www.prima.it Open in urlscan Pro
2606:4700:10::6814:fa1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ad.payclick.it/scripts/click.php?a_bid=4bb52119&type=e&a_aid=93e3dd3f&chan=25184
Effective URL:
https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola...
Submission: On June 11 via manual (June 11th 2021, 10:36:53 am UTC) from AU

Summary HTTP 21 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 21 HTTP transactions. The main IP is 2606:4700:10::6814:fa1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.prima.it.
TLS certificate: Issued by GeoTrust EV RSA CA 2018 on February 5th 2021. Valid for: a year.

This is the only time www.prima.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	80.247.77.91 80.247.77.91	12850 (ASN-ENTER) (ASN-ENTER)
1 2	34.96.87.151 34.96.87.151	15169 (GOOGLE) (GOOGLE)
1	99.86.241.54 99.86.241.54	16509 (AMAZON-02) (AMAZON-02)
1	188.165.150.177 188.165.150.177	16276 (OVH) (OVH)
18	2606:4700:10:... 2606:4700:10::6814:fa1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	5

1 80.247.77.91 (Italy) 1 redirects

ASN12850 (ASN-ENTER, IT)
PTR: ad.payclick.it

ad.payclick.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.87.151 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 151.87.96.34.bc.googleusercontent.com

clk.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.241.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-241-54.vie50.r.cloudfront.net

vht.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.165.150.177 (France)

ASN16276 (OVH, FR)
PTR: lb01.net.royalcactus.com

analytics.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:10::6814:fa1 (United States)

ASN13335 (CLOUDFLARENET, US)

www.prima.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	prima.it www.prima.it	163 KB
4	tradedoubler.com 1 redirects clk.tradedoubler.com vht.tradedoubler.com analytics.tradedoubler.com	7 KB
1	payclick.it 1 redirects ad.payclick.it	682 B
21	3

	Domain	Requested by
18	www.prima.it	www.prima.it clk.tradedoubler.com
2	clk.tradedoubler.com	1 redirects
1	analytics.tradedoubler.com	vht.tradedoubler.com
1	vht.tradedoubler.com	clk.tradedoubler.com
1	ad.payclick.it	1 redirects
21	5

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
*.tradedoubler.com R3	`2021-05-03` - `2021-08-01`	3 months	crt.sh
www.prima.it GeoTrust EV RSA CA 2018	`2021-02-05` - `2022-03-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
Frame ID: A3F9D062CDC0CF6354E6CC6BF0D4E2B3
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://ad.payclick.it/scripts/click.php?a_bid=4bb52119&type=e&a_aid=93e3dd3f&chan=25184 HTTP 302
https://clk.tradedoubler.com/click?p=311753&a=3194146&g=24900152&epi=93e3dd3f_4bb52119_25184&url=https://... Page URL
https://clk.tradedoubler.com/click?p=311753&a=3194146&g=24900152&epi=93e3dd3f_4bb52119_25184&url=https://... HTTP 302
https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05... Page URL
https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05... Page URL
https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Google Cloud (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /^1\.1 google$/i

Page Statistics

21
Requests

100 %
HTTPS

20 %
IPv6

3
Domains

5
Subdomains

5
IPs

3
Countries

169 kB
Transfer

265 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/5xx-error-landing/
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ad.payclick.it/scripts/click.php?a_bid=4bb52119&type=e&a_aid=93e3dd3f&chan=25184 HTTP 302
https://clk.tradedoubler.com/click?p=311753&a=3194146&g=24900152&epi=93e3dd3f_4bb52119_25184&url=https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick Page URL
https://clk.tradedoubler.com/click?p=311753&a=3194146&g=24900152&epi=93e3dd3f_4bb52119_25184&url=https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick HTTP 302
https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick Page URL
https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick Page URL
https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://ad.payclick.it/scripts/click.php?a_bid=4bb52119&type=e&a_aid=93e3dd3f&chan=25184 HTTP 302
https://clk.tradedoubler.com/click?p=311753&a=3194146&g=24900152&epi=93e3dd3f_4bb52119_25184&url=https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick

Request Chain 3

https://clk.tradedoubler.com/click?p=311753&a=3194146&g=24900152&epi=93e3dd3f_4bb52119_25184&url=https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick HTTP 302
https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick

21 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

click Show response
clk.tradedoubler.com/
Redirect Chain

https://ad.payclick.it/scripts/click.php?a_bid=4bb52119&type=e&a_aid=93e3dd3f&chan=25184
https://clk.tradedoubler.com/click?p=311753&a=3194146&g=24900152&epi=93e3dd3f_4bb52119_25184&url=https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20...

1 KB
2 KB

58ms
24ms

Document
text/html

34.96.87.151
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://clk.tradedoubler.com/click?p=311753&a=3194146&g=24900152&epi=93e3dd3f_4bb52119_25184&url=https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.87.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 151.87.96.34.bc.googleusercontent.com
Software: TXServerHttp /
Resource Hash: fbda20e0a66ee17f8857e5de630bc8670c64a88e4cf03ad4511e50521708c307

Request headers

:method: GET
:authority: clk.tradedoubler.com
:scheme: https
:path: /click?p=311753&a=3194146&g=24900152&epi=93e3dd3f_4bb52119_25184&url=https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=ISO-8859-1
server: TXServerHttp
access-control-allow-origin: *
cache-control: private, max-age=0
pragma: no-cache
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy: origin
date: Fri, 11 Jun 2021 10:36:36 GMT
content-length: 1356
via: 1.1 google
alt-svc: clear

Redirect headers

Date: Fri, 11 Jun 2021 10:36:35 GMT
Server: Apache
P3P: CP="NOI NID ADMa DEVa PSAa OUR BUS ONL UNI COM STA OTC"
Set-Cookie: rt=1eeadd8f; expires=Wed, 16-Jun-2021 10:36:35 GMT; path=/; domain=.payclick.it PAPVisitorId=be74e421166be219e4e3bef392f11vnA; expires=Mon, 09-Jun-2031 10:36:35 GMT; path=/; samesite=None; Secure; domain=ad.payclick.it
Location: https://clk.tradedoubler.com/click?p=311753&a=3194146&g=24900152&epi=93e3dd3f_4bb52119_25184&url=https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
Content-Length: 6
Content-Type: text/html

GET
H/1.1 200
OK prefs.js Show response
vht.tradedoubler.com/fp/ 9 KB
4 KB 103ms
32ms Script
application/javascript 99.86.241.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vht.tradedoubler.com/fp/prefs.js
Requested by: Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=311753&a=3194146&g=24900152&epi=93e3dd3f_4bb52119_25184&url=https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.241.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-54.vie50.r.cloudfront.net
Software: Apache /
Resource Hash: 17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d

Request headers

Referer: https://clk.tradedoubler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 03:44:42 GMT
Content-Encoding: gzip
Age: 456713
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 15 Oct 2018 09:28:46 GMT
Server: Apache
ETag: W/"2509-57841106334e6"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 0b1a7654de85c273e4c8f54e3e012e2e.cloudfront.net (CloudFront)
Cache-Control: max-age=604800, public
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: TZg8_8G94UUVUNIU9OqAo4wvKtSnc3ldJYM2GhnsK0g1fe7MevgT5g==
Expires: Sun, 13 Jun 2021 03:44:42 GMT

POST
H/1.1 200
OK /
analytics.tradedoubler.com/ 0
241 B 128ms
31ms Ping
text/html 188.165.150.177
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tradedoubler.com/
Requested by: Host: vht.tradedoubler.com
URL: https://vht.tradedoubler.com/fp/prefs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.165.150.177 , France, ASN16276 (OVH, FR),
Reverse DNS: lb01.net.royalcactus.com
Software: nginx /
Resource Hash

Request headers

Referer: https://clk.tradedoubler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 11 Jun 2021 10:36:36 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2

503

payclick Show response
www.prima.it/l/
Redirect Chain

https://clk.tradedoubler.com/click?p=311753&a=3194146&g=24900152&epi=93e3dd3f_4bb52119_25184&url=https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20...
https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick

10 KB
11 KB

92ms
35ms

Document
text/html

2606:4700:10::6814:fa1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:fa1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20230bd6e1ed0e94b3e3de7982ef2be62e4b636c5617c4036817248b02798855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.prima.it
:scheme: https
:path: /l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://clk.tradedoubler.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://clk.tradedoubler.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://clk.tradedoubler.com/

Response headers

date: Fri, 11 Jun 2021 10:36:36 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id: 0a9c3e39cd00002c420d0e3000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 65da33094e8b2c42-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

location: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
set-cookie: EH_0=1z11z1zoXz2NEgnEz1QZryYsMuoA9yDO1oojqm.NwcTfjWO1n8.%79mXR2m%7aIsceuTvN83FM7hdgD363%7amcAoKqaPLYobahuP9haPLw%791H93V6uIBYcBsdD9;expires=Sat, 11-Jun-2022 10:36:36 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure GUID=1z11zzoXz2F7kUWza0f3cf5aadca340cb74559ff1d43d6c4;expires=Sat, 11-Jun-2022 10:36:36 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure TradeDoublerGUID=a0f3cf5aadca340cb74559ff1d43d6c4;expires=Sat, 11-Jun-2022 10:36:36 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure
server: TXServerHttp
access-control-allow-origin: *
cache-control: private, max-age=0
pragma: no-cache
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy: origin
date: Fri, 11 Jun 2021 10:36:36 GMT
content-length: 352
content-type: text/html; charset=ISO-8859-1
via: 1.1 google
alt-svc: clear

GET
H3-29 200 v1 Show response
www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 33 KB
12 KB 147ms
75ms Script
text/javascript 2606:4700:10::6814:fa1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65da33094e8b2c42

Requested by

Host: www.prima.it
URL: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:fa1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6864b6f7e1946335b9a4d2dfa50ca5ff7fa9cecc96525d722243a200c97cf440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

:path: /cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65da33094e8b2c42
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.prima.it
referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 10:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, must-revalidate
strict-transport-security: max-age=15552000; preload
cf-ray: 65da3309f8db5364-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a9c3e3a3f00005364a99fa000000001

GET
H3-29 200 transparent.gif
www.prima.it/cdn-cgi/images/trace/jschal/js/ 42 B
222 B 97ms
25ms Image
image/gif 2606:4700:10::6814:fa1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.prima.it/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=65da33094e8b2c42

Requested by

Host: www.prima.it
URL: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:fa1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/jschal/js/transparent.gif?ray=65da33094e8b2c42
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.prima.it
referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 10:36:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 15:57:17 GMT
server: cloudflare
etag: "60bf935d-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 65da3309f8d95364-FRA
vary: Accept-Encoding
content-length: 42
expires: Fri, 11 Jun 2021 12:36:36 GMT

GET
H3-29 200 transparent.gif
www.prima.it/cdn-cgi/images/trace/jschal/nojs/ 42 B
258 B 89ms
18ms Image
image/gif 2606:4700:10::6814:fa1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.prima.it/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=65da33094e8b2c42

Requested by

Host: www.prima.it
URL: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:fa1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=65da33094e8b2c42
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.prima.it
referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 10:36:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 15:57:17 GMT
server: cloudflare
etag: "60bf935d-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 65da3309f8d85364-FRA
vary: Accept-Encoding
content-length: 42
expires: Fri, 11 Jun 2021 12:36:36 GMT

POST
H3-29 200 1b1c384e5be4eb4 Show response
www.prima.it/cdn-cgi/challenge-platform/h/g/flow/ov1/0.49316040234820324:1623405890:8f52c786361f4c12c22557b991e05cffdd36373fb4cb04fdef324cc9c9d4aee0/65da33094e8b2c42/ 33 KB
25 KB 274ms
274ms XHR
text/plain 2606:4700:10::6814:fa1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.prima.it/cdn-cgi/challenge-platform/h/g/flow/ov1/0.49316040234820324:1623405890:8f52c786361f4c12c22557b991e05cffdd36373fb4cb04fdef324cc9c9d4aee0/65da33094e8b2c42/1b1c384e5be4eb4

Requested by

Host: www.prima.it
URL: https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65da33094e8b2c42

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:fa1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dfec7be0d55efbeb00adbf45ae8e8dd7e34639065beed857075d9255ac0d42b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.prima.it
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: cf_chl_2=1b1c384e5be4eb4; cf_chl_prog=e
content-length: 2078
:path: /cdn-cgi/challenge-platform/h/g/flow/ov1/0.49316040234820324:1623405890:8f52c786361f4c12c22557b991e05cffdd36373fb4cb04fdef324cc9c9d4aee0/65da33094e8b2c42/1b1c384e5be4eb4
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: www.prima.it
referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
:scheme: https
sec-fetch-site: same-origin
cf-challenge: 1b1c384e5be4eb4
:method: POST
Referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
CF-Challenge: 1b1c384e5be4eb4
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 11 Jun 2021 10:36:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
set-cookie: cf_chl_seq_1b1c384e5be4eb4=f0f3d11340c4d3e;SameSite=Strict;Secure;HttpOnly
strict-transport-security: max-age=15552000; preload
cf-ray: 65da330abaa95364-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a9c3e3ab300005364e928b000000001

POST
H3-29 200 1b1c384e5be4eb4 Show response
www.prima.it/cdn-cgi/challenge-platform/h/g/flow/ov1/0.49316040234820324:1623405890:8f52c786361f4c12c22557b991e05cffdd36373fb4cb04fdef324cc9c9d4aee0/65da33094e8b2c42/ 2 KB
2 KB 230ms
230ms XHR
text/plain 2606:4700:10::6814:fa1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.prima.it/cdn-cgi/challenge-platform/h/g/flow/ov1/0.49316040234820324:1623405890:8f52c786361f4c12c22557b991e05cffdd36373fb4cb04fdef324cc9c9d4aee0/65da33094e8b2c42/1b1c384e5be4eb4

Requested by

Host: www.prima.it
URL: https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65da33094e8b2c42

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:fa1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ccc5cec3f344654a9caccb99ceb30fff91789cf19123e8c82d66b32ccf7b5ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.prima.it
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: cf_chl_seq_1b1c384e5be4eb4=f0f3d11340c4d3e; cf_chl_2=1b1c384e5be4eb4; cf_chl_prog=a5
content-length: 18066
:path: /cdn-cgi/challenge-platform/h/g/flow/ov1/0.49316040234820324:1623405890:8f52c786361f4c12c22557b991e05cffdd36373fb4cb04fdef324cc9c9d4aee0/65da33094e8b2c42/1b1c384e5be4eb4
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: www.prima.it
referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
:scheme: https
sec-fetch-site: same-origin
cf-challenge: 1b1c384e5be4eb4
:method: POST
Referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
CF-Challenge: 1b1c384e5be4eb4
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 11 Jun 2021 10:36:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
cf_chl_out: nDfkZ3NA9fEqiEqL0QCajSQVVHmSlxgo4oPyBTAxBB3LLmF0dYE38L91hlySB34hNTMaB7+xsAZ32jybFdOLFYf9Gn+GfyDCCJVxdM/BRQ8oAzwr+wXDtAW8ZKpyoS3ITD0mzmwW9EbkoqxgdHDKQ33thGH+NuwYM9RDjhGJ1M4=$aZX1m+0AIHcLWpDDC0/Ctw==
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain;charset=UTF-8
set-cookie: cf_chl_seq_1b1c384e5be4eb4=;Expires=Thu, 10 Jun 2021 10:36:37 GMT;SameSite=Strict;Secure;HttpOnly
strict-transport-security: max-age=15552000; preload
cf-ray: 65da33106a1c5364-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a9c3e3e44000053648c3d5000000001

GET
H3-29 503 payclick Show response
www.prima.it/l/ 9 KB
10 KB 33ms
33ms Document
text/html 2606:4700:10::6814:fa1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick

Requested by

Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=311753&a=3194146&g=24900152&epi=93e3dd3f_4bb52119_25184&url=https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:fa1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08edfbe25165ada34bb40ddd6f431ed3ab3b2ea59febb212b0d5341bffbe3738

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.prima.it
:scheme: https
:path: /l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: cf_chl_2=1b1c384e5be4eb4; cf_chl_prog=F8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick

Response headers

date: Fri, 11 Jun 2021 10:36:40 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id: 0a9c3e4a3400005364e18c4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 65da33238e785364-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 v1 Show response
www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 33 KB
12 KB 39ms
38ms Script
text/javascript 2606:4700:10::6814:fa1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65da33238e785364

Requested by

Host: www.prima.it
URL: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:fa1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6864b6f7e1946335b9a4d2dfa50ca5ff7fa9cecc96525d722243a200c97cf440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

:path: /cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65da33238e785364
pragma: no-cache
cookie: cf_chl_2=1b1c384e5be4eb4; cf_chl_prog=F8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.prima.it
referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 10:36:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, must-revalidate
strict-transport-security: max-age=15552000; preload
cf-ray: 65da3323cf1a5364-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a9c3e4a5d000053649d884000000001

GET
H3-29 200 transparent.gif
www.prima.it/cdn-cgi/images/trace/jschal/js/ 42 B
222 B 9ms
8ms Image
image/gif 2606:4700:10::6814:fa1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.prima.it/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=65da33238e785364

Requested by

Host: www.prima.it
URL: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:fa1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/jschal/js/transparent.gif?ray=65da33238e785364
pragma: no-cache
cookie: cf_chl_2=1b1c384e5be4eb4; cf_chl_prog=F8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.prima.it
referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 10:36:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 15:57:17 GMT
server: cloudflare
etag: "60bf935d-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 65da3323cf1e5364-FRA
vary: Accept-Encoding
content-length: 42
expires: Fri, 11 Jun 2021 12:36:40 GMT

GET
H3-29 200 transparent.gif
www.prima.it/cdn-cgi/images/trace/jschal/nojs/ 42 B
222 B 9ms
9ms Image
image/gif 2606:4700:10::6814:fa1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.prima.it/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=65da33238e785364

Requested by

Host: www.prima.it
URL: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:fa1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=65da33238e785364
pragma: no-cache
cookie: cf_chl_2=1b1c384e5be4eb4; cf_chl_prog=F8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.prima.it
referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 10:36:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 15:57:17 GMT
server: cloudflare
etag: "60bf935d-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 65da3323cf205364-FRA
vary: Accept-Encoding
content-length: 42
expires: Fri, 11 Jun 2021 12:36:40 GMT

POST
H3-29 200 0e3562cab0da7e8 Show response
www.prima.it/cdn-cgi/challenge-platform/h/g/flow/ov1/0.49316040234820324:1623405890:8f52c786361f4c12c22557b991e05cffdd36373fb4cb04fdef324cc9c9d4aee0/65da33238e785364/ 41 KB
31 KB 298ms
298ms XHR
text/plain 2606:4700:10::6814:fa1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.prima.it/cdn-cgi/challenge-platform/h/g/flow/ov1/0.49316040234820324:1623405890:8f52c786361f4c12c22557b991e05cffdd36373fb4cb04fdef324cc9c9d4aee0/65da33238e785364/0e3562cab0da7e8

Requested by

Host: www.prima.it
URL: https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65da33238e785364

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:fa1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10d25794dbd450ec432fd886606b6c5e8672244f2b03de6534ce5fe37e339a70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.prima.it
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: cf_chl_2=0e3562cab0da7e8; cf_chl_prog=e
content-length: 2100
:path: /cdn-cgi/challenge-platform/h/g/flow/ov1/0.49316040234820324:1623405890:8f52c786361f4c12c22557b991e05cffdd36373fb4cb04fdef324cc9c9d4aee0/65da33238e785364/0e3562cab0da7e8
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: www.prima.it
referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
:scheme: https
sec-fetch-site: same-origin
cf-challenge: 0e3562cab0da7e8
:method: POST
Referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
CF-Challenge: 0e3562cab0da7e8
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 11 Jun 2021 10:36:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
set-cookie: cf_chl_seq_0e3562cab0da7e8=f487397872f9544;SameSite=Strict;Secure;HttpOnly
strict-transport-security: max-age=15552000; preload
cf-ray: 65da3324381d5364-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a9c3e4aa700005364980e8000000001

GET
DATA 200
OK truncated
/ 164 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cc56ec4dfd4188a1be0be7467e055d8de448dd5e2cfe7932d421d34677928e9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 200 0e3562cab0da7e8 Show response
www.prima.it/cdn-cgi/challenge-platform/h/g/flow/ov1/0.49316040234820324:1623405890:8f52c786361f4c12c22557b991e05cffdd36373fb4cb04fdef324cc9c9d4aee0/65da33238e785364/ 2 KB
2 KB 219ms
219ms XHR
text/plain 2606:4700:10::6814:fa1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.prima.it/cdn-cgi/challenge-platform/h/g/flow/ov1/0.49316040234820324:1623405890:8f52c786361f4c12c22557b991e05cffdd36373fb4cb04fdef324cc9c9d4aee0/65da33238e785364/0e3562cab0da7e8

Requested by

Host: www.prima.it
URL: https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65da33238e785364

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:fa1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b01534cef1b743aa1adb3ebab89d2dc1d7e41b43a5214c0b643c96441b52b1c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.prima.it
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: cf_chl_seq_0e3562cab0da7e8=f487397872f9544; cf_chl_2=0e3562cab0da7e8; cf_chl_prog=a3
content-length: 18136
:path: /cdn-cgi/challenge-platform/h/g/flow/ov1/0.49316040234820324:1623405890:8f52c786361f4c12c22557b991e05cffdd36373fb4cb04fdef324cc9c9d4aee0/65da33238e785364/0e3562cab0da7e8
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: www.prima.it
referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
:scheme: https
sec-fetch-site: same-origin
cf-challenge: 0e3562cab0da7e8
:method: POST
Referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
CF-Challenge: 0e3562cab0da7e8
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 11 Jun 2021 10:36:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
cf_chl_out: Zn0NCDgzuebS0NlscYLYsk8M4P6Hdr7NV1OnJURHOvJ4YWvbHX86efxNWKqtUtZD5ZnqCHGUl0142wiAEGJxESMqOZKey/kniJ6Zkkh23Tmht8QpBS8VUoTzWFvSgVaVLP+LYRAQuSIW0nyHJu+bUD9op6NqNZeknur54DBa+K0DVlEZn6hgjNJTjPqU9m/KB6FWkuaay9pR2sKywANU6aXo+mCiaCn4vWLMycZMFIPAze6HJpQRufobGxWzBlLC$eeSKXkJWNIM64mkpZ48lsw==
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain;charset=UTF-8
set-cookie: cf_chl_seq_0e3562cab0da7e8=;Expires=Thu, 10 Jun 2021 10:36:41 GMT;SameSite=Strict;Secure;HttpOnly
strict-transport-security: max-age=15552000; preload
cf-ray: 65da332829a95364-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a9c3e4d1900005364ceb30000000001

GET
H3-29 503 Primary Request payclick Show response
www.prima.it/l/ 9 KB
10 KB 13ms
12ms Document
text/html 2606:4700:10::6814:fa1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:fa1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

593594b6e4a7cdd19b8ac777b98e7c6db87d8c6d0106ae62acb65e0d928c3dd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.prima.it
:scheme: https
:path: /l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: cf_chl_2=0e3562cab0da7e8; cf_chl_prog=F8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick

Response headers

date: Fri, 11 Jun 2021 10:36:44 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id: 0a9c3e5a2c00005364e1a5e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 65da333d0fb65364-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 v1 Show response
www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 37 KB
13 KB 64ms
64ms Script
text/javascript 2606:4700:10::6814:fa1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65da333d0fb65364

Requested by

Host: www.prima.it
URL: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:fa1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74db1caa4fe086215cd37ec31306d5d254a11fba7bf7827846ae438e3afb33d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

:path: /cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65da333d0fb65364
pragma: no-cache
cookie: cf_chl_2=0e3562cab0da7e8; cf_chl_prog=F8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.prima.it
referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 10:36:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, must-revalidate
strict-transport-security: max-age=15552000; preload
cf-ray: 65da333d38005364-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a9c3e5a40000053649d1ce000000001

GET
H3-29 200 transparent.gif
www.prima.it/cdn-cgi/images/trace/jschal/js/ 42 B
222 B 10ms
9ms Image
image/gif 2606:4700:10::6814:fa1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.prima.it/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=65da333d0fb65364

Requested by

Host: www.prima.it
URL: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:fa1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/jschal/js/transparent.gif?ray=65da333d0fb65364
pragma: no-cache
cookie: cf_chl_2=0e3562cab0da7e8; cf_chl_prog=F8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.prima.it
referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 10:36:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 15:57:17 GMT
server: cloudflare
etag: "60bf935d-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 65da333d38055364-FRA
vary: Accept-Encoding
content-length: 42
expires: Fri, 11 Jun 2021 12:36:44 GMT

GET
H3-29 200 transparent.gif
www.prima.it/cdn-cgi/images/trace/jschal/nojs/ 42 B
222 B 10ms
9ms Image
image/gif 2606:4700:10::6814:fa1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.prima.it/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=65da333d0fb65364

Requested by

Host: www.prima.it
URL: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:fa1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=65da333d0fb65364
pragma: no-cache
cookie: cf_chl_2=0e3562cab0da7e8; cf_chl_prog=F8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.prima.it
referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 10:36:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 15:57:17 GMT
server: cloudflare
etag: "60bf935d-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 65da333d38095364-FRA
vary: Accept-Encoding
content-length: 42
expires: Fri, 11 Jun 2021 12:36:44 GMT

POST
H3-29 200 6e4e60d206f047d Show response
www.prima.it/cdn-cgi/challenge-platform/h/g/flow/ov1/0.2674269295472941:1623405884:15bd7cfefb67f9aaa27ba549d4e8371c3baf2ae1ba2d7b5e890595e316c0e207/65da333d0fb65364/ 42 KB
32 KB 244ms
244ms XHR
text/plain 2606:4700:10::6814:fa1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.prima.it/cdn-cgi/challenge-platform/h/g/flow/ov1/0.2674269295472941:1623405884:15bd7cfefb67f9aaa27ba549d4e8371c3baf2ae1ba2d7b5e890595e316c0e207/65da333d0fb65364/6e4e60d206f047d

Requested by

Host: www.prima.it
URL: https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65da333d0fb65364

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:fa1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e60a506965211aee23ce24937f3f37340420863c58fb9eccb786cdebe99b9765

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.prima.it
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: cf_chl_2=6e4e60d206f047d; cf_chl_prog=e
content-length: 2117
:path: /cdn-cgi/challenge-platform/h/g/flow/ov1/0.2674269295472941:1623405884:15bd7cfefb67f9aaa27ba549d4e8371c3baf2ae1ba2d7b5e890595e316c0e207/65da333d0fb65364/6e4e60d206f047d
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: www.prima.it
referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
:scheme: https
sec-fetch-site: same-origin
cf-challenge: 6e4e60d206f047d
:method: POST
Referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
CF-Challenge: 6e4e60d206f047d
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 11 Jun 2021 10:36:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
set-cookie: cf_chl_seq_6e4e60d206f047d=f6a1c945cdecd7b;SameSite=Strict;Secure;HttpOnly
strict-transport-security: max-age=15552000; preload
cf-ray: 65da333dd9a15364-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a9c3e5aa700005364bf278000000001

POST
H3-29 200 6e4e60d206f047d Show response
www.prima.it/cdn-cgi/challenge-platform/h/g/flow/ov1/0.2674269295472941:1623405884:15bd7cfefb67f9aaa27ba549d4e8371c3baf2ae1ba2d7b5e890595e316c0e207/65da333d0fb65364/ 2 KB
2 KB 252ms
252ms XHR
text/plain 2606:4700:10::6814:fa1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.prima.it/cdn-cgi/challenge-platform/h/g/flow/ov1/0.2674269295472941:1623405884:15bd7cfefb67f9aaa27ba549d4e8371c3baf2ae1ba2d7b5e890595e316c0e207/65da333d0fb65364/6e4e60d206f047d

Requested by

Host: www.prima.it
URL: https://www.prima.it/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65da333d0fb65364

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:fa1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cce4768dc208fb5549f26488e95e692c2b54345e9386051994fc3b69e39a95d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.prima.it
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: cf_chl_seq_6e4e60d206f047d=f6a1c945cdecd7b; cf_chl_2=6e4e60d206f047d; cf_chl_prog=b0
content-length: 19051
:path: /cdn-cgi/challenge-platform/h/g/flow/ov1/0.2674269295472941:1623405884:15bd7cfefb67f9aaa27ba549d4e8371c3baf2ae1ba2d7b5e890595e316c0e207/65da333d0fb65364/6e4e60d206f047d
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: www.prima.it
referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
:scheme: https
sec-fetch-site: same-origin
cf-challenge: 6e4e60d206f047d
:method: POST
Referer: https://www.prima.it/l/payclick?utm_source=EMAIL&utm_medium=dem_payclick&utm_campaign=payclick_05_20&utm_term=calcola2&utm_content=landing_payclick
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
CF-Challenge: 6e4e60d206f047d
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 11 Jun 2021 10:36:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
cf_chl_out: kLKipD1afJoUDV2b0GDNTsYYyS91GLMofqNK6UK0fsWjY5oEw1HXzqBt4XlSvl+T4DJkYKuCsZu1gisIdNzXCLbqGnMTsnlKnTGYhWVd1mwmcSB0wAyvoTpb4SLPCmBrO4BRgUMgbKBV4qyQff3SxaCy0Y9Mia536Opsm1p6xKm4dx6GPJCcNM7NnGzEwDm65U6vDdJ010G0X/JuhMKPy6dCw6lgCjpxB2qKjwIi+W3SdmQFnpbCU2apPbF/xWhv$O51iCYJglVTbVOwIxxrfGg==
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain;charset=UTF-8
set-cookie: cf_chl_seq_6e4e60d206f047d=;Expires=Thu, 10 Jun 2021 10:36:45 GMT;SameSite=Strict;Secure;HttpOnly
strict-transport-security: max-age=15552000; preload
cf-ray: 65da3341aa425364-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a9c3e5d0c00005364da2cc000000001

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.prima.it/	1970-01-19 18:56:51	Name: cf_chl_prog Value: e
			www.prima.it/	1970-01-19 18:56:51	Name: cf_chl_2 Value: 6e4e60d206f047d

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.payclick.it
analytics.tradedoubler.com
clk.tradedoubler.com
vht.tradedoubler.com
www.prima.it
188.165.150.177
2606:4700:10::6814:fa1
34.96.87.151
80.247.77.91
99.86.241.54
08edfbe25165ada34bb40ddd6f431ed3ab3b2ea59febb212b0d5341bffbe3738
0ccc5cec3f344654a9caccb99ceb30fff91789cf19123e8c82d66b32ccf7b5ec
10d25794dbd450ec432fd886606b6c5e8672244f2b03de6534ce5fe37e339a70
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d
1dfec7be0d55efbeb00adbf45ae8e8dd7e34639065beed857075d9255ac0d42b
20230bd6e1ed0e94b3e3de7982ef2be62e4b636c5617c4036817248b02798855
593594b6e4a7cdd19b8ac777b98e7c6db87d8c6d0106ae62acb65e0d928c3dd8
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6864b6f7e1946335b9a4d2dfa50ca5ff7fa9cecc96525d722243a200c97cf440
6cc56ec4dfd4188a1be0be7467e055d8de448dd5e2cfe7932d421d34677928e9
6cce4768dc208fb5549f26488e95e692c2b54345e9386051994fc3b69e39a95d
74db1caa4fe086215cd37ec31306d5d254a11fba7bf7827846ae438e3afb33d3
b01534cef1b743aa1adb3ebab89d2dc1d7e41b43a5214c0b643c96441b52b1c6
e60a506965211aee23ce24937f3f37340420863c58fb9eccb786cdebe99b9765
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fbda20e0a66ee17f8857e5de630bc8670c64a88e4cf03ad4511e50521708c307

www.prima.it Open in urlscan Pro 2606:4700:10::6814:fa1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

20 %IPv6

3 Domains

5 Subdomains

5 IPs

3 Countries

169 kBTransfer

265 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

2 Cookies

Indicators

www.prima.it Open in urlscan Pro
2606:4700:10::6814:fa1 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

20 %
IPv6

3
Domains

5
Subdomains

5
IPs

3
Countries

169 kB
Transfer

265 kB
Size

2
Cookies

21 HTTP transactions
2 data transactions