www.prima.it Open in urlscan Pro
2606:4700:10::6814:ea1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://echo7.bluehornet.com/ct/56909565:6bJNpWufN:m:1:3026998611:3BEC081D2EFC6EC0ADC88AF1C6ACE3D6:r
Effective URL:
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=log...
Submission: On March 06 via api (March 6th 2021, 11:05:24 am UTC) from BE

Summary HTTP 19 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 19 HTTP transactions. The main IP is 2606:4700:10::6814:ea1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.prima.it.
TLS certificate: Issued by GeoTrust EV RSA CA 2018 on February 5th 2021. Valid for: a year.

This is the only time www.prima.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	44.239.140.141 44.239.140.141	16509 (AMAZON-02) (AMAZON-02)
1 1	18.202.89.33 18.202.89.33	16509 (AMAZON-02) (AMAZON-02)
2 3	34.95.109.120 34.95.109.120	15169 (GOOGLE) (GOOGLE)
1	65.9.187.63 65.9.187.63	16509 (AMAZON-02) (AMAZON-02)
1	188.165.150.178 188.165.150.178	16276 (OVH) (OVH)
16	2606:4700:10:... 2606:4700:10::6814:ea1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	5

1 44.239.140.141 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-140-141.us-west-2.compute.amazonaws.com

echo7.bluehornet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.89.33 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-89-33.eu-west-1.compute.amazonaws.com

aff.rapidaconsegna.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.95.109.120 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 120.109.95.34.bc.googleusercontent.com

clk.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.187.63 (United States)

ASN16509 (AMAZON-02, US)

vht.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.165.150.178 (France)

ASN16276 (OVH, FR)
PTR: lb02.net.royalcactus.com

analytics.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:10::6814:ea1 (United States)

ASN13335 (CLOUDFLARENET, US)

www.prima.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	prima.it www.prima.it	95 KB
5	tradedoubler.com 2 redirects clk.tradedoubler.com vht.tradedoubler.com analytics.tradedoubler.com	7 KB
1	rapidaconsegna.it 1 redirects aff.rapidaconsegna.it	2 KB
1	bluehornet.com 1 redirects echo7.bluehornet.com	1019 B
19	4

	Domain	Requested by
16	www.prima.it	www.prima.it clk.tradedoubler.com
3	clk.tradedoubler.com	2 redirects
1	analytics.tradedoubler.com	vht.tradedoubler.com
1	vht.tradedoubler.com	clk.tradedoubler.com
1	aff.rapidaconsegna.it	1 redirects
1	echo7.bluehornet.com	1 redirects
19	6

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
*.tradedoubler.com R3	`2021-01-23` - `2021-04-23`	3 months	crt.sh
www.prima.it GeoTrust EV RSA CA 2018	`2021-02-05` - `2022-03-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme
Frame ID: EDFB4229B245973C984565EC6399F3F8
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://echo7.bluehornet.com/ct/56909565:6bJNpWufN:m:1:3026998611:3BEC081D2EFC6EC0ADC88AF1C6ACE3D6:r HTTP 302
https://aff.rapidaconsegna.it/aff_c?offer_id=1715&aff_id=804&file_id=12385&aff_sub=XXX&p=312275&a=3196158&... HTTP 302
http://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=h... HTTP 302
https://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=h... Page URL
https://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=h... HTTP 302
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=advicem... Page URL
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=advicem... Page URL
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=advicem... Page URL

Detected technologies

Google Cloud (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /^1\.1 google$/i

Page Statistics

19
Requests

100 %
HTTPS

17 %
IPv6

4
Domains

6
Subdomains

5
IPs

3
Countries

100 kB
Transfer

307 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/5xx-error-landing/
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://echo7.bluehornet.com/ct/56909565:6bJNpWufN:m:1:3026998611:3BEC081D2EFC6EC0ADC88AF1C6ACE3D6:r HTTP 302
https://aff.rapidaconsegna.it/aff_c?offer_id=1715&aff_id=804&file_id=12385&aff_sub=XXX&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme&utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme HTTP 302
http://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme HTTP 302
https://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme Page URL
https://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme HTTP 302
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme Page URL
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme Page URL
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://echo7.bluehornet.com/ct/56909565:6bJNpWufN:m:1:3026998611:3BEC081D2EFC6EC0ADC88AF1C6ACE3D6:r HTTP 302
https://aff.rapidaconsegna.it/aff_c?offer_id=1715&aff_id=804&file_id=12385&aff_sub=XXX&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme&utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme HTTP 302
http://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme HTTP 302
https://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme

Request Chain 3

https://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme HTTP 302
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme

19 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

click Show response
clk.tradedoubler.com/
Redirect Chain

http://echo7.bluehornet.com/ct/56909565:6bJNpWufN:m:1:3026998611:3BEC081D2EFC6EC0ADC88AF1C6ACE3D6:r
https://aff.rapidaconsegna.it/aff_c?offer_id=1715&aff_id=804&file_id=12385&aff_sub=XXX&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme&utm_source=EMAIL&utm_medium=dem_adviceme_nc2...
http://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=advi...
https://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adv...

1 KB
1 KB

19ms
18ms

Document
text/html

34.95.109.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.109.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.109.95.34.bc.googleusercontent.com
Software: TXServerHttp /
Resource Hash: f69f846eaadd28d8f136690a26ed2e425bf2e794c3210a603ce318fc915b4b67

Request headers

:method: GET
:authority: clk.tradedoubler.com
:scheme: https
:path: /click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=ISO-8859-1
server: TXServerHttp
access-control-allow-origin: *
cache-control: private, max-age=0
pragma: no-cache
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy: origin
date: Sat, 06 Mar 2021 11:05:08 GMT
content-length: 1377
via: 1.1 google
alt-svc: clear

Redirect headers

Location: https://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme
Date: Sat, 06 Mar 2021 11:05:08 GMT
Content-Length: 456
Content-Type: text/html; charset=ISO-8859-1
Via: 1.1 google

GET
H/1.1 200
OK prefs.js Show response
vht.tradedoubler.com/fp/ 9 KB
4 KB 48ms
47ms Script
application/javascript 65.9.187.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vht.tradedoubler.com/fp/prefs.js
Requested by: Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.187.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d

Request headers

Referer: https://clk.tradedoubler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 03:44:39 GMT
Content-Encoding: gzip
Age: 544829
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 15 Oct 2018 09:28:46 GMT
Server: Apache
ETag: W/"2509-57841106334e6"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 38a3f663851a0597e7026100a58b9b39.cloudfront.net (CloudFront)
Cache-Control: max-age=604800, public
X-Amz-Cf-Pop: ZAG50-C1
X-Amz-Cf-Id: NqSxK4jpDLZ7ut1FSnnBdF6P0mn-qWdVA57q9mxudcTj2J_v2vszDw==
Expires: Sun, 07 Mar 2021 03:44:39 GMT

POST
H/1.1 200
OK /
analytics.tradedoubler.com/ 0
241 B 21ms
20ms Other
text/html 188.165.150.178
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tradedoubler.com/
Requested by: Host: vht.tradedoubler.com
URL: https://vht.tradedoubler.com/fp/prefs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.165.150.178 , France, ASN16276 (OVH, FR),
Reverse DNS: lb02.net.royalcactus.com
Software: nginx /
Resource Hash

Request headers

Referer: https://clk.tradedoubler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 06 Mar 2021 11:05:08 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2

503

adviceme Show response
www.prima.it/l/
Redirect Chain

https://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adv...
https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme

9 KB
10 KB

13ms
12ms

Document
text/html

2606:4700:10::6814:ea1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2ebb1271d41b17474ec7220649fc3078f16da8dd6ef690340e1a99b997a9dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.prima.it
:scheme: https
:path: /l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://clk.tradedoubler.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://clk.tradedoubler.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://clk.tradedoubler.com/

Response headers

date: Sat, 06 Mar 2021 11:05:08 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
set-cookie: __cfduid=df223a75bb9177ae2f2dcf7d4a0a835da1615028708; expires=Mon, 05-Apr-21 11:05:08 GMT; path=/; domain=.prima.it; HttpOnly; SameSite=Lax
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id: 08a8cf7d7f00004e07a4a86000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 62bb1b759c634e07-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

location: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme
set-cookie: EH_0=1z11z1zmwzJPNhBz1QiZyYhaOjjNyDAOWQC8gtRjEhFvJ2RWhl1GB7%799vamQNn%7aE6.MSfTuNDmt%79DI4ndba5hYhCVsP0aalcVmdBiEC3nEN.qGQhev7.Fr6k84IW6jD;expires=Sun, 06-Mar-2022 11:05:08 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure GUID=1z11zzmwz2cA1ez527f2294887be11f38c481bb8a8f9947;expires=Sun, 06-Mar-2022 11:05:08 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure TradeDoublerGUID=527f2294887be11f38c481bb8a8f9947;expires=Sun, 06-Mar-2022 11:05:08 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure
server: TXServerHttp
access-control-allow-origin: *
cache-control: private, max-age=0
pragma: no-cache
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy: origin
date: Sat, 06 Mar 2021 11:05:08 GMT
content-length: 352
content-type: text/html; charset=ISO-8859-1
via: 1.1 google
alt-svc: clear

GET
H2 200 v1 Show response
www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 42 KB
14 KB 25ms
24ms Script
text/javascript 2606:4700:10::6814:ea1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1

Requested by

Host: www.prima.it
URL: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

182dd8f4b266ee8d97c5411c915a0043e1725bed9c57a8964a4c9e0a41a6d695

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=15552000; preload
cf-ray: 62bb1b75bc884e07-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08a8cf7d9500004e0783a5a000000001

GET
H2 200 transparent.gif
www.prima.it/cdn-cgi/images/trace/jschal/js/ 42 B
197 B 7ms
7ms Image
image/gif 2606:4700:10::6814:ea1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.prima.it/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=62bb1b759c634e07

Requested by

Host: www.prima.it
URL: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:05:08 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 10:28:58 GMT
server: cloudflare
etag: "6040b66a-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 62bb1b75bc8c4e07-FRA
vary: Accept-Encoding
content-length: 42
expires: Sat, 06 Mar 2021 13:05:08 GMT

GET
H2 200 transparent.gif
www.prima.it/cdn-cgi/images/trace/jschal/nojs/ 42 B
101 B 7ms
7ms Image
image/gif 2606:4700:10::6814:ea1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.prima.it/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=62bb1b759c634e07

Requested by

Host: www.prima.it
URL: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:05:08 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 10:28:58 GMT
server: cloudflare
etag: "6040b66a-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 62bb1b75bc8f4e07-FRA
vary: Accept-Encoding
content-length: 42
expires: Sat, 06 Mar 2021 13:05:08 GMT

POST
H2 200 502b4cf52267f97 Show response
www.prima.it/cdn-cgi/challenge-platform/h/g/generate/ov1/0.7145319403667991:1615028505:69966a00782a01edfd0a98c736a9482a8356d641020dbc1855457f2951674016/62bb1b759c634e07/ 46 KB
7 KB 44ms
44ms XHR
text/plain 2606:4700:10::6814:ea1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.prima.it/cdn-cgi/challenge-platform/h/g/generate/ov1/0.7145319403667991:1615028505:69966a00782a01edfd0a98c736a9482a8356d641020dbc1855457f2951674016/62bb1b759c634e07/502b4cf52267f97

Requested by

Host: www.prima.it
URL: https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d5a3f70b848f191973f1591899303189be602a8f965698a5655290151a4514d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
CF-Challenge: 502b4cf52267f97
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 06 Mar 2021 11:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
strict-transport-security: max-age=15552000; preload
cf-ray: 62bb1b761d2f4e07-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08a8cf7dd000004e077196b000000001

POST
H2 200 502b4cf52267f97 Show response
www.prima.it/cdn-cgi/challenge-platform/h/g/generate/ov1/0.7145319403667991:1615028505:69966a00782a01edfd0a98c736a9482a8356d641020dbc1855457f2951674016/62bb1b759c634e07/ 1 KB
1018 B 64ms
63ms XHR
text/plain 2606:4700:10::6814:ea1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.prima.it/cdn-cgi/challenge-platform/h/g/generate/ov1/0.7145319403667991:1615028505:69966a00782a01edfd0a98c736a9482a8356d641020dbc1855457f2951674016/62bb1b759c634e07/502b4cf52267f97

Requested by

Host: www.prima.it
URL: https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ceb169e59f237b1706f86d80bc64cb59c677dd0071cf7e056964e687d684ed3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
CF-Challenge: 502b4cf52267f97
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 06 Mar 2021 11:05:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
cf_chl_out: Ml1O4gkYzRjIarJSSOOeIqdedwDbRP3G5FAyKKGVNio89BPji7fjocL7cYY40z/bsP58iTGgqM4eQQS3M2vHp6hvYdsSxlx4ynw6J2ofujisihDSD0ew383dTbdIX86QW3Yt76TGq5jAoOMezJR2tw==$RN7GuiJUZY2GdZLEaBK5tA==
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain;charset=UTF-8
strict-transport-security: max-age=15552000; preload
cf-ray: 62bb1b77dff14e07-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08a8cf7ee900004e0776340000000001

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 503 adviceme Show response
www.prima.it/l/ 9 KB
10 KB 13ms
13ms Document
text/html 2606:4700:10::6814:ea1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme

Requested by

Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?epi=1021b6686d9ae9affd2c0523e605b5&p=312275&a=3196158&g=24911226&url=https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ad2e52dafd16abca7abb12385c8e4afeba06d4eae8cfeb54674925999556b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.prima.it
:scheme: https
:path: /l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=df223a75bb9177ae2f2dcf7d4a0a835da1615028708; cf_chl_2=a80e39aaae50859; cf_chl_rc_ni=1; cf_chl_prog=F21
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme

Response headers

date: Sat, 06 Mar 2021 11:05:12 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id: 08a8cf8d5a00004e07c7948000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 62bb1b8efac94e07-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 v1 Show response
www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 42 KB
14 KB 22ms
21ms Script
text/javascript 2606:4700:10::6814:ea1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1

Requested by

Host: www.prima.it
URL: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

182dd8f4b266ee8d97c5411c915a0043e1725bed9c57a8964a4c9e0a41a6d695

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:05:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=15552000; preload
cf-ray: 62bb1b8f1b0a4e07-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08a8cf8d6e00004e077e20b000000001

GET
H2 200 transparent.gif
www.prima.it/cdn-cgi/images/trace/jschal/js/ 42 B
124 B 8ms
8ms Image
image/gif 2606:4700:10::6814:ea1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.prima.it/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=62bb1b8efac94e07

Requested by

Host: www.prima.it
URL: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:05:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 10:28:58 GMT
server: cloudflare
etag: "6040b66a-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 62bb1b8f1b0e4e07-FRA
vary: Accept-Encoding
content-length: 42
expires: Sat, 06 Mar 2021 13:05:12 GMT

GET
H2 200 transparent.gif
www.prima.it/cdn-cgi/images/trace/jschal/nojs/ 42 B
101 B 7ms
7ms Image
image/gif 2606:4700:10::6814:ea1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.prima.it/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=62bb1b8efac94e07

Requested by

Host: www.prima.it
URL: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:05:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 10:28:58 GMT
server: cloudflare
etag: "6040b66a-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 62bb1b8f1b104e07-FRA
vary: Accept-Encoding
content-length: 42
expires: Sat, 06 Mar 2021 13:05:12 GMT

POST
H2 200 b5682daf6dfdbb2 Show response
www.prima.it/cdn-cgi/challenge-platform/h/g/generate/ov1/0.7145319403667991:1615028505:69966a00782a01edfd0a98c736a9482a8356d641020dbc1855457f2951674016/62bb1b8efac94e07/ 59 KB
8 KB 49ms
49ms XHR
text/plain 2606:4700:10::6814:ea1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.prima.it/cdn-cgi/challenge-platform/h/g/generate/ov1/0.7145319403667991:1615028505:69966a00782a01edfd0a98c736a9482a8356d641020dbc1855457f2951674016/62bb1b8efac94e07/b5682daf6dfdbb2

Requested by

Host: www.prima.it
URL: https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

199e1ecc3935b97899b4733bc86eea480d0989ca94f93ab73dc37d4b0a5c1243

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
CF-Challenge: b5682daf6dfdbb2
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 06 Mar 2021 11:05:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
strict-transport-security: max-age=15552000; preload
cf-ray: 62bb1b8f6b974e07-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08a8cf8da300004e07ab2e2000000001

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 503 Primary Request adviceme Show response
www.prima.it/l/ 9 KB
10 KB 19ms
18ms Document
text/html 2606:4700:10::6814:ea1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme

Requested by

Host: www.prima.it
URL: https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

916384346823d74df52af53b9786c891a00efdd8b2a3216362ffe21a5f3c1f10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.prima.it
:scheme: https
:path: /l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme

Response headers

date: Sat, 06 Mar 2021 11:05:17 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
set-cookie: __cfduid=d036912635161495f20fe345fdeae074e1615028717; expires=Mon, 05-Apr-21 11:05:17 GMT; path=/; domain=.prima.it; HttpOnly; SameSite=Lax
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id: 08a8cf9ee800004e076bb47000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 62bb1bab0e024e07-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 v1 Show response
www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 42 KB
14 KB 25ms
24ms Script
text/javascript 2606:4700:10::6814:ea1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1

Requested by

Host: www.prima.it
URL: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

182dd8f4b266ee8d97c5411c915a0043e1725bed9c57a8964a4c9e0a41a6d695

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:05:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=15552000; preload
cf-ray: 62bb1bab3e354e07-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08a8cf9f0000004e07ca1c3000000001

GET
H2 200 transparent.gif
www.prima.it/cdn-cgi/images/trace/jschal/js/ 42 B
124 B 8ms
7ms Image
image/gif 2606:4700:10::6814:ea1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.prima.it/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=62bb1bab0e024e07

Requested by

Host: www.prima.it
URL: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:05:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 10:28:58 GMT
server: cloudflare
etag: "6040b66a-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 62bb1bab3e384e07-FRA
vary: Accept-Encoding
content-length: 42
expires: Sat, 06 Mar 2021 13:05:17 GMT

GET
H2 200 transparent.gif
www.prima.it/cdn-cgi/images/trace/jschal/nojs/ 42 B
101 B 8ms
7ms Image
image/gif 2606:4700:10::6814:ea1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.prima.it/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=62bb1bab0e024e07

Requested by

Host: www.prima.it
URL: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:05:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 10:28:58 GMT
server: cloudflare
etag: "6040b66a-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 62bb1bab3e394e07-FRA
vary: Accept-Encoding
content-length: 42
expires: Sat, 06 Mar 2021 13:05:17 GMT

POST
H2 200 540d11a3f86fca2 Show response
www.prima.it/cdn-cgi/challenge-platform/h/g/generate/ov1/0.7145319403667991:1615028505:69966a00782a01edfd0a98c736a9482a8356d641020dbc1855457f2951674016/62bb1bab0e024e07/ 36 KB
7 KB 41ms
41ms XHR
text/plain 2606:4700:10::6814:ea1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.prima.it/cdn-cgi/challenge-platform/h/g/generate/ov1/0.7145319403667991:1615028505:69966a00782a01edfd0a98c736a9482a8356d641020dbc1855457f2951674016/62bb1bab0e024e07/540d11a3f86fca2

Requested by

Host: www.prima.it
URL: https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a00070018bf4c394a8e2ea76aac820a2ef9e7061e9266880a2f8aa9f77ac299

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.prima.it/l/adviceme?utm_source=EMAIL&utm_medium=dem_adviceme_nc2&utm_campaign=adviceme_09_20&utm_term=logo&utm_content=landing_adviceme
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
CF-Challenge: 540d11a3f86fca2
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 06 Mar 2021 11:05:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
strict-transport-security: max-age=15552000; preload
cf-ray: 62bb1bab8ea34e07-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08a8cf9f3800004e0776155000000001

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.prima.it/	1970-01-19 16:37:12	Name: cf_chl_prog Value: e
www.prima.it/	1970-01-19 16:37:12	Name: cf_chl_2 Value: 540d11a3f86fca2
.prima.it/	1970-01-19 17:20:20	Name: __cfduid Value: d036912635161495f20fe345fdeae074e1615028717

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1(Line 1) Message: [[[ERROR]]]: Message: Uncaught TypeError: Cannot read property 'key' of null - URL: - Line: 4 - Column: 28768 - Error object: {}
console-api	log	URL: https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1(Line 1) Message: [[[ERROR]]]: Message: Uncaught TypeError: Cannot read property 'key' of null - URL: - Line: 4 - Column: 8512 - Error object: {}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aff.rapidaconsegna.it
analytics.tradedoubler.com
clk.tradedoubler.com
echo7.bluehornet.com
vht.tradedoubler.com
www.prima.it
18.202.89.33
188.165.150.178
2606:4700:10::6814:ea1
34.95.109.120
44.239.140.141
65.9.187.63
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d
182dd8f4b266ee8d97c5411c915a0043e1725bed9c57a8964a4c9e0a41a6d695
199e1ecc3935b97899b4733bc86eea480d0989ca94f93ab73dc37d4b0a5c1243
2d5a3f70b848f191973f1591899303189be602a8f965698a5655290151a4514d
4a00070018bf4c394a8e2ea76aac820a2ef9e7061e9266880a2f8aa9f77ac299
5ad2e52dafd16abca7abb12385c8e4afeba06d4eae8cfeb54674925999556b2b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
916384346823d74df52af53b9786c891a00efdd8b2a3216362ffe21a5f3c1f10
c2ebb1271d41b17474ec7220649fc3078f16da8dd6ef690340e1a99b997a9dde
ceb169e59f237b1706f86d80bc64cb59c677dd0071cf7e056964e687d684ed3a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f69f846eaadd28d8f136690a26ed2e425bf2e794c3210a603ce318fc915b4b67

www.prima.it Open in urlscan Pro 2606:4700:10::6814:ea1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

17 %IPv6

4 Domains

6 Subdomains

5 IPs

3 Countries

100 kBTransfer

307 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

3 Cookies

2 Console Messages

Indicators

www.prima.it Open in urlscan Pro
2606:4700:10::6814:ea1 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

17 %
IPv6

4
Domains

6
Subdomains

5
IPs

3
Countries

100 kB
Transfer

307 kB
Size

3
Cookies

19 HTTP transactions
2 data transactions