Report - www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/

Report Overview

Visited public
2024-01-09 14:56:39
Tags
Submit Tags
URL
www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/
Finishing URL
www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/
IP / ASN
104.21.71.228
#13335 CLOUDFLARENET
Title
Aruba.it - Control Panel Login

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp09.actalis.it	247887	2001-12-18	2018-05-09 14:27:08	2024-01-08 18:55:51	1.8 kB	12 kB	109.70.240.114
admin.aruba.it	unknown	1999-12-07	2015-09-07 09:36:38	2023-04-20 01:35:48	3.8 kB	34 kB	62.149.186.150
tracks.arubamediamarketing.it	unknown	2008-10-21	2012-07-12 19:10:52	2022-11-08 15:45:25	438 B	0 B	0.0.0.0
www.roleplaystar.com	unknown	unknown	No data	No data	539 B	13 kB	104.21.71.228
visual.arubamediamarketing.it	unknown	2008-10-21	2012-09-25 20:33:18	2017-12-13 10:36:13	901 B	0 B	0.0.0.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-01-09	medium	www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/	Aruba S.p.A.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (10)

	URL	From	Size	First Seen	Last Seen
	www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/	ScriptElement	539 B	2023-06-18	2024-08-20
Pretty URL www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/ IP 104.21.71.228 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-18 13:47 Last Seen2024-08-20 12:47 Times Seen2 Hash d3e55253aed5f02490a482e9223ffc67 824bd540fa578292478f29984886546c39b81dac 1f48dca4d95be41e5ed67e0cba24c6fd06a7d2b2ce620ff8b1c1db99e1f308b1 Loading...

	www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/	ScriptElement	747 B	2023-06-18	2024-08-20
Pretty URL www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/ IP 104.21.71.228 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-18 13:47 Last Seen2024-08-20 12:47 Times Seen2 Hash 0b7832a67c925771dd8b1439d2b182ff 1f8464af63392c78c74ff55e0ac344a614618df7 d4134ecb4ca35b0e4b1cce92ec9853647bbf6572c17221abb3a65b3d369a0380 Loading...

	admin.aruba.it/PannelloAdmin/javascript_cookies.js	ScriptElement	1.9 kB	2023-03-07	2024-08-20
Pretty URL admin.aruba.it/PannelloAdmin/javascript_cookies.js IP 62.149.186.150 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:08 Last Seen2024-08-20 12:47 Times Seen3 Hash 8954bd6615c51c218696f4cf860d2c7f 2e5d42512cd720e388c8ee9a74fbfc5ccb11ed7b 87de8401a3a5db02c8df9346fe330e9a725dbd987c60ae8a1935f07cc1a9acc0 Loading...

	www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/	ScriptElement	507 B	2023-06-18	2024-08-20
Pretty URL www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/ IP 104.21.71.228 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-18 13:47 Last Seen2024-08-20 12:47 Times Seen2 Hash cfce0d2fe0eb99e4ecdfad9d65380a9d 4e2a7141c6faec930a6fe90f18cde1ffd2d54848 1930b2569581def27e2ebba358fbeb444723eea019298b25f15008f2bb82f946 Loading...

	www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/	ScriptElement	39 B	2023-06-18	2024-08-20
Pretty URL www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/ IP 104.21.71.228 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-18 13:47 Last Seen2024-08-20 12:47 Times Seen2 Hash 0a3ba8e52449d7daa03f2404f835a0fd c74f48b346201e740db36d37d150cf1b8f355c29 aaa9ff8799bbecda591d0928da2dcf49fd5c529744d15070e9c5e693f12d4cbc Loading...

	www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/	ScriptElement	200 B	2023-06-18	2024-08-20
Pretty URL www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/ IP 104.21.71.228 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-18 13:47 Last Seen2024-08-20 12:47 Times Seen2 Hash 07cce20d0e451c461ceb54ca97615702 ae321bd5364b0a0b93756207b61033be57689af2 c651187cd58071532bfef317aef7c9bb44fc255329ccfef953ae42ebad1716ad Loading...

	www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/	ScriptElement	46 B	2023-06-18	2024-08-20
Pretty URL www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/ IP 104.21.71.228 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-18 13:47 Last Seen2024-08-20 12:47 Times Seen2 Hash b9544cbbe146bbf004a5deae0d4a3347 2f0b4dfd3147052786761459660eae2f21918981 abdd4acab00d59ba9a62fa5355b20d3c8bda7b8dd3554b60bb9d22e4a1c8e5fe Loading...

	www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/	ScriptElement	367 B	2023-06-18	2024-08-20
Pretty URL www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/ IP 104.21.71.228 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-18 13:47 Last Seen2024-08-20 12:47 Times Seen2 Hash 04cff66c428c761a4c1167ba43040d7a 52e72bac29ca57624d97347f7b6e56f3298b0108 c63d43a8d91e5c30fb5d4e5e2795c7ac28f1cf8d20cd9623f59bcb2e5117905a Loading...

	www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/	ScriptElement	59 B	2023-06-18	2024-08-20
Pretty URL www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/ IP 104.21.71.228 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-18 13:47 Last Seen2024-08-20 12:47 Times Seen2 Hash 64e3893ed7dda6c474059823da112169 5a4be1ddcb8509ed218f3a14928fae29dcec1020 af11530faf57d0f00b4787ac02527e0bc8fe0847076667d71eabc8cb10e2f3e7 Loading...

		Size	First Seen	Last Seen
	#1 Write - 07811dc6c422334ce36a09ff5cd6fe71	4 B	2023-03-11 11:15	2025-05-15 07:59
Pretty Observations First Seen2023-03-11 11:15 Last Seen2025-05-15 07:59 Times Seen7837 Hash 07811dc6c422334ce36a09ff5cd6fe71 7e79a3af2634de6635e59c9404d251b3955d39f9 6557739a67283a8de383fc5c0997fbec7c5721a46f28f3235fc9607598d9016b Loading...

HTTP Transactions (17)

URL IP Response Size

ocsp09.actalis.it/VA/AUTHOV-G3

109.70.240.114

2.0 kB

URL
ocsp09.actalis.it/VA/AUTHOV-G3
IP
109.70.240.114:0
ASN
#31034 Aruba S.p.A.

File type
data
Size
2.0 kB (2033 bytes)
Hash
6e002fd301f6c1719a80319bbfd8d0cd
195a0b04e328d2c804a98dfaad8f9cf6eaf69e56
e5ae8e56ddef1c18c78e8cd3ec3718e9da4e0d948f70fbc3dbafc9a0a5533835

HTTP Headers

POST /VA/AUTHOV-G3 HTTP/1.1
Host: ocsp09.actalis.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx
Date: Tue, 09 Jan 2024 14:56:15 GMT
Content-Type: application/ocsp-response
Content-Length: 2033
Connection: keep-alive
Last-Modified: Tue, 09 Jan 2024 13:42:23 GMT
Expires: Wed, 10 Jan 2024 13:42:22 GMT
ETag: "195a0b04e328d2c804a98dfaad8f9cf6eaf69e56"

ocsp09.actalis.it/VA/AUTHOV-G3

109.70.240.114

2.0 kB

URL
ocsp09.actalis.it/VA/AUTHOV-G3
IP
109.70.240.114:0
ASN
#31034 Aruba S.p.A.

File type
data
Size
2.0 kB (2033 bytes)
Hash
6e002fd301f6c1719a80319bbfd8d0cd
195a0b04e328d2c804a98dfaad8f9cf6eaf69e56
e5ae8e56ddef1c18c78e8cd3ec3718e9da4e0d948f70fbc3dbafc9a0a5533835

HTTP Headers

POST /VA/AUTHOV-G3 HTTP/1.1
Host: ocsp09.actalis.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx
Date: Tue, 09 Jan 2024 14:56:15 GMT
Content-Type: application/ocsp-response
Content-Length: 2033
Connection: keep-alive
Last-Modified: Tue, 09 Jan 2024 13:42:23 GMT
Expires: Wed, 10 Jan 2024 13:42:22 GMT
ETag: "195a0b04e328d2c804a98dfaad8f9cf6eaf69e56"

ocsp09.actalis.it/VA/AUTHOV-G3

109.70.240.114

2.0 kB

URL
ocsp09.actalis.it/VA/AUTHOV-G3
IP
109.70.240.114:0
ASN
#31034 Aruba S.p.A.

File type
data
Size
2.0 kB (2033 bytes)
Hash
6e002fd301f6c1719a80319bbfd8d0cd
195a0b04e328d2c804a98dfaad8f9cf6eaf69e56
e5ae8e56ddef1c18c78e8cd3ec3718e9da4e0d948f70fbc3dbafc9a0a5533835

HTTP Headers

POST /VA/AUTHOV-G3 HTTP/1.1
Host: ocsp09.actalis.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx
Date: Tue, 09 Jan 2024 14:56:15 GMT
Content-Type: application/ocsp-response
Content-Length: 2033
Connection: keep-alive
Last-Modified: Tue, 09 Jan 2024 13:42:23 GMT
Expires: Wed, 10 Jan 2024 13:42:22 GMT
ETag: "195a0b04e328d2c804a98dfaad8f9cf6eaf69e56"

ocsp09.actalis.it/VA/AUTHOV-G3

109.70.240.114

2.0 kB

URL
ocsp09.actalis.it/VA/AUTHOV-G3
IP
109.70.240.114:0
ASN
#31034 Aruba S.p.A.

File type
data
Size
2.0 kB (2033 bytes)
Hash
6e002fd301f6c1719a80319bbfd8d0cd
195a0b04e328d2c804a98dfaad8f9cf6eaf69e56
e5ae8e56ddef1c18c78e8cd3ec3718e9da4e0d948f70fbc3dbafc9a0a5533835

HTTP Headers

POST /VA/AUTHOV-G3 HTTP/1.1
Host: ocsp09.actalis.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx
Date: Tue, 09 Jan 2024 14:56:15 GMT
Content-Type: application/ocsp-response
Content-Length: 2033
Connection: keep-alive
Last-Modified: Tue, 09 Jan 2024 13:42:23 GMT
Expires: Wed, 10 Jan 2024 13:42:22 GMT
ETag: "195a0b04e328d2c804a98dfaad8f9cf6eaf69e56"

GET admin.aruba.it/PannelloAdmin/javascript_cookies.js

62.149.186.150

200 OK

1.9 kB

URL GET HTTP/1.1
admin.aruba.it/PannelloAdmin/javascript_cookies.js
IP
62.149.186.150:443
ASN
#31034 Aruba S.p.A.

Requested by
https://www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/
Certificate
IssuerActalis S.p.A.
Subjectadmin.aruba.it
Fingerprint98:85:2E:CD:B3:A3:84:B2:8E:4E:7E:BB:ED:03:93:BB:4B:52:76:A6
ValidityMon, 18 Dec 2023 12:16:24 GMT - Wed, 18 Dec 2024 12:16:24 GMT

File type
ASCII text, with CRLF line terminators
Size
1.9 kB (1922 bytes)
Hash
8954bd6615c51c218696f4cf860d2c7f
2e5d42512cd720e388c8ee9a74fbfc5ccb11ed7b
87de8401a3a5db02c8df9346fe330e9a725dbd987c60ae8a1935f07cc1a9acc0

HTTP Headers

GET /PannelloAdmin/javascript_cookies.js HTTP/1.1
Host: admin.aruba.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.roleplaystar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Tue, 02 Jan 2024 08:45:06 GMT
Accept-Ranges: bytes
ETag: "095fdfb573dda1:0"
Referrer-Policy: strict-origin-when-cross-origin
Content-Security-Policy: script-src 'self' https://www.google.com/  https://bs.serving-sys.com  https://www.googletagmanager.com  https://www.gstatic.com  https://secure-ds.serving-sys.com  https://consent.cookiebot.com  https://w.usabilla.com  https://consentcdn.cookiebot.com  https://d6tizftlrpuof.cloudfront.net  *.usabilla.com 'unsafe-inline' 'unsafe-eval'; frame-src https://www.google.com/  https://www.googletagmanager.com  https://consentcdn.cookiebot.com/  https://admin.aruba.it  https://d6tizftlrpuof.cloudfront.net/  *.usabilla.com
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age: 31536000
Server: 
Date: Tue, 09 Jan 2024 14:56:14 GMT
Content-Length: 1922
Set-Cookie: cookiesession1=678B2875AD074A4DD57D8CEC4FE1C417;Expires=Wed, 08 Jan 2025 14:56:15 GMT;Path=/;HttpOnly

ocsp09.actalis.it/VA/AUTHOV-G3

109.70.240.114

2.0 kB

URL
ocsp09.actalis.it/VA/AUTHOV-G3
IP
109.70.240.114:0
ASN
#31034 Aruba S.p.A.

File type
data
Size
2.0 kB (2033 bytes)
Hash
6e002fd301f6c1719a80319bbfd8d0cd
195a0b04e328d2c804a98dfaad8f9cf6eaf69e56
e5ae8e56ddef1c18c78e8cd3ec3718e9da4e0d948f70fbc3dbafc9a0a5533835

HTTP Headers

POST /VA/AUTHOV-G3 HTTP/1.1
Host: ocsp09.actalis.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Server: nginx
Date: Tue, 09 Jan 2024 14:56:15 GMT
Content-Type: application/ocsp-response
Content-Length: 2033
Connection: keep-alive
Last-Modified: Tue, 09 Jan 2024 13:42:23 GMT
Expires: Wed, 10 Jan 2024 13:42:22 GMT
ETag: "195a0b04e328d2c804a98dfaad8f9cf6eaf69e56"

GET admin.aruba.it/PannelloAdmin/Login.css?v1.0

62.149.186.150

200 OK

6.2 kB

URL GET HTTP/1.1
admin.aruba.it/PannelloAdmin/Login.css?v1.0
IP
62.149.186.150:443
ASN
#31034 Aruba S.p.A.

Requested by
https://www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/
Certificate
IssuerActalis S.p.A.
Subjectadmin.aruba.it
Fingerprint98:85:2E:CD:B3:A3:84:B2:8E:4E:7E:BB:ED:03:93:BB:4B:52:76:A6
ValidityMon, 18 Dec 2023 12:16:24 GMT - Wed, 18 Dec 2024 12:16:24 GMT

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (336), with CRLF line terminators
Size
6.2 kB (6158 bytes)
Hash
e63a3bea3a2ec693569ac1b2b8e1fa6e
3b809364c6a4e8aa6a2b7355c27a52fbb0cfbe40
f8b91f58d7ad71df18e4ce020eb61ef53f38fb407fa23610c544c91a994726cb

HTTP Headers

GET /PannelloAdmin/Login.css?v1.0 HTTP/1.1
Host: admin.aruba.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.roleplaystar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Tue, 02 Jan 2024 08:45:06 GMT
Accept-Ranges: bytes
ETag: "095fdfb573dda1:0"
Vary: Accept-Encoding
Referrer-Policy: strict-origin-when-cross-origin
Content-Security-Policy: script-src 'self' https://www.google.com/  https://bs.serving-sys.com  https://www.googletagmanager.com  https://www.gstatic.com  https://secure-ds.serving-sys.com  https://consent.cookiebot.com  https://w.usabilla.com  https://consentcdn.cookiebot.com  https://d6tizftlrpuof.cloudfront.net  *.usabilla.com 'unsafe-inline' 'unsafe-eval'; frame-src https://www.google.com/  https://www.googletagmanager.com  https://consentcdn.cookiebot.com/  https://admin.aruba.it  https://d6tizftlrpuof.cloudfront.net/  *.usabilla.com
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age: 31536000
Server: 
Date: Tue, 09 Jan 2024 14:56:14 GMT
Content-Length: 6158
Set-Cookie: cookiesession1=678B2875B6C72C6681E4EC9369713E3A;Expires=Wed, 08 Jan 2025 14:56:15 GMT;Path=/;HttpOnly

GET admin.aruba.it/PannelloAdmin/image_pannello_controllo/imgHaiPersoDati.png

62.149.186.150

200 OK

775 B

URL GET HTTP/1.1
admin.aruba.it/PannelloAdmin/image_pannello_controllo/imgHaiPersoDati.png
IP
62.149.186.150:443
ASN
#31034 Aruba S.p.A.

Requested by
https://www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/
Certificate
IssuerActalis S.p.A.
Subjectadmin.aruba.it
Fingerprint98:85:2E:CD:B3:A3:84:B2:8E:4E:7E:BB:ED:03:93:BB:4B:52:76:A6
ValidityMon, 18 Dec 2023 12:16:24 GMT - Wed, 18 Dec 2024 12:16:24 GMT

File type
PNG image data, 28 x 20, 8-bit/color RGB, non-interlaced
Size
775 B (775 bytes)
Hash
7f90fe7fc1f83e228ef93139de982bb9
f0dda8e5d43f8d510ba4cdec8ec93c41074758e2
8ab2d4dd46d9a7d2997be422628f891222a304e1b0c9bed486129ae6f0f9eb96

HTTP Headers

GET /PannelloAdmin/image_pannello_controllo/imgHaiPersoDati.png HTTP/1.1
Host: admin.aruba.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.roleplaystar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 02 Jan 2024 08:45:06 GMT
Accept-Ranges: bytes
ETag: "095fdfb573dda1:0"
Referrer-Policy: strict-origin-when-cross-origin
Content-Security-Policy: script-src 'self' https://www.google.com/  https://bs.serving-sys.com  https://www.googletagmanager.com  https://www.gstatic.com  https://secure-ds.serving-sys.com  https://consent.cookiebot.com  https://w.usabilla.com  https://consentcdn.cookiebot.com  https://d6tizftlrpuof.cloudfront.net  *.usabilla.com 'unsafe-inline' 'unsafe-eval'; frame-src https://www.google.com/  https://www.googletagmanager.com  https://consentcdn.cookiebot.com/  https://admin.aruba.it  https://d6tizftlrpuof.cloudfront.net/  *.usabilla.com
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age: 31536000
Server: 
Date: Tue, 09 Jan 2024 14:56:14 GMT
Content-Length: 775

GET admin.aruba.it/PannelloAdmin/image_pannello_controllo/imgCaratteristicheAccesso.png

62.149.186.150

200 OK

508 B

URL GET HTTP/1.1
admin.aruba.it/PannelloAdmin/image_pannello_controllo/imgCaratteristicheAccesso.png
IP
62.149.186.150:443
ASN
#31034 Aruba S.p.A.

Requested by
https://www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/
Certificate
IssuerActalis S.p.A.
Subjectadmin.aruba.it
Fingerprint98:85:2E:CD:B3:A3:84:B2:8E:4E:7E:BB:ED:03:93:BB:4B:52:76:A6
ValidityMon, 18 Dec 2023 12:16:24 GMT - Wed, 18 Dec 2024 12:16:24 GMT

File type
PNG image data, 15 x 16, 8-bit/color RGB, non-interlaced
Size
508 B (508 bytes)
Hash
501464def9b43193ddea8a21014e9f69
9e0853851361cafb75f72193a33ac53b27a29ddd
b1adb27a5e38c7bbbfd8712b4103eb8e405d2bca562e600c7787a214be6c99e9

HTTP Headers

GET /PannelloAdmin/image_pannello_controllo/imgCaratteristicheAccesso.png HTTP/1.1
Host: admin.aruba.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.roleplaystar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 02 Jan 2024 08:45:06 GMT
Accept-Ranges: bytes
ETag: "095fdfb573dda1:0"
Referrer-Policy: strict-origin-when-cross-origin
Content-Security-Policy: script-src 'self' https://www.google.com/  https://bs.serving-sys.com  https://www.googletagmanager.com  https://www.gstatic.com  https://secure-ds.serving-sys.com  https://consent.cookiebot.com  https://w.usabilla.com  https://consentcdn.cookiebot.com  https://d6tizftlrpuof.cloudfront.net  *.usabilla.com 'unsafe-inline' 'unsafe-eval'; frame-src https://www.google.com/  https://www.googletagmanager.com  https://consentcdn.cookiebot.com/  https://admin.aruba.it  https://d6tizftlrpuof.cloudfront.net/  *.usabilla.com
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age: 31536000
Server: 
Date: Tue, 09 Jan 2024 14:56:14 GMT
Content-Length: 508
Set-Cookie: cookiesession1=678B2875371AEED79871DCD320584D09;Expires=Wed, 08 Jan 2025 14:56:15 GMT;Path=/;HttpOnly

GET admin.aruba.it/PannelloAdmin/image_pannello_controllo/arrox_previous.png

62.149.186.150

200 OK

338 B

URL GET HTTP/1.1
admin.aruba.it/PannelloAdmin/image_pannello_controllo/arrox_previous.png
IP
62.149.186.150:443
ASN
#31034 Aruba S.p.A.

Requested by
https://www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/
Certificate
IssuerActalis S.p.A.
Subjectadmin.aruba.it
Fingerprint98:85:2E:CD:B3:A3:84:B2:8E:4E:7E:BB:ED:03:93:BB:4B:52:76:A6
ValidityMon, 18 Dec 2023 12:16:24 GMT - Wed, 18 Dec 2024 12:16:24 GMT

File type
PNG image data, 12 x 13, 8-bit/color RGBA, non-interlaced
Size
338 B (338 bytes)
Hash
ac0588b3ffa41829501d074b8937450e
8597566ad8495fa7ffca431d44f3589af2c53c46
399db74019a306cb82125431dbbb99137dffa0669d9b84b3cd4dded32b438f5d

HTTP Headers

GET /PannelloAdmin/image_pannello_controllo/arrox_previous.png HTTP/1.1
Host: admin.aruba.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.roleplaystar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 02 Jan 2024 08:45:08 GMT
Accept-Ranges: bytes
ETag: "0c22efd573dda1:0"
Referrer-Policy: strict-origin-when-cross-origin
Content-Security-Policy: script-src 'self' https://www.google.com/  https://bs.serving-sys.com  https://www.googletagmanager.com  https://www.gstatic.com  https://secure-ds.serving-sys.com  https://consent.cookiebot.com  https://w.usabilla.com  https://consentcdn.cookiebot.com  https://d6tizftlrpuof.cloudfront.net  *.usabilla.com 'unsafe-inline' 'unsafe-eval'; frame-src https://www.google.com/  https://www.googletagmanager.com  https://consentcdn.cookiebot.com/  https://admin.aruba.it  https://d6tizftlrpuof.cloudfront.net/  *.usabilla.com
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age: 31536000
Server: 
Date: Tue, 09 Jan 2024 14:56:14 GMT
Content-Length: 338
Set-Cookie: cookiesession1=678B28758D6DB29205F77FA7AA0E4421;Expires=Wed, 08 Jan 2025 14:56:15 GMT;Path=/;HttpOnly

GET admin.aruba.it/PannelloAdmin/UI/Images/general_tmpl/logo_aruba.png

62.149.186.150

200 OK

9.4 kB

URL GET HTTP/1.1
admin.aruba.it/PannelloAdmin/UI/Images/general_tmpl/logo_aruba.png
IP
62.149.186.150:443
ASN
#31034 Aruba S.p.A.

Requested by
https://www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/
Certificate
IssuerActalis S.p.A.
Subjectadmin.aruba.it
Fingerprint98:85:2E:CD:B3:A3:84:B2:8E:4E:7E:BB:ED:03:93:BB:4B:52:76:A6
ValidityMon, 18 Dec 2023 12:16:24 GMT - Wed, 18 Dec 2024 12:16:24 GMT

File type
PNG image data, 130 x 60, 8-bit/color RGBA, non-interlaced
Size
9.4 kB (9433 bytes)
Hash
293972d6d0172b149470aaa3e9c46438
27f27f7f672a0f41db7f261626a074e1a9e33e65
2b5da352f8cac1ec98ed11f27d0d4661aac2f6473096a11bbeb636d34fd20e67

HTTP Headers

GET /PannelloAdmin/UI/Images/general_tmpl/logo_aruba.png HTTP/1.1
Host: admin.aruba.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.roleplaystar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 02 Jan 2024 08:44:58 GMT
Accept-Ranges: bytes
ETag: "0e138f7573dda1:0"
Referrer-Policy: strict-origin-when-cross-origin
Content-Security-Policy: script-src 'self' https://www.google.com/  https://bs.serving-sys.com  https://www.googletagmanager.com  https://www.gstatic.com  https://secure-ds.serving-sys.com  https://consent.cookiebot.com  https://w.usabilla.com  https://consentcdn.cookiebot.com  https://d6tizftlrpuof.cloudfront.net  *.usabilla.com 'unsafe-inline' 'unsafe-eval'; frame-src https://www.google.com/  https://www.googletagmanager.com  https://consentcdn.cookiebot.com/  https://admin.aruba.it  https://d6tizftlrpuof.cloudfront.net/  *.usabilla.com
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age: 31536000
Server: 
Date: Tue, 09 Jan 2024 14:56:14 GMT
Content-Length: 9433
Set-Cookie: cookiesession1=678B28751C43F6D1FFE04F3A65090AE3;Expires=Wed, 08 Jan 2025 14:56:15 GMT;Path=/;HttpOnly

GET admin.aruba.it/PannelloAdmin/image_pannello_controllo/PannelloControlloBottomLogo.png

62.149.186.150

200 OK

6.6 kB

URL GET HTTP/1.1
admin.aruba.it/PannelloAdmin/image_pannello_controllo/PannelloControlloBottomLogo.png
IP
62.149.186.150:443
ASN
#31034 Aruba S.p.A.

Requested by
https://www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/
Certificate
IssuerActalis S.p.A.
Subjectadmin.aruba.it
Fingerprint98:85:2E:CD:B3:A3:84:B2:8E:4E:7E:BB:ED:03:93:BB:4B:52:76:A6
ValidityMon, 18 Dec 2023 12:16:24 GMT - Wed, 18 Dec 2024 12:16:24 GMT

File type
PNG image data, 438 x 58, 8-bit/color RGBA, non-interlaced
Size
6.6 kB (6604 bytes)
Hash
b38d972124e5b7aef8dcce3075a7a995
1b3023fe91de72cc62cb559c04f5d5b937b060c9
336a136d1ec7b4f2fa42ebaf724293a544b0451fa6b254778d59672d49a1ac12

HTTP Headers

GET /PannelloAdmin/image_pannello_controllo/PannelloControlloBottomLogo.png HTTP/1.1
Host: admin.aruba.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://admin.aruba.it/PannelloAdmin/Login.css?v1.0
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 02 Jan 2024 08:45:06 GMT
Accept-Ranges: bytes
ETag: "095fdfb573dda1:0"
Referrer-Policy: strict-origin-when-cross-origin
Content-Security-Policy: script-src 'self' https://www.google.com/  https://bs.serving-sys.com  https://www.googletagmanager.com  https://www.gstatic.com  https://secure-ds.serving-sys.com  https://consent.cookiebot.com  https://w.usabilla.com  https://consentcdn.cookiebot.com  https://d6tizftlrpuof.cloudfront.net  *.usabilla.com 'unsafe-inline' 'unsafe-eval'; frame-src https://www.google.com/  https://www.googletagmanager.com  https://consentcdn.cookiebot.com/  https://admin.aruba.it  https://d6tizftlrpuof.cloudfront.net/  *.usabilla.com
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age: 31536000
Server: 
Date: Tue, 09 Jan 2024 14:56:14 GMT
Content-Length: 6604

GET admin.aruba.it/favicon.ico

62.149.186.150

200 OK

1.2 kB

URL GET HTTP/1.1
admin.aruba.it/favicon.ico
IP
62.149.186.150:443
ASN
#31034 Aruba S.p.A.

Requested by
https://www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/
Certificate
IssuerActalis S.p.A.
Subjectadmin.aruba.it
Fingerprint98:85:2E:CD:B3:A3:84:B2:8E:4E:7E:BB:ED:03:93:BB:4B:52:76:A6
ValidityMon, 18 Dec 2023 12:16:24 GMT - Wed, 18 Dec 2024 12:16:24 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
970e20690c60be0d29f7e73d460a439a
6f628503746a626b57012b04c9bf1abdb6358b6f
6621791b5520d1aed94fbd6a3d70518ade1c5185714c9801936fd5481a6e40ab

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: admin.aruba.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.roleplaystar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/x-icon
Last-Modified: Tue, 29 Jun 2021 11:44:18 GMT
Accept-Ranges: bytes
ETag: "0d5e117dc6cd71:0"
Server: 
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age: 31536000
Date: Tue, 09 Jan 2024 14:56:17 GMT
Content-Length: 1150

GET tracks.arubamediamarketing.it/track/tsends.js

0.0.0.0

0 B

URL GET
tracks.arubamediamarketing.it/track/tsends.js
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /track/tsends.js HTTP/1.1
Host: tracks.arubamediamarketing.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.roleplaystar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/

104.21.71.228

200 OK

12 kB

URL User Request GET HTTP/2
www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/
IP
104.21.71.228:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectroleplaystar.com
Fingerprint71:28:19:3F:9F:77:29:2D:E5:CA:F7:BB:12:75:94:61:F7:3C:09:DF
ValidityWed, 22 Nov 2023 06:28:58 GMT - Tue, 20 Feb 2024 06:28:57 GMT

File type
HTML document, ASCII text
Size
12 kB (12197 bytes)
Hash
fc8954c3fb7d1ca7aa3f9722a181104e
1fa5875c576f7c35539841b49d7aa3bee92e9860
3d912661ba3ad025316d67f4028bd112c028ca01bc4ab4954b2b37aad36b3b0e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Aruba S.p.A.

HTTP Headers

GET /wp-content3/themes/twentytwentythree/styles/aruba/ HTTP/1.1
Host: www.roleplaystar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 09 Jan 2024 14:56:14 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2FwDFfbL4SjAKeoBpYdwITIkbwT0WEeqLvCpQTiIWAT3cMWMb1b0ySLZjpYez2aB2PAOigz1XKp4JD1B6UrmdCvmH80bwI9jvQP2af15dj7lV6G5Jc3dfr30Ob%2FAW3IG3zDaRR974w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 842d86971dac56b9-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET visual.arubamediamarketing.it/cjs/59b1da0be8266e06e6a75a5d0f2aa14d.js

0.0.0.0

0 B

URL GET
visual.arubamediamarketing.it/cjs/59b1da0be8266e06e6a75a5d0f2aa14d.js
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cjs/59b1da0be8266e06e6a75a5d0f2aa14d.js HTTP/1.1
Host: visual.arubamediamarketing.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.roleplaystar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET visual.arubamediamarketing.it/track/include.js

0.0.0.0

0 B

URL GET
visual.arubamediamarketing.it/track/include.js
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.roleplaystar.com/wp-content3/themes/twentytwentythree/styles/aruba/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /track/include.js HTTP/1.1
Host: visual.arubamediamarketing.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.roleplaystar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (17)

URL