urlscan.io logo urlscan.io
SecurityTrails logo

www.prima.it Open in urlscan Pro
2606:4700:10::6814:ea1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://echo7.bluehornet.com/ct/56909568:6bJNpWufN:m:1:3026998611:3BEC081D2EFC6EC0ADC88AF1C6ACE3D6:r
Effective URL: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=cal...
Submission: On March 06 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 26 HTTP transactions. The main IP is 2606:4700:10::6814:ea1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.prima.it.
TLS certificate: Issued by GeoTrust EV RSA CA 2018 on February 5th 2021. Valid for: a year.
This is the only time www.prima.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 44.239.140.141 16509 (AMAZON-02)
1 1 18.202.89.33 16509 (AMAZON-02)
2 3 34.95.109.120 15169 (GOOGLE)
1 65.9.187.63 16509 (AMAZON-02)
1 188.165.150.178 16276 (OVH)
23 2606:4700:10:... 13335 (CLOUDFLAR...)
26 5
1    44.239.140.141 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-140-141.us-west-2.compute.amazonaws.com
echo7.bluehornet.com
1    18.202.89.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-89-33.eu-west-1.compute.amazonaws.com
aff.rapidaconsegna.it
3    34.95.109.120 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 120.109.95.34.bc.googleusercontent.com
clk.tradedoubler.com
1    65.9.187.63 (United States)

ASN16509 (AMAZON-02, US)
vht.tradedoubler.com
1    188.165.150.178 (France)

ASN16276 (OVH, FR)
PTR: lb02.net.royalcactus.com
analytics.tradedoubler.com
23    2606:4700:10::6814:ea1 (United States)

ASN13335 (CLOUDFLARENET, US)
www.prima.it
Domain Requested by
23 www.prima.it www.prima.it
clk.tradedoubler.com
3 clk.tradedoubler.com 2 redirects
1 analytics.tradedoubler.com vht.tradedoubler.com
1 vht.tradedoubler.com clk.tradedoubler.com
1 aff.rapidaconsegna.it 1 redirects
1 echo7.bluehornet.com 1 redirects
26 6

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
*.tradedoubler.com
R3		 2021-01-23 -
2021-04-23		 3 months crt.sh
www.prima.it
GeoTrust EV RSA CA 2018		 2021-02-05 -
2022-03-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
Frame ID: BCEBF281B7E398C9C31A3F3363246090
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://echo7.bluehornet.com/ct/56909568:6bJNpWufN:m:1:3026998611:3BEC081D2EFC6EC0ADC88AF1C6ACE3D6:r HTTP 302
    https://aff.rapidaconsegna.it/aff_c?offer_id=1715&aff_id=804&file_id=12385&aff_sub=XXX&p=312275&a=3196158&... HTTP 302
    http://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=h... HTTP 302
    https://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=h... Page URL
  2. https://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=h... HTTP 302
    https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=advicem... Page URL
  3. https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=advicem... Page URL
  4. https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=advicem... Page URL
  5. https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=advicem... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /^1\.1 google$/i

Page Statistics

26
Requests

100 %
HTTPS

17 %
IPv6

4
Domains

6
Subdomains

5
IPs

3
Countries

132 kB
Transfer

388 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://echo7.bluehornet.com/ct/56909568:6bJNpWufN:m:1:3026998611:3BEC081D2EFC6EC0ADC88AF1C6ACE3D6:r HTTP 302
    https://aff.rapidaconsegna.it/aff_c?offer_id=1715&aff_id=804&file_id=12385&aff_sub=XXX&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme&utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme HTTP 302
    http://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme HTTP 302
    https://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme Page URL
  2. https://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme HTTP 302
    https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme Page URL
  3. https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme Page URL
  4. https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme Page URL
  5. https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://echo7.bluehornet.com/ct/56909568:6bJNpWufN:m:1:3026998611:3BEC081D2EFC6EC0ADC88AF1C6ACE3D6:r HTTP 302
  • https://aff.rapidaconsegna.it/aff_c?offer_id=1715&aff_id=804&file_id=12385&aff_sub=XXX&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme&utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme HTTP 302
  • http://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme HTTP 302
  • https://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
Request Chain 3
  • https://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme HTTP 302
  • https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
click
clk.tradedoubler.com/
Redirect Chain
  • http://echo7.bluehornet.com/ct/56909568:6bJNpWufN:m:1:3026998611:3BEC081D2EFC6EC0ADC88AF1C6ACE3D6:r
  • https://aff.rapidaconsegna.it/aff_c?offer_id=1715&aff_id=804&file_id=12385&aff_sub=XXX&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme&utm_source=EMAIL&utm_medium=dem_adviceme_nc2...
  • http://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=advi...
  • https://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adv...
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.109.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
120.109.95.34.bc.googleusercontent.com
Software
TXServerHttp /
Resource Hash
1efd3cf3fa0b1dfe019267c9c3e69710d8d7c1caed7de6240a91e96fce8e36fb

Request headers

:method
GET
:authority
clk.tradedoubler.com
:scheme
https
:path
/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=ISO-8859-1
server
TXServerHttp
access-control-allow-origin
*
cache-control
private, max-age=0
pragma
no-cache
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy
origin
date
Sat, 06 Mar 2021 11:05:02 GMT
content-length
1389
via
1.1 google
alt-svc
clear

Redirect headers

Location
https://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
Date
Sat, 06 Mar 2021 11:05:02 GMT
Content-Length
460
Content-Type
text/html; charset=ISO-8859-1
Via
1.1 google
prefs.js
vht.tradedoubler.com/fp/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vht.tradedoubler.com/fp/prefs.js
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.187.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d

Request headers

Referer
https://clk.tradedoubler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 28 Feb 2021 03:44:39 GMT
Content-Encoding
gzip
Age
544823
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 15 Oct 2018 09:28:46 GMT
Server
Apache
ETag
W/"2509-57841106334e6"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 38a3f663851a0597e7026100a58b9b39.cloudfront.net (CloudFront)
Cache-Control
max-age=604800, public
X-Amz-Cf-Pop
ZAG50-C1
X-Amz-Cf-Id
Yv4yNrBnMhYEIzbvIUnp0_z4Qo6s4uTvaGjRUshQFrn0cRlQeAESEg==
Expires
Sun, 07 Mar 2021 03:44:39 GMT
/
analytics.tradedoubler.com/ 		0
241 B 		Other
General
Check archive.org
Download Go to
Full URL
https://analytics.tradedoubler.com/
Requested by
Host: vht.tradedoubler.com
URL: https://vht.tradedoubler.com/fp/prefs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.165.150.178 , France, ASN16276 (OVH, FR),
Reverse DNS
lb02.net.royalcactus.com
Software
nginx /
Resource Hash

Request headers

Referer
https://clk.tradedoubler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 06 Mar 2021 11:05:02 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
adviceme
www.prima.it/l/
Redirect Chain
  • https://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adv...
  • https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
181db08838e79c38d9d53b0752a2b0ec523d3af9cfe72f1d9969c4dde7455199
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.prima.it
:scheme
https
:path
/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://clk.tradedoubler.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
Origin
https://clk.tradedoubler.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://clk.tradedoubler.com/

Response headers

date
Sat, 06 Mar 2021 11:05:02 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
set-cookie
__cfduid=d5c90866d4e681a11fbb639172fc9da9d1615028702; expires=Mon, 05-Apr-21 11:05:02 GMT; path=/; domain=.prima.it; HttpOnly; SameSite=Lax
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id
08a8cf66df00004e07afb2f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
62bb1b516e3b4e07-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

location
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
set-cookie
EH_0=1z11z1zmwzXnu6Vz1QiZyYhaOi7qyDAOWQC8gtRjEhFvJ2RWhl1GB7%799vamQNn%7aE6.MSfTuNDmt%79DI4ndba5j4bLRhdpm%7aUoSjj0t0PAh%7akmwOtQSd%7aUQRGpPBOs3WX;expires=Sun, 06-Mar-2022 11:05:02 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure GUID=1z11zzmwzUQYXZzd5e771c98c7bb068074268740de08045;expires=Sun, 06-Mar-2022 11:05:02 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure TradeDoublerGUID=d5e771c98c7bb068074268740de08045;expires=Sun, 06-Mar-2022 11:05:02 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure
server
TXServerHttp
access-control-allow-origin
*
cache-control
private, max-age=0
pragma
no-cache
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy
origin
date
Sat, 06 Mar 2021 11:05:01 GMT
content-length
356
content-type
text/html; charset=ISO-8859-1
via
1.1 google
alt-svc
clear
v1
www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1
Requested by
Host: www.prima.it
URL: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
182dd8f4b266ee8d97c5411c915a0043e1725bed9c57a8964a4c9e0a41a6d695
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 11:05:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=15552000; preload
cf-ray
62bb1b518e7a4e07-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08a8cf66f600004e07b49c5000000001
transparent.gif
www.prima.it/cdn-cgi/images/trace/jschal/js/ 		42 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prima.it/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=62bb1b516e3b4e07
Requested by
Host: www.prima.it
URL: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 11:05:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 10:28:58 GMT
server
cloudflare
etag
"6040b66a-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
62bb1b518e7c4e07-FRA
vary
Accept-Encoding
content-length
42
expires
Sat, 06 Mar 2021 13:05:02 GMT
transparent.gif
www.prima.it/cdn-cgi/images/trace/jschal/nojs/ 		42 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prima.it/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=62bb1b516e3b4e07
Requested by
Host: www.prima.it
URL: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 11:05:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 10:28:58 GMT
server
cloudflare
etag
"6040b66a-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
62bb1b518e7d4e07-FRA
vary
Accept-Encoding
content-length
42
expires
Sat, 06 Mar 2021 13:05:02 GMT
9eadf1075db41f5
www.prima.it/cdn-cgi/challenge-platform/h/g/generate/ov1/0.7145319403667991:1615028505:69966a00782a01edfd0a98c736a9482a8356d641020dbc1855457f2951674016/62bb1b516e3b4e07/ 		43 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.prima.it/cdn-cgi/challenge-platform/h/g/generate/ov1/0.7145319403667991:1615028505:69966a00782a01edfd0a98c736a9482a8356d641020dbc1855457f2951674016/62bb1b516e3b4e07/9eadf1075db41f5
Requested by
Host: www.prima.it
URL: https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8688433d39a7027235d117dc1821b50960c2e33ee92065286bb6e2b7bea692c6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
CF-Challenge
9eadf1075db41f5
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 06 Mar 2021 11:05:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
strict-transport-security
max-age=15552000; preload
cf-ray
62bb1b51ff124e07-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08a8cf673b00004e07950a2000000001
truncated
/ 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff8065c0f5326a5fd74ca01b7a646bbc318bb624a73ae8b4995793bc7ddc0a91

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
9eadf1075db41f5
www.prima.it/cdn-cgi/challenge-platform/h/g/generate/ov1/0.7145319403667991:1615028505:69966a00782a01edfd0a98c736a9482a8356d641020dbc1855457f2951674016/62bb1b516e3b4e07/ 		2 KB
986 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.prima.it/cdn-cgi/challenge-platform/h/g/generate/ov1/0.7145319403667991:1615028505:69966a00782a01edfd0a98c736a9482a8356d641020dbc1855457f2951674016/62bb1b516e3b4e07/9eadf1075db41f5
Requested by
Host: www.prima.it
URL: https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7fc0ef47757c9f7aa0bb8d96ea0995ade89bf7c9a6886278d0a3293c50a7e86
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
CF-Challenge
9eadf1075db41f5
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 06 Mar 2021 11:05:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
cf_chl_out
jH3DEr3F9Ul6p2cbGInzT7OT/nG1m/TyUYAzuhNY8WGrOdbCp+7LVoMfMrbFKXUoFda++zYUfP2MEehRDGQ1czKf96K+Qp5FUJcL+jol8KSb5/TEO98nmLsDXyrqvIYmga/8ukKYYVKVB2h+xkFnsQ==$teOUosSc4h6OsoN3cF6TcA==
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain;charset=UTF-8
strict-transport-security
max-age=15552000; preload
cf-ray
62bb1b5379364e07-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08a8cf682d00004e078f97c000000001
adviceme
www.prima.it/l/ 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbb2849d016e1fc98c5d7528bc6979619ed0956176ebdc8b9a9b9e8572c6a3c5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.prima.it
:scheme
https
:path
/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
cf_chl_prog=F17
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme

Response headers

date
Sat, 06 Mar 2021 11:05:07 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
set-cookie
__cfduid=dc2b3b2cb04c8ea8b128dafb0107b0b661615028707; expires=Mon, 05-Apr-21 11:05:07 GMT; path=/; domain=.prima.it; HttpOnly; SameSite=Lax
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id
08a8cf76c600004e079d1d6000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
62bb1b6adb264e07-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
v1
www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1
Requested by
Host: www.prima.it
URL: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
182dd8f4b266ee8d97c5411c915a0043e1725bed9c57a8964a4c9e0a41a6d695
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 11:05:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=15552000; preload
cf-ray
62bb1b6b0b6c4e07-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08a8cf76e400004e07861ff000000001
transparent.gif
www.prima.it/cdn-cgi/images/trace/jschal/js/ 		42 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prima.it/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=62bb1b6adb264e07
Requested by
Host: www.prima.it
URL: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 11:05:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 10:28:58 GMT
server
cloudflare
etag
"6040b66a-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
62bb1b6b0b704e07-FRA
vary
Accept-Encoding
content-length
42
expires
Sat, 06 Mar 2021 13:05:07 GMT
transparent.gif
www.prima.it/cdn-cgi/images/trace/jschal/nojs/ 		42 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prima.it/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=62bb1b6adb264e07
Requested by
Host: www.prima.it
URL: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 11:05:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 10:28:58 GMT
server
cloudflare
etag
"6040b66a-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
62bb1b6b0b734e07-FRA
vary
Accept-Encoding
content-length
42
expires
Sat, 06 Mar 2021 13:05:07 GMT
168e19724614588
www.prima.it/cdn-cgi/challenge-platform/h/g/generate/ov1/0.7145319403667991:1615028505:69966a00782a01edfd0a98c736a9482a8356d641020dbc1855457f2951674016/62bb1b6adb264e07/ 		41 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.prima.it/cdn-cgi/challenge-platform/h/g/generate/ov1/0.7145319403667991:1615028505:69966a00782a01edfd0a98c736a9482a8356d641020dbc1855457f2951674016/62bb1b6adb264e07/168e19724614588
Requested by
Host: www.prima.it
URL: https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf0d137dfe5d40c7dca4d6f2d356fd1465ee16a978c99736466a67c3141a36a2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
CF-Challenge
168e19724614588
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 06 Mar 2021 11:05:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
strict-transport-security
max-age=15552000; preload
cf-ray
62bb1b6b5bf34e07-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08a8cf771900004e07762ae000000001
168e19724614588
www.prima.it/cdn-cgi/challenge-platform/h/g/generate/ov1/0.7145319403667991:1615028505:69966a00782a01edfd0a98c736a9482a8356d641020dbc1855457f2951674016/62bb1b6adb264e07/ 		1 KB
989 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.prima.it/cdn-cgi/challenge-platform/h/g/generate/ov1/0.7145319403667991:1615028505:69966a00782a01edfd0a98c736a9482a8356d641020dbc1855457f2951674016/62bb1b6adb264e07/168e19724614588
Requested by
Host: www.prima.it
URL: https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75b5d1a25915325d03035f2ce1411c4c4593361d453c372953ed095c4f1cc699
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
CF-Challenge
168e19724614588
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 06 Mar 2021 11:05:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
cf_chl_out
Ylri7VI0lSHeD+hwrydO+Y/+uB9R1XaAK5HUs9ZQ3rOeRF+7V23GKsb9mEh3KVcSrPEMQWYiPAfp3sSSUnvyuw6Eo78WgkNlXLd6PYVF69JOZRl1AQTp4KZEw7A+EisDwPe0Xz4qPJi4JL8x558usw==$3uFjh+0P83StXR8wlQQrkg==
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain;charset=UTF-8
strict-transport-security
max-age=15552000; preload
cf-ray
62bb1b6cded04e07-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08a8cf780d00004e07c7bf3000000001
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
adviceme
www.prima.it/l/ 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df7a6c444d35c0e91b2ef9abd6a8e27bbf2391693207baca5e2b53c7a3a5bbeb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.prima.it
:scheme
https
:path
/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=df223a75bb9177ae2f2dcf7d4a0a835da1615028708; cf_chl_2=502b4cf52267f97; cf_chl_prog=F21
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme

Response headers

date
Sat, 06 Mar 2021 11:05:11 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id
08a8cf86a400004e075ea43000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
62bb1b843a754e07-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
v1
www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1
Requested by
Host: www.prima.it
URL: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
182dd8f4b266ee8d97c5411c915a0043e1725bed9c57a8964a4c9e0a41a6d695
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 11:05:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=15552000; preload
cf-ray
62bb1b845aba4e07-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08a8cf86bb00004e07cab50000000001
transparent.gif
www.prima.it/cdn-cgi/images/trace/jschal/js/ 		42 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prima.it/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=62bb1b843a754e07
Requested by
Host: www.prima.it
URL: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 11:05:11 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 10:28:58 GMT
server
cloudflare
etag
"6040b66a-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
62bb1b845abd4e07-FRA
vary
Accept-Encoding
content-length
42
expires
Sat, 06 Mar 2021 13:05:11 GMT
transparent.gif
www.prima.it/cdn-cgi/images/trace/jschal/nojs/ 		42 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prima.it/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=62bb1b843a754e07
Requested by
Host: www.prima.it
URL: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 11:05:11 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 10:28:58 GMT
server
cloudflare
etag
"6040b66a-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
62bb1b846abe4e07-FRA
vary
Accept-Encoding
content-length
42
expires
Sat, 06 Mar 2021 13:05:11 GMT
a80e39aaae50859
www.prima.it/cdn-cgi/challenge-platform/h/g/generate/ov1/0.7145319403667991:1615028505:69966a00782a01edfd0a98c736a9482a8356d641020dbc1855457f2951674016/62bb1b843a754e07/ 		24 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.prima.it/cdn-cgi/challenge-platform/h/g/generate/ov1/0.7145319403667991:1615028505:69966a00782a01edfd0a98c736a9482a8356d641020dbc1855457f2951674016/62bb1b843a754e07/a80e39aaae50859
Requested by
Host: www.prima.it
URL: https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
404b45ae2a20ddb2b899e0f6e90a0cb860d25a937c17460f3ca3a30a2cd63360
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
CF-Challenge
a80e39aaae50859
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 06 Mar 2021 11:05:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
strict-transport-security
max-age=15552000; preload
cf-ray
62bb1b84bb3e4e07-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08a8cf86f100004e078d03c000000001
truncated
/ 		604 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44d0822c5993d453fffc4354731344b27d0a418851c3b785b70103dece0f4a38

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Primary Request adviceme
www.prima.it/l/ 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
Requested by
Host: www.prima.it
URL: https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d5ceb242d5ad2979119ef94bb91551452e7f136163a4a34c15c7cd40e157bfb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.prima.it
:scheme
https
:path
/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=df223a75bb9177ae2f2dcf7d4a0a835da1615028708; cf_chl_2=b5682daf6dfdbb2; cf_chl_prog=a14; cf_chl_rc_ni=2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme

Response headers

date
Sat, 06 Mar 2021 11:05:13 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id
08a8cf8f9300004e078fbe3000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
62bb1b9288434e07-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
v1
www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1
Requested by
Host: www.prima.it
URL: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
182dd8f4b266ee8d97c5411c915a0043e1725bed9c57a8964a4c9e0a41a6d695
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 11:05:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=15552000; preload
cf-ray
62bb1b92a86d4e07-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08a8cf8fa700004e0761910000000001
transparent.gif
www.prima.it/cdn-cgi/images/trace/jschal/js/ 		42 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prima.it/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=62bb1b9288434e07
Requested by
Host: www.prima.it
URL: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 11:05:13 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 10:28:58 GMT
server
cloudflare
etag
"6040b66a-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
62bb1b92a86e4e07-FRA
vary
Accept-Encoding
content-length
42
expires
Sat, 06 Mar 2021 13:05:13 GMT
transparent.gif
www.prima.it/cdn-cgi/images/trace/jschal/nojs/ 		42 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prima.it/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=62bb1b9288434e07
Requested by
Host: www.prima.it
URL: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 11:05:13 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 10:28:58 GMT
server
cloudflare
etag
"6040b66a-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
62bb1b92a8724e07-FRA
vary
Accept-Encoding
content-length
42
expires
Sat, 06 Mar 2021 13:05:13 GMT
fe0fe2097281195
www.prima.it/cdn-cgi/challenge-platform/h/g/generate/ov1/0.7145319403667991:1615028505:69966a00782a01edfd0a98c736a9482a8356d641020dbc1855457f2951674016/62bb1b9288434e07/ 		58 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.prima.it/cdn-cgi/challenge-platform/h/g/generate/ov1/0.7145319403667991:1615028505:69966a00782a01edfd0a98c736a9482a8356d641020dbc1855457f2951674016/62bb1b9288434e07/fe0fe2097281195
Requested by
Host: www.prima.it
URL: https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e15c4421454c9f1b25a33e2bfca9b86288b54cfb28c7338a31fabfe0d401c33
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
CF-Challenge
fe0fe2097281195
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 06 Mar 2021 11:05:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
strict-transport-security
max-age=15552000; preload
cf-ray
62bb1b92f8e14e07-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08a8cf8fd900004e0786388000000001
fe0fe2097281195
www.prima.it/cdn-cgi/challenge-platform/h/g/generate/ov1/0.7145319403667991:1615028505:69966a00782a01edfd0a98c736a9482a8356d641020dbc1855457f2951674016/62bb1b9288434e07/ 		2 KB
967 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.prima.it/cdn-cgi/challenge-platform/h/g/generate/ov1/0.7145319403667991:1615028505:69966a00782a01edfd0a98c736a9482a8356d641020dbc1855457f2951674016/62bb1b9288434e07/fe0fe2097281195
Requested by
Host: www.prima.it
URL: https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
551d4c71c4966d4c510ad36768106e9dfa2a08f6a87ccfb9f976696b91056154
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=calcola2&utm_content=landing_adviceme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
CF-Challenge
fe0fe2097281195
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 06 Mar 2021 11:05:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
cf_chl_out
cLS8vIXEzm5WrP+dZp1KQfqtmpcF82msc7NXvVpNZFIzk83halM8hFi4xfUgNyAS7Bg6qlmGhfUokro+mdoA04GLBlIdsYvo8m6Ik6Hf1rhSAgq0zTWtOXOwhRF2YK6Iv4Ajg7mZcbZPYgXDyi+4Jw==$l9gbiOGnTHhSz+0O4BTJxQ==
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain;charset=UTF-8
strict-transport-security
max-age=15552000; preload
cf-ray
62bb1b949b474e07-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08a8cf90e000004e078b2c6000000001
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _cf_chl_opt function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| SHA256 function| sendRequest object| _cf_chl_ctx function| _

4 Cookies

Domain/Path Name / Value
www.prima.it/ Name: cf_chl_prog
Value: e
www.prima.it/ Name: cf_chl_2
Value: fe0fe2097281195
www.prima.it/ Name: cf_chl_rc_ni
Value: 2
.prima.it/ Name: __cfduid
Value: df223a75bb9177ae2f2dcf7d4a0a835da1615028708

1 Console Messages

Source Level URL
Text
console-api log URL: https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1(Line 1)
Message:
[[[ERROR]]]: Message: Uncaught TypeError: Cannot read property 'key' of null - URL: - Line: 4 - Column: 14373 - Error object: {}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aff.rapidaconsegna.it
analytics.tradedoubler.com
clk.tradedoubler.com
echo7.bluehornet.com
vht.tradedoubler.com
www.prima.it
18.202.89.33
188.165.150.178
2606:4700:10::6814:ea1
34.95.109.120
44.239.140.141
65.9.187.63
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d
181db08838e79c38d9d53b0752a2b0ec523d3af9cfe72f1d9969c4dde7455199
182dd8f4b266ee8d97c5411c915a0043e1725bed9c57a8964a4c9e0a41a6d695
1d5ceb242d5ad2979119ef94bb91551452e7f136163a4a34c15c7cd40e157bfb
1efd3cf3fa0b1dfe019267c9c3e69710d8d7c1caed7de6240a91e96fce8e36fb
404b45ae2a20ddb2b899e0f6e90a0cb860d25a937c17460f3ca3a30a2cd63360
44d0822c5993d453fffc4354731344b27d0a418851c3b785b70103dece0f4a38
551d4c71c4966d4c510ad36768106e9dfa2a08f6a87ccfb9f976696b91056154
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
75b5d1a25915325d03035f2ce1411c4c4593361d453c372953ed095c4f1cc699
7e15c4421454c9f1b25a33e2bfca9b86288b54cfb28c7338a31fabfe0d401c33
8688433d39a7027235d117dc1821b50960c2e33ee92065286bb6e2b7bea692c6
cbb2849d016e1fc98c5d7528bc6979619ed0956176ebdc8b9a9b9e8572c6a3c5
cf0d137dfe5d40c7dca4d6f2d356fd1465ee16a978c99736466a67c3141a36a2
df7a6c444d35c0e91b2ef9abd6a8e27bbf2391693207baca5e2b53c7a3a5bbeb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7fc0ef47757c9f7aa0bb8d96ea0995ade89bf7c9a6886278d0a3293c50a7e86
ff8065c0f5326a5fd74ca01b7a646bbc318bb624a73ae8b4995793bc7ddc0a91