urlscan.io logo urlscan.io
SecurityTrails logo

www.prima.it Open in urlscan Pro
2606:4700:10::6814:ea1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://echo7.bluehornet.com/ct/56753925:JYdyWwuNU:m:1:3027115634:BD8898EC6ED0B00FEDDA9770AE841BEC:r
Effective URL: https://www.prima.it/chi-siamo?utm_source=EMAIL
Submission: On February 07 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 27 HTTP transactions. The main IP is 2606:4700:10::6814:ea1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.prima.it.
TLS certificate: Issued by GeoTrust EV RSA CA 2018 on February 5th 2021. Valid for: a year.
This is the only time www.prima.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.212.124.105 16509 (AMAZON-02)
2 2 52.19.131.49 16509 (AMAZON-02)
1 2 34.95.109.120 15169 (GOOGLE)
1 143.204.209.93 16509 (AMAZON-02)
1 188.165.150.178 16276 (OVH)
24 2606:4700:10:... 13335 (CLOUDFLAR...)
27 5
1    34.212.124.105 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-212-124-105.us-west-2.compute.amazonaws.com
echo7.bluehornet.com
2    52.19.131.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-131-49.eu-west-1.compute.amazonaws.com
tracking.adgoon.it
2    34.95.109.120 (United States)

ASN15169 (GOOGLE, US)
PTR: 120.109.95.34.bc.googleusercontent.com
clk.tradedoubler.com
1    143.204.209.93 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-93.fra53.r.cloudfront.net
vht.tradedoubler.com
1    188.165.150.178 (France)

ASN16276 (OVH, FR)
PTR: lb02.net.royalcactus.com
analytics.tradedoubler.com
24    2606:4700:10::6814:ea1 (United States)

ASN13335 (CLOUDFLARENET, US)
www.prima.it
Domain Requested by
24 www.prima.it www.prima.it
clk.tradedoubler.com
2 clk.tradedoubler.com 1 redirects
2 tracking.adgoon.it 2 redirects
1 analytics.tradedoubler.com vht.tradedoubler.com
1 vht.tradedoubler.com clk.tradedoubler.com
1 echo7.bluehornet.com 1 redirects
27 6

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
*.tradedoubler.com
R3		 2021-01-23 -
2021-04-23		 3 months crt.sh
www.prima.it
GeoTrust EV RSA CA 2018		 2021-02-05 -
2022-03-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.prima.it/chi-siamo?utm_source=EMAIL
Frame ID: BAF2D42A61691FE1CB2AE18878D4A528
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://echo7.bluehornet.com/ct/56753925:JYdyWwuNU:m:1:3027115634:BD8898EC6ED0B00FEDDA9770AE841BEC:r HTTP 302
    https://tracking.adgoon.it/aff_c?roi=echo7-39545589537-56753925-aa3eedbc913ec607792a8d9a3e851092&offer_... HTTP 302
    https://tracking.adgoon.it/aff_r?offer_id=6934&aff_id=2741&url=https%3A%2F%2Fclk.tradedoubler.com%2Fcli... HTTP 302
    https://clk.tradedoubler.com/click?p=311389&a=3192794&g=24892390&epi=1022f5daa3c8d3b3d242b608b43618&url=h... Page URL
  2. https://clk.tradedoubler.com/click?p=311389&a=3192794&g=24892390&epi=1022f5daa3c8d3b3d242b608b43618&url=h... HTTP 302
    https://www.prima.it/chi-siamo?utm_source=EMAIL Page URL
  3. https://www.prima.it/chi-siamo?utm_source=EMAIL Page URL
  4. https://www.prima.it/chi-siamo?utm_source=EMAIL Page URL
  5. https://www.prima.it/chi-siamo?utm_source=EMAIL Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /^1\.1 google$/i

Page Statistics

27
Requests

100 %
HTTPS

17 %
IPv6

4
Domains

6
Subdomains

5
IPs

3
Countries

126 kB
Transfer

374 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://echo7.bluehornet.com/ct/56753925:JYdyWwuNU:m:1:3027115634:BD8898EC6ED0B00FEDDA9770AE841BEC:r HTTP 302
    https://tracking.adgoon.it/aff_c?roi=echo7-39545589537-56753925-aa3eedbc913ec607792a8d9a3e851092&offer_id=6934&aff_id=2741&file_id=59155&aff_sub5=pl_69339&url_id=5029&source=1&rekp=311389&reka=3192794&rekg=24892390&rekurl=https://www.prima.it/chi-siamo?utm_source=EMAIL&utm_medium=dem_reklame&utm_campaign=reklame_05_20&utm_term=ufd&utm_content=landing_reklame HTTP 302
    https://tracking.adgoon.it/aff_r?offer_id=6934&aff_id=2741&url=https%3A%2F%2Fclk.tradedoubler.com%2Fclick%3Fp%3D311389%26a%3D3192794%26g%3D24892390%26epi%3D1022f5daa3c8d3b3d242b608b43618%26url%3Dhttps%3A%2F%2Fwww.prima.it%2Fchi-siamo%3Futm_source%3DEMAIL&urlauth=505195665239596868756719508085 HTTP 302
    https://clk.tradedoubler.com/click?p=311389&a=3192794&g=24892390&epi=1022f5daa3c8d3b3d242b608b43618&url=https://www.prima.it/chi-siamo?utm_source=EMAIL Page URL
  2. https://clk.tradedoubler.com/click?p=311389&a=3192794&g=24892390&epi=1022f5daa3c8d3b3d242b608b43618&url=https://www.prima.it/chi-siamo?utm_source=EMAIL HTTP 302
    https://www.prima.it/chi-siamo?utm_source=EMAIL Page URL
  3. https://www.prima.it/chi-siamo?utm_source=EMAIL Page URL
  4. https://www.prima.it/chi-siamo?utm_source=EMAIL Page URL
  5. https://www.prima.it/chi-siamo?utm_source=EMAIL Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://echo7.bluehornet.com/ct/56753925:JYdyWwuNU:m:1:3027115634:BD8898EC6ED0B00FEDDA9770AE841BEC:r HTTP 302
  • https://tracking.adgoon.it/aff_c?roi=echo7-39545589537-56753925-aa3eedbc913ec607792a8d9a3e851092&offer_id=6934&aff_id=2741&file_id=59155&aff_sub5=pl_69339&url_id=5029&source=1&rekp=311389&reka=3192794&rekg=24892390&rekurl=https://www.prima.it/chi-siamo?utm_source=EMAIL&utm_medium=dem_reklame&utm_campaign=reklame_05_20&utm_term=ufd&utm_content=landing_reklame HTTP 302
  • https://tracking.adgoon.it/aff_r?offer_id=6934&aff_id=2741&url=https%3A%2F%2Fclk.tradedoubler.com%2Fclick%3Fp%3D311389%26a%3D3192794%26g%3D24892390%26epi%3D1022f5daa3c8d3b3d242b608b43618%26url%3Dhttps%3A%2F%2Fwww.prima.it%2Fchi-siamo%3Futm_source%3DEMAIL&urlauth=505195665239596868756719508085 HTTP 302
  • https://clk.tradedoubler.com/click?p=311389&a=3192794&g=24892390&epi=1022f5daa3c8d3b3d242b608b43618&url=https://www.prima.it/chi-siamo?utm_source=EMAIL
Request Chain 3
  • https://clk.tradedoubler.com/click?p=311389&a=3192794&g=24892390&epi=1022f5daa3c8d3b3d242b608b43618&url=https://www.prima.it/chi-siamo?utm_source=EMAIL HTTP 302
  • https://www.prima.it/chi-siamo?utm_source=EMAIL

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
click
clk.tradedoubler.com/
Redirect Chain
  • http://echo7.bluehornet.com/ct/56753925:JYdyWwuNU:m:1:3027115634:BD8898EC6ED0B00FEDDA9770AE841BEC:r
  • https://tracking.adgoon.it/aff_c?roi=echo7-39545589537-56753925-aa3eedbc913ec607792a8d9a3e851092&offer_id=6934&aff_id=2741&file_id=59155&aff_sub5=pl_69339&url_id=5029&source=1&rekp=311389&reka=3192...
  • https://tracking.adgoon.it/aff_r?offer_id=6934&aff_id=2741&url=https%3A%2F%2Fclk.tradedoubler.com%2Fclick%3Fp%3D311389%26a%3D3192794%26g%3D24892390%26epi%3D1022f5daa3c8d3b3d242b608b43618%26url%3Dht...
  • https://clk.tradedoubler.com/click?p=311389&a=3192794&g=24892390&epi=1022f5daa3c8d3b3d242b608b43618&url=https://www.prima.it/chi-siamo?utm_source=EMAIL
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clk.tradedoubler.com/click?p=311389&a=3192794&g=24892390&epi=1022f5daa3c8d3b3d242b608b43618&url=https://www.prima.it/chi-siamo?utm_source=EMAIL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.109.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
120.109.95.34.bc.googleusercontent.com
Software
TXServerHttp /
Resource Hash
e214a4db54573f249873b726496afd26e6c72754ce8b03b65aed6a782f0fb0b0

Request headers

:method
GET
:authority
clk.tradedoubler.com
:scheme
https
:path
/click?p=311389&a=3192794&g=24892390&epi=1022f5daa3c8d3b3d242b608b43618&url=https://www.prima.it/chi-siamo?utm_source=EMAIL
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type
text/html; charset=ISO-8859-1
server
TXServerHttp
access-control-allow-origin
*
cache-control
private, max-age=0
pragma
no-cache
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy
origin
date
Sun, 07 Feb 2021 11:10:43 GMT
content-length
1077
via
1.1 google
alt-svc
clear

Redirect headers

Server
nginx
Date
Sun, 07 Feb 2021 11:10:43 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
351
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://clk.tradedoubler.com/click?p=311389&a=3192794&g=24892390&epi=1022f5daa3c8d3b3d242b608b43618&url=https://www.prima.it/chi-siamo?utm_source=EMAIL
Pragma
no-cache
Access-Control-Allow-Origin
*
X-Request-Id
a5abd53049cc13f67f6a021c82cb0197
Access-Control-Allow-Headers
Tune-SDK-Version
prefs.js
vht.tradedoubler.com/fp/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vht.tradedoubler.com/fp/prefs.js
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=311389&a=3192794&g=24892390&epi=1022f5daa3c8d3b3d242b608b43618&url=https://www.prima.it/chi-siamo?utm_source=EMAIL
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-93.fra53.r.cloudfront.net
Software
Apache /
Resource Hash
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d

Request headers

Referer
https://clk.tradedoubler.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 07 Feb 2021 03:44:37 GMT
Content-Encoding
gzip
Age
26766
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 15 Oct 2018 09:28:46 GMT
Server
Apache
ETag
W/"2509-57841106334e6"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
Cache-Control
max-age=604800, public
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
e5_S7XE5wdJ0YeYTbWenDi3EsxuuHckU55IOGhKUzG9GBN9K6GfcSw==
Expires
Sun, 14 Feb 2021 03:44:37 GMT
/
analytics.tradedoubler.com/ 		0
241 B 		Other
General
Check archive.org
Download Go to
Full URL
https://analytics.tradedoubler.com/
Requested by
Host: vht.tradedoubler.com
URL: https://vht.tradedoubler.com/fp/prefs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.165.150.178 , France, ASN16276 (OVH, FR),
Reverse DNS
lb02.net.royalcactus.com
Software
nginx /
Resource Hash

Request headers

Referer
https://clk.tradedoubler.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 07 Feb 2021 11:10:43 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
chi-siamo
www.prima.it/
Redirect Chain
  • https://clk.tradedoubler.com/click?p=311389&a=3192794&g=24892390&epi=1022f5daa3c8d3b3d242b608b43618&url=https://www.prima.it/chi-siamo?utm_source=EMAIL
  • https://www.prima.it/chi-siamo?utm_source=EMAIL
9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.prima.it/chi-siamo?utm_source=EMAIL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcba034937d8dc4dfa89ac000c2eb841cf63ce2177e24d881d6673b04436dee6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.prima.it
:scheme
https
:path
/chi-siamo?utm_source=EMAIL
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://clk.tradedoubler.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
Origin
https://clk.tradedoubler.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://clk.tradedoubler.com/

Response headers

date
Sun, 07 Feb 2021 11:10:43 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
set-cookie
__cfduid=d237dd2911d6c88acd6ec7b154ff216931612696243; expires=Tue, 09-Mar-21 11:10:43 GMT; path=/; domain=.prima.it; HttpOnly; SameSite=Lax
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id
081dc8e59d00004a7f7801e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
61dcaa8299604a7f-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

location
https://www.prima.it/chi-siamo?utm_source=EMAIL
set-cookie
EH_0=1z11z1zmVz2Vgsudz1QTnyYeaQIiWyD7k%79P1oouMEe9GTomf5BlhOFjMbaIQ%7aFweMjf%796L9HNY4SWpNSlIIxNQt0CiDQ9a.6vwiBrXT%79ukJCLxcYUHvT1_rEUgpWDL_6;expires=Mon, 07-Feb-2022 11:10:43 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure GUID=1z11zzmVzwKuo0zce30a796e9f23c339d6456e1a354295f;expires=Mon, 07-Feb-2022 11:10:43 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure TradeDoublerGUID=ce30a796e9f23c339d6456e1a354295f;expires=Mon, 07-Feb-2022 11:10:43 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure
server
TXServerHttp
access-control-allow-origin
*
cache-control
private, max-age=0
pragma
no-cache
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy
origin
date
Sun, 07 Feb 2021 11:10:42 GMT
content-length
252
content-type
text/html; charset=ISO-8859-1
via
1.1 google
alt-svc
clear
v1
www.prima.it/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.prima.it/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1
Requested by
Host: www.prima.it
URL: https://www.prima.it/chi-siamo?utm_source=EMAIL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20bb2d1b69a54b6a977cd57933fd85d1af3e25c8b9fb2415c91fcac294fd083d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.prima.it/chi-siamo?utm_source=EMAIL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 11:10:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=15552000; preload
cf-ray
61dcaa82c9e44a7f-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
081dc8e5bc00004a7f0da12000000001
transparent.gif
www.prima.it/cdn-cgi/images/trace/jschal/js/ 		42 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prima.it/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=61dcaa8299604a7f
Requested by
Host: www.prima.it
URL: https://www.prima.it/chi-siamo?utm_source=EMAIL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.prima.it/chi-siamo?utm_source=EMAIL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 11:10:43 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Jan 2021 17:21:09 GMT
server
cloudflare
etag
"600efe05-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
61dcaa82c9ea4a7f-FRA
vary
Accept-Encoding
content-length
42
expires
Sun, 07 Feb 2021 13:10:43 GMT
transparent.gif
www.prima.it/cdn-cgi/images/trace/jschal/nojs/ 		42 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prima.it/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=61dcaa8299604a7f
Requested by
Host: www.prima.it
URL: https://www.prima.it/chi-siamo?utm_source=EMAIL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.prima.it/chi-siamo?utm_source=EMAIL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 11:10:43 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Jan 2021 17:21:09 GMT
server
cloudflare
etag
"600efe05-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
61dcaa82c9ee4a7f-FRA
vary
Accept-Encoding
content-length
42
expires
Sun, 07 Feb 2021 13:10:43 GMT
d4b037c351708c8
www.prima.it/cdn-cgi/challenge-platform/h/b/generate/ov1/0.9644645025479887:1612695755:851cb18c862e39dbe46b10db18318a2ed5a3a094c60c6393d081c746ec4c6681/61dcaa8299604a7f/ 		56 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.prima.it/cdn-cgi/challenge-platform/h/b/generate/ov1/0.9644645025479887:1612695755:851cb18c862e39dbe46b10db18318a2ed5a3a094c60c6393d081c746ec4c6681/61dcaa8299604a7f/d4b037c351708c8
Requested by
Host: www.prima.it
URL: https://www.prima.it/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35f3dc3c7c11808fbae546ffc645904ddd7cb9d2f4251bfb7ee93caf92399dd1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.prima.it/chi-siamo?utm_source=EMAIL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge
d4b037c351708c8
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 07 Feb 2021 11:10:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
strict-transport-security
max-age=15552000; preload
cf-ray
61dcaa836b6e4a7f-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
081dc8e61e00004a7f70004000000001
truncated
/ 		272 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f86fc22b6815cfd7eb07a06b91f3c4c70111c8bd1340ce860ddbc6b67f663c2

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
d4b037c351708c8
www.prima.it/cdn-cgi/challenge-platform/h/b/generate/ov1/0.9644645025479887:1612695755:851cb18c862e39dbe46b10db18318a2ed5a3a094c60c6393d081c746ec4c6681/61dcaa8299604a7f/ 		2 KB
994 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.prima.it/cdn-cgi/challenge-platform/h/b/generate/ov1/0.9644645025479887:1612695755:851cb18c862e39dbe46b10db18318a2ed5a3a094c60c6393d081c746ec4c6681/61dcaa8299604a7f/d4b037c351708c8
Requested by
Host: www.prima.it
URL: https://www.prima.it/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d69dfcf9defbbceddb3b56cbc95e000f2cb6a68f3fe6a4c462c0fa5c6189c6fa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.prima.it/chi-siamo?utm_source=EMAIL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge
d4b037c351708c8
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 07 Feb 2021 11:10:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
cf_chl_out
wHWhbb3QJRdqvw0SQ43P9G7czlx+0MdnjyrjACkL5NEEZvZWoLMaDApWrGNQH7WcRk6JVJCr0COb+ur0tZGdDXEZQQ8BFvhpDWZyEO5k/BPJvYcNVU8UiRIx9Kd+4RYXqzAObSU9xb4Tlr49MaKzCQ==$NvgOiwUX5Z1ihg89q0E2ZA==
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain;charset=UTF-8
strict-transport-security
max-age=15552000; preload
cf-ray
61dcaa85d9c24a7f-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
081dc8e7a800004a7f33ade000000001
chi-siamo
www.prima.it/ 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.prima.it/chi-siamo?utm_source=EMAIL
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=311389&a=3192794&g=24892390&epi=1022f5daa3c8d3b3d242b608b43618&url=https://www.prima.it/chi-siamo?utm_source=EMAIL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b6ca4ae7ffb15cec1f741bff23003f5736aa051230b91bb0f11410200555242
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.prima.it
:scheme
https
:path
/chi-siamo?utm_source=EMAIL
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://www.prima.it/chi-siamo?utm_source=EMAIL
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d237dd2911d6c88acd6ec7b154ff216931612696243; cf_chl_prog=F19
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.prima.it/chi-siamo?utm_source=EMAIL

Response headers

date
Sun, 07 Feb 2021 11:10:47 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id
081dc8f5a400004a7f54293000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
61dcaa9c3d4b4a7f-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
v1
www.prima.it/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.prima.it/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1
Requested by
Host: www.prima.it
URL: https://www.prima.it/chi-siamo?utm_source=EMAIL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20bb2d1b69a54b6a977cd57933fd85d1af3e25c8b9fb2415c91fcac294fd083d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.prima.it/chi-siamo?utm_source=EMAIL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 11:10:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=15552000; preload
cf-ray
61dcaa9c5d824a7f-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
081dc8f5bc00004a7f4c1fa000000001
transparent.gif
www.prima.it/cdn-cgi/images/trace/jschal/js/ 		42 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prima.it/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=61dcaa9c3d4b4a7f
Requested by
Host: www.prima.it
URL: https://www.prima.it/chi-siamo?utm_source=EMAIL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.prima.it/chi-siamo?utm_source=EMAIL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 11:10:47 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Jan 2021 17:21:09 GMT
server
cloudflare
etag
"600efe05-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
61dcaa9c5d854a7f-FRA
vary
Accept-Encoding
content-length
42
expires
Sun, 07 Feb 2021 13:10:47 GMT
transparent.gif
www.prima.it/cdn-cgi/images/trace/jschal/nojs/ 		42 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prima.it/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=61dcaa9c3d4b4a7f
Requested by
Host: www.prima.it
URL: https://www.prima.it/chi-siamo?utm_source=EMAIL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.prima.it/chi-siamo?utm_source=EMAIL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 11:10:47 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Jan 2021 17:21:09 GMT
server
cloudflare
etag
"600efe05-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
61dcaa9c5d864a7f-FRA
vary
Accept-Encoding
content-length
42
expires
Sun, 07 Feb 2021 13:10:47 GMT
6ea9f6273b8a29b
www.prima.it/cdn-cgi/challenge-platform/h/b/generate/ov1/0.9644645025479887:1612695755:851cb18c862e39dbe46b10db18318a2ed5a3a094c60c6393d081c746ec4c6681/61dcaa9c3d4b4a7f/ 		28 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.prima.it/cdn-cgi/challenge-platform/h/b/generate/ov1/0.9644645025479887:1612695755:851cb18c862e39dbe46b10db18318a2ed5a3a094c60c6393d081c746ec4c6681/61dcaa9c3d4b4a7f/6ea9f6273b8a29b
Requested by
Host: www.prima.it
URL: https://www.prima.it/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d44692e72c5c7c34626c2e9d79aff145a9e0f7efaa707f0ae06c1b3084629f7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.prima.it/chi-siamo?utm_source=EMAIL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge
6ea9f6273b8a29b
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 07 Feb 2021 11:10:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
strict-transport-security
max-age=15552000; preload
cf-ray
61dcaa9cbe524a7f-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
081dc8f5f100004a7f33826000000001
truncated
/ 		168 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c89b12545260c7f0036173897a2a3afd0d80b24afd41031b513e91dc481f229

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
6ea9f6273b8a29b
www.prima.it/cdn-cgi/challenge-platform/h/b/generate/ov1/0.9644645025479887:1612695755:851cb18c862e39dbe46b10db18318a2ed5a3a094c60c6393d081c746ec4c6681/61dcaa9c3d4b4a7f/ 		1 KB
991 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.prima.it/cdn-cgi/challenge-platform/h/b/generate/ov1/0.9644645025479887:1612695755:851cb18c862e39dbe46b10db18318a2ed5a3a094c60c6393d081c746ec4c6681/61dcaa9c3d4b4a7f/6ea9f6273b8a29b
Requested by
Host: www.prima.it
URL: https://www.prima.it/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a33c084e9670038dabb1b7a413df941405f05914caaeeb25ffee5155b0db0ac1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.prima.it/chi-siamo?utm_source=EMAIL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge
6ea9f6273b8a29b
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 07 Feb 2021 11:10:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
cf_chl_out
UuMr0AdSm2D6+y73T33KFGcZG92bQaA0aWFsohf8BBuNYc2vixIMdbyQEZlgetRso1E0HrKVpAPlTavsyPWHN1A3SDJVKqkRFziRv+ngefAe7PP+GPi4pnGV/6z/2L5bvvnoJmo35N/ySWcjyQkRng==$FuEGHorgH10MK3fQnJRJwA==
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain;charset=UTF-8
strict-transport-security
max-age=15552000; preload
cf-ray
61dcaaa1da2c4a7f-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
081dc8f92900004a7f6d0e6000000001
chi-siamo
www.prima.it/ 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.prima.it/chi-siamo?utm_source=EMAIL
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=311389&a=3192794&g=24892390&epi=1022f5daa3c8d3b3d242b608b43618&url=https://www.prima.it/chi-siamo?utm_source=EMAIL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f414c074924c88299a75161fff1b3312cfad9a71efbcaf620e4bdca76f1e7eb6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.prima.it
:scheme
https
:path
/chi-siamo?utm_source=EMAIL
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://www.prima.it/chi-siamo?utm_source=EMAIL
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
cf_chl_prog=F19
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.prima.it/chi-siamo?utm_source=EMAIL

Response headers

date
Sun, 07 Feb 2021 11:10:51 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
set-cookie
__cfduid=d112e93c3883185371915756bae693ca11612696251; expires=Tue, 09-Mar-21 11:10:51 GMT; path=/; domain=.prima.it; HttpOnly; SameSite=Lax
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id
081dc9057700004a7f3e355000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
61dcaab58e284a7f-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
v1
www.prima.it/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.prima.it/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1
Requested by
Host: www.prima.it
URL: https://www.prima.it/chi-siamo?utm_source=EMAIL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20bb2d1b69a54b6a977cd57933fd85d1af3e25c8b9fb2415c91fcac294fd083d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.prima.it/chi-siamo?utm_source=EMAIL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 11:10:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=15552000; preload
cf-ray
61dcaab5de9e4a7f-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
081dc905a600004a7f0b1ba000000001
transparent.gif
www.prima.it/cdn-cgi/images/trace/jschal/js/ 		42 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prima.it/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=61dcaab58e284a7f
Requested by
Host: www.prima.it
URL: https://www.prima.it/chi-siamo?utm_source=EMAIL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.prima.it/chi-siamo?utm_source=EMAIL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 11:10:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Jan 2021 17:21:09 GMT
server
cloudflare
etag
"600efe05-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
61dcaab5de9f4a7f-FRA
vary
Accept-Encoding
content-length
42
expires
Sun, 07 Feb 2021 13:10:51 GMT
transparent.gif
www.prima.it/cdn-cgi/images/trace/jschal/nojs/ 		42 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prima.it/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=61dcaab58e284a7f
Requested by
Host: www.prima.it
URL: https://www.prima.it/chi-siamo?utm_source=EMAIL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.prima.it/chi-siamo?utm_source=EMAIL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 11:10:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Jan 2021 17:21:09 GMT
server
cloudflare
etag
"600efe05-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
61dcaab5dea24a7f-FRA
vary
Accept-Encoding
content-length
42
expires
Sun, 07 Feb 2021 13:10:51 GMT
bc44e944ba16723
www.prima.it/cdn-cgi/challenge-platform/h/b/generate/ov1/0.9644645025479887:1612695755:851cb18c862e39dbe46b10db18318a2ed5a3a094c60c6393d081c746ec4c6681/61dcaab58e284a7f/ 		50 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.prima.it/cdn-cgi/challenge-platform/h/b/generate/ov1/0.9644645025479887:1612695755:851cb18c862e39dbe46b10db18318a2ed5a3a094c60c6393d081c746ec4c6681/61dcaab58e284a7f/bc44e944ba16723
Requested by
Host: www.prima.it
URL: https://www.prima.it/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e307b8ed6405ecfd049f247befb99bd37c14627537be43e51472352d8aeb79e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.prima.it/chi-siamo?utm_source=EMAIL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge
bc44e944ba16723
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 07 Feb 2021 11:10:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
strict-transport-security
max-age=15552000; preload
cf-ray
61dcaab64fa34a7f-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
081dc905eb00004a7f6d1fd000000001
bc44e944ba16723
www.prima.it/cdn-cgi/challenge-platform/h/b/generate/ov1/0.9644645025479887:1612695755:851cb18c862e39dbe46b10db18318a2ed5a3a094c60c6393d081c746ec4c6681/61dcaab58e284a7f/ 		2 KB
1017 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.prima.it/cdn-cgi/challenge-platform/h/b/generate/ov1/0.9644645025479887:1612695755:851cb18c862e39dbe46b10db18318a2ed5a3a094c60c6393d081c746ec4c6681/61dcaab58e284a7f/bc44e944ba16723
Requested by
Host: www.prima.it
URL: https://www.prima.it/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ce82c5a223b1d81a9d5c8af6bcb6ee3e1ed12d5517b51ef1dd0b7790779881c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.prima.it/chi-siamo?utm_source=EMAIL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge
bc44e944ba16723
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 07 Feb 2021 11:10:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
cf_chl_out
/NnPQO7rGAwDFSy/10Mws5/dg5MIoFYa74mtPS3mhSMriASpGfNm2FSUI04WSGXBI1bY1NYBEJnQK72IRJrCylz/d2W2LYazJ4G81Onf2nMoqKH2q5NkHr8o9IOQt4E+7+xZrQ7LlVfnFlNCtDDElw==$qph+O/DagMpA/T8C9/6Otw==
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain;charset=UTF-8
strict-transport-security
max-age=15552000; preload
cf-ray
61dcaab8cd154a7f-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
081dc9078000004a7f68a67000000001
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
Primary Request chi-siamo
www.prima.it/ 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.prima.it/chi-siamo?utm_source=EMAIL
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=311389&a=3192794&g=24892390&epi=1022f5daa3c8d3b3d242b608b43618&url=https://www.prima.it/chi-siamo?utm_source=EMAIL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdce91afbdba83dd5f9705f071fd33577d7424854cac3407190d29038b4fdb1d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.prima.it
:scheme
https
:path
/chi-siamo?utm_source=EMAIL
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://www.prima.it/chi-siamo?utm_source=EMAIL
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d112e93c3883185371915756bae693ca11612696251; cf_chl_prog=F21
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.prima.it/chi-siamo?utm_source=EMAIL

Response headers

date
Sun, 07 Feb 2021 11:10:55 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id
081dc9157500004a7f1f127000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
61dcaacf1d254a7f-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
v1
www.prima.it/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.prima.it/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1
Requested by
Host: www.prima.it
URL: https://www.prima.it/chi-siamo?utm_source=EMAIL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20bb2d1b69a54b6a977cd57933fd85d1af3e25c8b9fb2415c91fcac294fd083d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.prima.it/chi-siamo?utm_source=EMAIL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 11:10:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=15552000; preload
cf-ray
61dcaacf7dbf4a7f-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
081dc915a800004a7f7c3ff000000001
transparent.gif
www.prima.it/cdn-cgi/images/trace/jschal/js/ 		42 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prima.it/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=61dcaacf1d254a7f
Requested by
Host: www.prima.it
URL: https://www.prima.it/chi-siamo?utm_source=EMAIL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.prima.it/chi-siamo?utm_source=EMAIL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 11:10:55 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Jan 2021 17:21:09 GMT
server
cloudflare
etag
"600efe05-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
61dcaacf7dc04a7f-FRA
vary
Accept-Encoding
content-length
42
expires
Sun, 07 Feb 2021 13:10:55 GMT
transparent.gif
www.prima.it/cdn-cgi/images/trace/jschal/nojs/ 		42 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prima.it/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=61dcaacf1d254a7f
Requested by
Host: www.prima.it
URL: https://www.prima.it/chi-siamo?utm_source=EMAIL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.prima.it/chi-siamo?utm_source=EMAIL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 11:10:55 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Jan 2021 17:21:09 GMT
server
cloudflare
etag
"600efe05-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
61dcaacf7dc14a7f-FRA
vary
Accept-Encoding
content-length
42
expires
Sun, 07 Feb 2021 13:10:55 GMT
5da18866637ad79
www.prima.it/cdn-cgi/challenge-platform/h/b/generate/ov1/0.9644645025479887:1612695755:851cb18c862e39dbe46b10db18318a2ed5a3a094c60c6393d081c746ec4c6681/61dcaacf1d254a7f/ 		44 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.prima.it/cdn-cgi/challenge-platform/h/b/generate/ov1/0.9644645025479887:1612695755:851cb18c862e39dbe46b10db18318a2ed5a3a094c60c6393d081c746ec4c6681/61dcaacf1d254a7f/5da18866637ad79
Requested by
Host: www.prima.it
URL: https://www.prima.it/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50dafa0dccbc39ed16c9031d1661b8fa467401ecddc9a258db1f6a4b751eeec9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.prima.it/chi-siamo?utm_source=EMAIL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge
5da18866637ad79
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 07 Feb 2021 11:10:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
strict-transport-security
max-age=15552000; preload
cf-ray
61dcaacfeec64a7f-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
081dc915ed00004a7f6d35d000000001
5da18866637ad79
www.prima.it/cdn-cgi/challenge-platform/h/b/generate/ov1/0.9644645025479887:1612695755:851cb18c862e39dbe46b10db18318a2ed5a3a094c60c6393d081c746ec4c6681/61dcaacf1d254a7f/ 		2 KB
989 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.prima.it/cdn-cgi/challenge-platform/h/b/generate/ov1/0.9644645025479887:1612695755:851cb18c862e39dbe46b10db18318a2ed5a3a094c60c6393d081c746ec4c6681/61dcaacf1d254a7f/5da18866637ad79
Requested by
Host: www.prima.it
URL: https://www.prima.it/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42db5c82e49eaa5093ad4023c28a2e655b7f570e7c8d11ad06b2492e295e5f3d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.prima.it/chi-siamo?utm_source=EMAIL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge
5da18866637ad79
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 07 Feb 2021 11:10:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
cf_chl_out
yOFSEf2CFy2Z2zS1okmU9PvUG4d4HgMlJTGtUjc3dqlBMOYmxhlwpYS55dNAo/KMQ/FiArjMMCjQHkODSkB2z8LQjFspnj+QTNDngvU9d8sNxKjp3/rVJ7A410IzeSEMxtpJiMdRFpajDNi547nzpQ==$1RtvuARFS6bZDHvn2x/WYg==
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain;charset=UTF-8
strict-transport-security
max-age=15552000; preload
cf-ray
61dcaad17a3a4a7f-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
081dc916ec00004a7f3594a000000001

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _cf_chl_opt function| _cf_chl_enter function| sendRequest boolean| _cf_chl_done_ran function| _cf_chl_done function| SHA256 object| _cf_chl_ctx function| _ number| vJAZGG

2 Cookies

Domain/Path Name / Value
www.prima.it/ Name: cf_chl_prog
Value: F21
.prima.it/ Name: __cfduid
Value: d112e93c3883185371915756bae693ca11612696251

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tradedoubler.com
clk.tradedoubler.com
echo7.bluehornet.com
tracking.adgoon.it
vht.tradedoubler.com
www.prima.it
143.204.209.93
188.165.150.178
2606:4700:10::6814:ea1
34.212.124.105
34.95.109.120
52.19.131.49
0b6ca4ae7ffb15cec1f741bff23003f5736aa051230b91bb0f11410200555242
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d
1ce82c5a223b1d81a9d5c8af6bcb6ee3e1ed12d5517b51ef1dd0b7790779881c
20bb2d1b69a54b6a977cd57933fd85d1af3e25c8b9fb2415c91fcac294fd083d
35f3dc3c7c11808fbae546ffc645904ddd7cb9d2f4251bfb7ee93caf92399dd1
3e307b8ed6405ecfd049f247befb99bd37c14627537be43e51472352d8aeb79e
42db5c82e49eaa5093ad4023c28a2e655b7f570e7c8d11ad06b2492e295e5f3d
4c89b12545260c7f0036173897a2a3afd0d80b24afd41031b513e91dc481f229
50dafa0dccbc39ed16c9031d1661b8fa467401ecddc9a258db1f6a4b751eeec9
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6f86fc22b6815cfd7eb07a06b91f3c4c70111c8bd1340ce860ddbc6b67f663c2
7d44692e72c5c7c34626c2e9d79aff145a9e0f7efaa707f0ae06c1b3084629f7
a33c084e9670038dabb1b7a413df941405f05914caaeeb25ffee5155b0db0ac1
d69dfcf9defbbceddb3b56cbc95e000f2cb6a68f3fe6a4c462c0fa5c6189c6fa
e214a4db54573f249873b726496afd26e6c72754ce8b03b65aed6a782f0fb0b0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f414c074924c88299a75161fff1b3312cfad9a71efbcaf620e4bdca76f1e7eb6
fcba034937d8dc4dfa89ac000c2eb841cf63ce2177e24d881d6673b04436dee6
fdce91afbdba83dd5f9705f071fd33577d7424854cac3407190d29038b4fdb1d