit_timestamp=2023-12-14T14%3A48%3A36.746%2B01%3A00&up.timestamp=2023-12-14T14%3A48%3A36.745%2B01%3A00&tfd=1934
Requested by: Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=G-LF895BPLT1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gozafu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 13:48:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://gozafu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 54ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LF895BPLT1&gtm=45je3bt0v872518050z871516773&_p=1702561716172&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1775486825.1702561717&ul=en-us&sr=1600x1200&_s=2&dt=%2F&sid=1702561716&sct=1&seg=0&dl=http%3A%2F%2Fgozafu.com%2F&en=fetch_user_data&ep.area_sito=PUBBLICA&ep.hit_timestamp=2023-12-14T14%3A48%3A36.746%2B01%3A00&ep.custom_session_id=1702561716&_et=2&tfd=1938
Requested by: Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=G-LF895BPLT1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gozafu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 13:48:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://gozafu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK access.php Show response
gozafu.com/panel/ 88 B
333 B 687ms
687ms XHR
text/html 45.86.37.178
CYBERCON

General

Check archive.org

Show headers Download Go to

Full URL: http://gozafu.com/panel/access.php
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.9.1.min.js
Protocol: HTTP/1.1
Server: 45.86.37.178 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS: server.sarahflashing.com
Software: LiteSpeed /
Resource Hash: fea1078f1c89033344ccd1179dfb9e24cd64acddbccbc9157997348f194e9367

Request headers

Accept: */*
Referer: http://gozafu.com/
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:48:36 GMT
content-encoding: gzip
server: LiteSpeed
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 95

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banca Mediolanum (Financial)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gozafu.com/	1970-01-21 02:32:01	Name: _rollupGA Value: GA1.2.1775486825.1702561717
.gozafu.com/	1970-01-20 16:57:28	Name: _rollupGA_gid Value: GA1.2.1227802759.1702561717
.gozafu.com/	1970-01-20 16:56:01	Name: _dc_gtm_UA-75985629-1 Value: 1
.gozafu.com/	1970-01-20 16:57:28	Name: _gid Value: GA1.2.225887756.1702561717
.gozafu.com/	1970-01-20 16:56:01	Name: _dc_gtm_UA-42757807-1 Value: 1
.gozafu.com/	1970-01-21 02:32:01	Name: _ga Value: GA1.1.1775486825.1702561717
.gozafu.com/	1970-01-21 02:32:01	Name: _ga_QBPVM0NLBR Value: GS1.1.1702561716.1.0.1702561716.0.0.0
.gozafu.com/	1970-01-21 02:32:01	Name: _ga_LF895BPLT1 Value: GS1.1.1702561716.1.0.1702561716.0.0.0

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://gozafu.com/files/fonts/webfontkit-20150730-065551/mediolanumsans-regular.otf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://gozafu.com/files/fonts/webfontkit-20150730-065025/mediolanumsans-bold.otf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://gozafu.com/files/fonts/fa-brands-400.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://gozafu.com/files/fonts/webfontkit-20150730-065551/mediolanumsans-regular.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://gozafu.com/files/fonts/webfontkit-20150730-065025/mediolanumsans-bold.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://gozafu.com/files/fonts/fa-brands-400.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://gozafu.com/files/fonts/webfontkit-20150730-065551/mediolanumsans-regular.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://gozafu.com/files/fonts/webfontkit-20150730-065025/mediolanumsans-bold.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://gozafu.com/files/fonts/webfontkit-20150730-065551/mediolanumsans-regular.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://gozafu.com/files/fonts/webfontkit-20150730-065025/mediolanumsans-bold.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
gozafu.com
region1.google-analytics.com
stats.g.doubleclick.net
www.bmedonline.it
www.google-analytics.com
www.googletagmanager.com
2001:4860:4802:32::36
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2008
2a00:1450:400c:c00::9d
2a04:4e42:600::649
45.60.124.166
45.86.37.178
08d5c60640ba612b7a723d496429c9007cb287fa49f5c3d2d422adb8ab57511c
1846449135af23016e56843a1e21c027e4c1875cbae5f39ac7eda4bd7d6ba1a3
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2276f02fb52019f20a4d42c0a5e5a44fa7158140b50e1681ffec52c03609bcba
3a3cebc4d7a4938330f7ae34c9ddb7318805a2c1f275bd460c6377be4b4efc2e
4521d2660af14ced6628837ff5ec772f2f7bc4467acfaee5d45529065bc322d4
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
737b9346c66562c4fcde8e59454b4324a34f03964f0440bde4c43eea5b2bb329
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
83aba45d0a6b45b0911d0a5435385b54bdcd3275e71399772f146c4a378f6300
8887872dfa818a2c63ba2a496f811cbcbef2e6444c0d343e295e832cece0f510
ad46e7d3084f544d1fe6daaa4e792084930cf3f5618438dc82017525de7ea730
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
ca785b3a0d0f4c1bd0cbbe298a989af28aff3086b6522c2eaf9f7c110f080874
d287be0e320369cd079d543be40255dd263750b71cf2b3d6d402fe8894262d5f
d5a8d663a91d95976670c5cf5ec1e4a62fa884a49023ffff3b434f8a858c99ad
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec4fc7a65067ee9d86c889521f335efa20a53b6a86997b3aca9dfc74afd7767f
efabc1df81a1c0ffd40244dfee5a978cc4c78f5abcdd32bab65fb95967dd364f
f03d51b5bb8b8e092eb80c4aad72f9b9e65f7c95f13b88a502394a2b3b7d1338
fea1078f1c89033344ccd1179dfb9e24cd64acddbccbc9157997348f194e9367
feaaf4e9e2f8cd65ece2416845dbd7513d07029557275eb440497f17a6edd520

gozafu.com Open in urlscan Pro 45.86.37.178 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

39 Requests

28 %HTTPS

71 %IPv6

6 Domains

7 Subdomains

7 IPs

3 Countries

982 kBTransfer

2095 kBSize

8 Cookies

36 Outgoing links

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

gozafu.com Open in urlscan Pro
45.86.37.178 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

28 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

982 kB
Transfer

2095 kB
Size

8
Cookies

39 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!