urlscan.io logo urlscan.io
SecurityTrails logo

www.nadir.it Open in urlscan Pro
31.11.33.242  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.nadir.it/
Submission Tags: falconsandbox
Submission: On April 26 via api from US — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 8 domains to perform 19 HTTP transactions. The main IP is 31.11.33.242, located in Arezzo, Italy and belongs to ARUBA-ASN, IT. The main domain is www.nadir.it.
TLS certificate: Issued by Actalis Domain Validation Server CA G3 on November 23rd 2021. Valid for: a year.
This is the only time www.nadir.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 31.11.33.242 31034 (ARUBA-ASN)
1 3 13.224.195.54 16509 (AMAZON-02)
1 3 34.96.99.245 15169 (GOOGLE)
1 1 34.95.127.121 15169 (GOOGLE)
1 34.85.195.73 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
19 6
10    31.11.33.242 (Arezzo, Italy)

ASN31034 (ARUBA-ASN, IT)
PTR: websn2s232.aruba.it
www.nadir.it
3    13.224.195.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-54.fra2.r.cloudfront.net
a.impactradius-go.com
3    34.96.99.245 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 245.99.96.34.bc.googleusercontent.com
skylum.evyy.net
1    34.95.127.121 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 121.127.95.34.bc.googleusercontent.com
www.ojrq.net
1    34.85.195.73 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 73.195.85.34.bc.googleusercontent.com
origin-cloudfront-app-wgfpbvbkqjpenk46.impact.com
2    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
10 nadir.it
www.nadir.it
226 KB
3 evyy.net
skylum.evyy.net — Cisco Umbrella Rank: 876705
711 B
3 impactradius-go.com
a.impactradius-go.com — Cisco Umbrella Rank: 42781
214 KB
2 gstatic.com
fonts.gstatic.com
45 KB
1 impact.com
origin-cloudfront-app-wgfpbvbkqjpenk46.impact.com
924 B
1 ojrq.net
www.ojrq.net — Cisco Umbrella Rank: 6821
505 B
0 cookie-script.com Failed
chs02.cookie-script.com Failed
0 google-analytics.com Failed
www.google-analytics.com Failed
19 8
Domain Requested by
10 www.nadir.it www.nadir.it
3 skylum.evyy.net 1 redirects www.nadir.it
origin-cloudfront-app-wgfpbvbkqjpenk46.impact.com
3 a.impactradius-go.com 1 redirects www.nadir.it
origin-cloudfront-app-wgfpbvbkqjpenk46.impact.com
2 fonts.gstatic.com www.nadir.it
1 origin-cloudfront-app-wgfpbvbkqjpenk46.impact.com www.nadir.it
1 www.ojrq.net 1 redirects
0 chs02.cookie-script.com Failed www.nadir.it
0 www.google-analytics.com Failed www.nadir.it
19 8
Subject Issuer Validity Valid
*.nadir.it
Actalis Domain Validation Server CA G3		 2021-11-23 -
2022-12-24		 a year crt.sh
*.impactradius-go.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-10 -
2023-01-07		 a year crt.sh
*.impact.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-10 -
2023-01-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.evyy.net
Sectigo RSA Domain Validation Secure Server CA		 2022-01-10 -
2023-01-07		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.nadir.it/
Frame ID: 3D4F6CD34EBE57FB944A3A00C9D2E17A
Requests: 16 HTTP requests in this frame

Frame: https://origin-cloudfront-app-wgfpbvbkqjpenk46.impact.com/gen-ad-code/1202540/1146808/3255/
Frame ID: 0250F958E0307D252070DAA20693B5B7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FOTOGRAFIA NADIR MAGAZINE - RIVISTA TELEMATICA DI FOTOGRAFIA ON-LINE DAL 1997

Page Statistics

19
Requests

84 %
HTTPS

17 %
IPv6

8
Domains

8
Subdomains

6
IPs

3
Countries

486 kB
Transfer

508 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://skylum.evyy.net/i/1202540/1117826/3255 HTTP 302
  • https://www.ojrq.net/p/?return=https%3A%2F%2Fskylum.evyy.net%2Fi%2F1202540%2F1117826%2F3255%3Flevel%3D1%26srcref%3Dhttps%253A%252F%252Fwww.nadir.it%252F&cid=3255&tpsync=no HTTP 302
  • https://skylum.evyy.net/i/1202540/1117826/3255?level=1&srcref=https%3A%2F%2Fwww.nadir.it%2F&brwsr=3c848035-c54e-11ec-a12b-ddf5fc4c7138&brwsrsig=UKfVIL370VTg1Vu0NtWAAWMoTboQTC
Request Chain 11
  • https://a.impactradius-go.com/gen-ad-code/1202540/1146808/3255/ HTTP 302
  • https://origin-cloudfront-app-wgfpbvbkqjpenk46.impact.com/gen-ad-code/1202540/1146808/3255/

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.nadir.it/ 		20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nadir.it/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
31.11.33.242 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
websn2s232.aruba.it
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b6d8398a0fa7644565741c79adcd5330ade624bc1b027f24834e59312e6509e8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
6380
Content-Type
text/html
Date
Tue, 26 Apr 2022 10:47:15 GMT
ETag
"80516f209458d81:0"
Last-Modified
Mon, 25 Apr 2022 11:03:43 GMT
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
X-Aruba-Cache
NA
X-Aruba2-Cache
NA
X-Powered-By
ASP.NET
stilehome.css
www.nadir.it/Scripts/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nadir.it/Scripts/stilehome.css
Requested by
Host: www.nadir.it
URL: https://www.nadir.it/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
31.11.33.242 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
websn2s232.aruba.it
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0c9327971984ceb173afa22e165787b3446d1458995795ca8d833f85ddc88ac7

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.nadir.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 10:47:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Mar 2018 18:06:32 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"044a02b2dc5d31:0"
X-Aruba-Cache
NA
Vary
Accept-Encoding
Content-Type
text/css
X-Aruba2-Cache
NA
Accept-Ranges
bytes
Content-Length
2242
NadirTestata666x113.jpg
www.nadir.it/index_img/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nadir.it/index_img/NadirTestata666x113.jpg
Requested by
Host: www.nadir.it
URL: https://www.nadir.it/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
31.11.33.242 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
websn2s232.aruba.it
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2fdd02482b4adf150d57d45ba28380d71129b1c210a8748c4c97b2b9fc50b04b

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.nadir.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 10:47:15 GMT
Last-Modified
Fri, 24 Feb 2017 11:58:09 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"97938d44958ed21:0"
X-Aruba-Cache
NA
Content-Type
image/jpeg
X-Aruba2-Cache
NA
Accept-Ranges
bytes
Content-Length
37337
Fondatore-e-direttore-250-2.jpg
www.nadir.it/index_img/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nadir.it/index_img/Fondatore-e-direttore-250-2.jpg
Requested by
Host: www.nadir.it
URL: https://www.nadir.it/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
31.11.33.242 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
websn2s232.aruba.it
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
3e04d10c32af745a6e98c85ea6722aab0617c691bd1be6e8847540e9730e3b71

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.nadir.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 10:47:15 GMT
Last-Modified
Sat, 27 Apr 2019 12:34:57 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"8f11c39ff5fcd41:0"
X-Aruba-Cache
NA
Content-Type
image/jpeg
X-Aruba2-Cache
NA
Accept-Ranges
bytes
Content-Length
12367
Sigma-20mm-f2-Cover.jpg
www.nadir.it/ob-fot/SIGMA_20-F2/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nadir.it/ob-fot/SIGMA_20-F2/Sigma-20mm-f2-Cover.jpg
Requested by
Host: www.nadir.it
URL: https://www.nadir.it/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
31.11.33.242 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
websn2s232.aruba.it
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
13dda5ec0049f0d9bd08c9f7ed1fe80c50d6dd3850819b02b6584ea27ca6ffdc

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.nadir.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 10:47:15 GMT
Last-Modified
Wed, 09 Feb 2022 12:13:58 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"c8d61b84ae1dd81:0"
X-Aruba-Cache
NA
Content-Type
image/jpeg
X-Aruba2-Cache
NA
Accept-Ranges
bytes
Content-Length
59466
Corsi-lezioni-workshop-2-320px.jpg
www.nadir.it/corsi-incontri-workshop/CORSI-INCONTRI-WORKSHOP/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nadir.it/corsi-incontri-workshop/CORSI-INCONTRI-WORKSHOP/Corsi-lezioni-workshop-2-320px.jpg
Requested by
Host: www.nadir.it
URL: https://www.nadir.it/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
31.11.33.242 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
websn2s232.aruba.it
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d7cf824b98feb8290b44e95cbb9505f5fc4064ac22cbca90fade6e62beee7865

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.nadir.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 10:47:15 GMT
Last-Modified
Mon, 14 Feb 2022 10:23:39 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"aa72a0ee8c21d81:0"
X-Aruba-Cache
NA
Content-Type
image/jpeg
X-Aruba2-Cache
NA
Accept-Ranges
bytes
Content-Length
42309
Nadir_Banner_YouTube.jpg
www.nadir.it/banner/Nadir/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nadir.it/banner/Nadir/Nadir_Banner_YouTube.jpg
Requested by
Host: www.nadir.it
URL: https://www.nadir.it/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
31.11.33.242 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
websn2s232.aruba.it
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e21d26c92972fd96adf61653fb4e899b2ba5a6a6192917bf1629084802c20007

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.nadir.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 10:47:15 GMT
Last-Modified
Fri, 19 Mar 2021 19:15:51 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"325fc946f41cd71:0"
X-Aruba-Cache
NA
Content-Type
image/jpeg
X-Aruba2-Cache
NA
Accept-Ranges
bytes
Content-Length
38095
GhiottaMente300x200.png
www.nadir.it/banner/Sponsor/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nadir.it/banner/Sponsor/GhiottaMente300x200.png
Requested by
Host: www.nadir.it
URL: https://www.nadir.it/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
31.11.33.242 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
websn2s232.aruba.it
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5cd349e9c8df66c469cc1e3e8c63cd6c7cbffd22fde1b855dd3ea126a48a36c1

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.nadir.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 10:47:15 GMT
Last-Modified
Fri, 22 Jul 2016 17:04:36 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"ab4050203be4d11:0"
X-Aruba-Cache
NA
Content-Type
image/png
X-Aruba2-Cache
NA
Accept-Ranges
bytes
Content-Length
12613
CineSud_Banner300x150.jpg
www.nadir.it/banner/Sponsor/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nadir.it/banner/Sponsor/CineSud_Banner300x150.jpg
Requested by
Host: www.nadir.it
URL: https://www.nadir.it/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
31.11.33.242 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
websn2s232.aruba.it
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0e322e3c534d85c5fda413d11e268a1c65867109890a3358167fb598c9ef9d3f

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.nadir.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 10:47:15 GMT
Last-Modified
Fri, 19 Mar 2021 18:36:34 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"788adc9ee1cd71:0"
X-Aruba-Cache
NA
Content-Type
image/jpeg
X-Aruba2-Cache
NA
Accept-Ranges
bytes
Content-Length
15007
3255-1117826
a.impactradius-go.com/display-ad/ 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.impactradius-go.com/display-ad/3255-1117826
Requested by
Host: www.nadir.it
URL: https://www.nadir.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-54.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
13ec799f0c2ffe70856313c73021d223880af8a12530a2f480789dabf387bd77

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.nadir.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 10:47:16 GMT
via
1.1 f046bfa1468bb4385e357c8c9128cf50.cloudfront.net (CloudFront)
last-modified
Fri, 23 Jul 2021 12:10:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"eefcd9941ae6d4b1aefa9ed995fc0803"
x-cache
RefreshHit from cloudfront
content-type
image/png
cache-control
public,max-age=900,s-maxage=600
accept-ranges
bytes
content-length
137043
x-amz-cf-id
LsWynio4-4boCKoUVdOCYUpO6q16tk02CaIZOMOTxNwo7GltYemr3g==
3255
skylum.evyy.net/i/1202540/1117826/
Redirect Chain
  • https://skylum.evyy.net/i/1202540/1117826/3255
  • https://www.ojrq.net/p/?return=https%3A%2F%2Fskylum.evyy.net%2Fi%2F1202540%2F1117826%2F3255%3Flevel%3D1%26srcref%3Dhttps%253A%252F%252Fwww.nadir.it%252F&cid=3255&tpsync=no
  • https://skylum.evyy.net/i/1202540/1117826/3255?level=1&srcref=https%3A%2F%2Fwww.nadir.it%2F&brwsr=3c848035-c54e-11ec-a12b-ddf5fc4c7138&brwsrsig=UKfVIL370VTg1Vu0NtWAAWMoTboQTC
50 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://skylum.evyy.net/i/1202540/1117826/3255?level=1&srcref=https%3A%2F%2Fwww.nadir.it%2F&brwsr=3c848035-c54e-11ec-a12b-ddf5fc4c7138&brwsrsig=UKfVIL370VTg1Vu0NtWAAWMoTboQTC
Requested by
Host: www.nadir.it
URL: https://www.nadir.it/
Protocol
H2
Server
34.96.99.245 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
245.99.96.34.bc.googleusercontent.com
Software
/
Resource Hash
ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.nadir.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 10:47:15 GMT
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50
expires
Tue, 26 Apr 2022 10:47:15 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Apr 2022 10:47:15 GMT
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
location
https://skylum.evyy.net/i/1202540/1117826/3255?level=1&srcref=https%3A%2F%2Fwww.nadir.it%2F&brwsr=3c848035-c54e-11ec-a12b-ddf5fc4c7138&brwsrsig=UKfVIL370VTg1Vu0NtWAAWMoTboQTC
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 26 Apr 2022 10:47:15 GMT
stilehomeweb.css
www.nadir.it/Scripts/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nadir.it/Scripts/stilehomeweb.css
Requested by
Host: www.nadir.it
URL: https://www.nadir.it/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
31.11.33.242 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
websn2s232.aruba.it
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
edba74769b09e29de847dcfcd6e042ee4e56f70a5037dca687e95d95bf7839c6

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.nadir.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 10:47:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Mar 2018 18:06:33 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"80da382c2dc5d31:0"
X-Aruba-Cache
NA
Vary
Accept-Encoding
Content-Type
text/css
X-Aruba2-Cache
NA
Accept-Ranges
bytes
Content-Length
2285
/
origin-cloudfront-app-wgfpbvbkqjpenk46.impact.com/gen-ad-code/1202540/1146808/3255/ Frame 0250
Redirect Chain
  • https://a.impactradius-go.com/gen-ad-code/1202540/1146808/3255/
  • https://origin-cloudfront-app-wgfpbvbkqjpenk46.impact.com/gen-ad-code/1202540/1146808/3255/
330 B
924 B 		Document
General
Check archive.org
Download Go to
Full URL
https://origin-cloudfront-app-wgfpbvbkqjpenk46.impact.com/gen-ad-code/1202540/1146808/3255/
Requested by
Host: www.nadir.it
URL: https://www.nadir.it/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.85.195.73 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
73.195.85.34.bc.googleusercontent.com
Software
/
Resource Hash
c6677347c534cb683ac25a40906582e2607812f61a71b0afacb7d5cbf828bba3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nadir.it/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Cache-Control
public, max-age=7200
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 26 Apr 2022 10:47:15 GMT
Expires
Tue, 26 Apr 2022 12:47:15 GMT
P3P
policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block

Redirect headers

age
59381
content-length
0
date
Mon, 25 Apr 2022 18:17:34 GMT
location
https://origin-cloudfront-app-wgfpbvbkqjpenk46.impact.com/gen-ad-code/1202540/1146808/3255/
server
AWSALB
via
1.1 f046bfa1468bb4385e357c8c9128cf50.cloudfront.net (CloudFront)
x-amz-cf-id
p6qnZwGYqol4c_a7Xy8RXxlqGKKy4kIZkCHzIuv3ylBNuy6Qer0PwA==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
urchin.js
www.google-analytics.com/ 		0
0
058463a0b160f0badd818a0afa5c6f2f.js
chs02.cookie-script.com/s/ 		0
0
7YGmE4Ls5b94ct65u07hVQLUuEpTyoUstqEm5AMlJo4.woff
fonts.gstatic.com/s/ptsans/v8/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v8/7YGmE4Ls5b94ct65u07hVQLUuEpTyoUstqEm5AMlJo4.woff
Requested by
Host: www.nadir.it
URL: https://www.nadir.it/Scripts/stilehome.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3d0820d0155b9ebaaa87db6f6eb8a9c4dfaec103ba5fb59caea41b49cfd7746
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nadir.it/
Origin
https://www.nadir.it
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 16:54:32 GMT
x-content-type-options
nosniff
age
582763
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20804
x-xss-protection
0
last-modified
Mon, 06 Oct 2014 20:37:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Apr 2023 16:54:32 GMT
0XxGQsSc1g4rdRdjJKZrNL3hpw3pgy2gAi-Ip7WPMi0.woff
fonts.gstatic.com/s/ptsans/v8/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v8/0XxGQsSc1g4rdRdjJKZrNL3hpw3pgy2gAi-Ip7WPMi0.woff
Requested by
Host: www.nadir.it
URL: https://www.nadir.it/Scripts/stilehome.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf3724747e7168ac6b4da8e1a862d21c786688fe357034a9c92bad88a238aeb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nadir.it/
Origin
https://www.nadir.it
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 23:54:54 GMT
x-content-type-options
nosniff
age
384741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24392
x-xss-protection
0
last-modified
Mon, 06 Oct 2014 20:39:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Apr 2023 23:54:54 GMT
3255-1146808
a.impactradius-go.com/display-ad/ Frame 0250 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.impactradius-go.com/display-ad/3255-1146808
Requested by
Host: origin-cloudfront-app-wgfpbvbkqjpenk46.impact.com
URL: https://origin-cloudfront-app-wgfpbvbkqjpenk46.impact.com/gen-ad-code/1202540/1146808/3255/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-54.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
38bb9a01e8380a5ab561ea718208c4ba412c5195a2a2cb4118124c07a4f09c43

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://origin-cloudfront-app-wgfpbvbkqjpenk46.impact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 10:47:17 GMT
via
1.1 f046bfa1468bb4385e357c8c9128cf50.cloudfront.net (CloudFront)
last-modified
Thu, 09 Sep 2021 14:17:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"07fa874f29214258dbe6e4d60d5522e1"
x-cache
RefreshHit from cloudfront
content-type
image/png
cache-control
public,max-age=900,s-maxage=600
accept-ranges
bytes
content-length
80787
x-amz-cf-id
ZJjH4q8RVVTA36ghPJJd6ITX0MhU0bSDwTMKQfuyH9yeZh70tKDbBg==
3255
skylum.evyy.net/i/1202540/1146808/ Frame 0250 		50 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://skylum.evyy.net/i/1202540/1146808/3255
Requested by
Host: origin-cloudfront-app-wgfpbvbkqjpenk46.impact.com
URL: https://origin-cloudfront-app-wgfpbvbkqjpenk46.impact.com/gen-ad-code/1202540/1146808/3255/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.99.245 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
245.99.96.34.bc.googleusercontent.com
Software
/
Resource Hash
ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://origin-cloudfront-app-wgfpbvbkqjpenk46.impact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 10:47:16 GMT
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50
expires
Tue, 26 Apr 2022 10:47:16 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google-analytics.com
URL
http://www.google-analytics.com/urchin.js
Domain
chs02.cookie-script.com
URL
http://chs02.cookie-script.com/s/058463a0b160f0badd818a0afa5c6f2f.js

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails string| _uacct

3 Cookies

Domain/Path Name / Value
.ojrq.net/ Name: brwsr
Value: 3c848035-c54e-11ec-a12b-ddf5fc4c7138
.evyy.net/ Name: brwsr
Value: 3c848035-c54e-11ec-a12b-ddf5fc4c7138
origin-cloudfront-app-wgfpbvbkqjpenk46.impact.com/ Name: IMPACT_MEMBER_SID
Value: 2659adf6-4d3a-4548-a6df-4269a7ddc7c3

2 Console Messages

Source Level URL
Text
security error URL: https://www.nadir.it/
Message:
Mixed Content: The page at 'https://www.nadir.it/' was loaded over HTTPS, but requested an insecure script 'http://www.google-analytics.com/urchin.js'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://www.nadir.it/
Message:
Mixed Content: The page at 'https://www.nadir.it/' was loaded over HTTPS, but requested an insecure script 'http://chs02.cookie-script.com/s/058463a0b160f0badd818a0afa5c6f2f.js'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.impactradius-go.com
chs02.cookie-script.com
fonts.gstatic.com
origin-cloudfront-app-wgfpbvbkqjpenk46.impact.com
skylum.evyy.net
www.google-analytics.com
www.nadir.it
www.ojrq.net
chs02.cookie-script.com
www.google-analytics.com
13.224.195.54
2a00:1450:4001:811::2003
31.11.33.242
34.85.195.73
34.95.127.121
34.96.99.245
0c9327971984ceb173afa22e165787b3446d1458995795ca8d833f85ddc88ac7
0e322e3c534d85c5fda413d11e268a1c65867109890a3358167fb598c9ef9d3f
13dda5ec0049f0d9bd08c9f7ed1fe80c50d6dd3850819b02b6584ea27ca6ffdc
13ec799f0c2ffe70856313c73021d223880af8a12530a2f480789dabf387bd77
2fdd02482b4adf150d57d45ba28380d71129b1c210a8748c4c97b2b9fc50b04b
38bb9a01e8380a5ab561ea718208c4ba412c5195a2a2cb4118124c07a4f09c43
3e04d10c32af745a6e98c85ea6722aab0617c691bd1be6e8847540e9730e3b71
5cd349e9c8df66c469cc1e3e8c63cd6c7cbffd22fde1b855dd3ea126a48a36c1
b6d8398a0fa7644565741c79adcd5330ade624bc1b027f24834e59312e6509e8
bf3724747e7168ac6b4da8e1a862d21c786688fe357034a9c92bad88a238aeb4
c6677347c534cb683ac25a40906582e2607812f61a71b0afacb7d5cbf828bba3
d3d0820d0155b9ebaaa87db6f6eb8a9c4dfaec103ba5fb59caea41b49cfd7746
d7cf824b98feb8290b44e95cbb9505f5fc4064ac22cbca90fade6e62beee7865
e21d26c92972fd96adf61653fb4e899b2ba5a6a6192917bf1629084802c20007
ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63
edba74769b09e29de847dcfcd6e042ee4e56f70a5037dca687e95d95bf7839c6