k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net Open in urlscan Pro
13.225.78.98  Malicious Activity! Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://residencemiramare.it/indexe/indexba.html Page URL
2. https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/V31IMqcU1HQgMqrMrRrJtxyiFuvcsqkT7d8FNbyX04Y?msg= Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	indexba.html Show response residencemiramare.it/indexe/	2 KB 1 KB	325ms 30ms	Document text/html	185.81.0.95 SERVERPLAN-AS
General Check archive.org Show headers Download Go to Full URL https://residencemiramare.it/indexe/indexba.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.81.0.95 Rome, Italy, ASN52030 (SERVERPLAN-AS, IT), Reverse DNS mizar.dnshigh.com Software Apache / WP Rocket/3.8.8 Resource Hash 1369f6ad1558ff847ca9643d52f3161bd5ab9e4e497b02d2ffa82a6dc60aa3af Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language it-IT,it;q=0.9 Response headers accept-ranges bytes cache-control max-age=0, public content-encoding gzip content-length 985 content-type text/html; charset=UTF-8 date Mon, 30 Jan 2023 07:15:23 GMT expires Mon, 30 Jan 2023 07:15:23 GMT server Apache vary Accept,Accept-Encoding x-powered-by WP Rocket/3.8.8
GET H2	200	jquery-3.2.1.slim.min.js Show response code.jquery.com/	68 KB 24 KB	71ms 18ms	Script application/javascript	2001:4de0:ac18::1:a:2a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.2.1.slim.min.js Requested by Host: residencemiramare.it URL: https://residencemiramare.it/indexe/indexba.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398 Request headers Referer https://residencemiramare.it/ Origin https://residencemiramare.it accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 07:15:23 GMT content-encoding gzip x-sp-metadata HS256.CJv53Z4GEo0BCiQxZjE0OTE2OC0yN2I5LTQ0OGQtODZjZS1hOTBkMTUyZjEyYzIQ+OiCoKvU+wIaBgiL3d2eBiISMjAwMTphYzg6MjQ6NDQ6OjE5KNzHAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkZGZmN2E1NWMtOTQ5NC00ODdlLTk0MGUtZmUyMjY5ZDBlNzg5GLC6ASIYCAISFGNkczIwOS5tbDEuaHdjZG4ubmV0.kqQUSZMLidWJ0VtiDgmvCd9Wdbx68mKw/5kEafVAvQs= last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx etag W/"28feccc0-10fdd" vary Accept-Encoding x-hw 1675062923.dop033.ml1.t,1675062923.cds210.ml1.hn,1675062923.cds209.ml1.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 23856
GET H2	200	popper.min.js Show response cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/	19 KB 7 KB	61ms 25ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js Requested by Host: residencemiramare.it URL: https://residencemiramare.it/indexe/indexba.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://residencemiramare.it/ Origin https://residencemiramare.it accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 07:15:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 909532 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 6157 last-modified Mon, 04 May 2020 16:15:37 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fa9-4af4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Tt0h4WS6jtJDLm8JE3vdcY%2BSZJWt60%2B46KKhyEcVTmkG4CLEf7QzH7E%2BeAMdKuj7Z9u%2BSSo0so%2FXECSC2U5DwtCyqLMKqTY9v8l03rrknzrw3Sjj2k7l3aHN47pmYq4HLCFl%2FO%2BJi%2FicvnxGlmoW4%2BX"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 79186a8a9bf659e9-MXP expires Sat, 20 Jan 2024 07:15:23 GMT
GET H2	200	bootstrap.min.js Show response maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/	48 KB 14 KB	89ms 48ms	Script application/javascript	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js Requested by Host: residencemiramare.it URL: https://residencemiramare.it/indexe/indexba.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://residencemiramare.it/ Origin https://residencemiramare.it accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 07:15:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS content-encoding br cdn-edgestorageid 865 cdn-cachedat 11/25/2022 23:23:38 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:04 GMT cdn-proxyver 1.03 cdn-requestpullcode 200 server cloudflare etag W/"14d449eb8876fa55e1ef3c2cc52b0c17" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 01f218c5acd3d4ba58ebf087a2cfd856 timing-allow-origin * cdn-requestcountrycode DE cdn-status 200 cf-ray 79186a8aacfdbacd-MXP cdn-requestpullsuccess True
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.2.4/	84 KB 30 KB	140ms 39ms	Script text/javascript	2a00:1450:400d:80a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js Requested by Host: residencemiramare.it URL: https://residencemiramare.it/indexe/indexba.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://residencemiramare.it/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 23 Jan 2023 15:22:58 GMT content-encoding gzip x-content-type-options nosniff age 575546 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30028 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Tue, 23 Jan 2024 15:22:58 GMT
GET H2	200	bootstrap.min.js Show response stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/	50 KB 15 KB	66ms 26ms	Script application/javascript	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js Requested by Host: residencemiramare.it URL: https://residencemiramare.it/indexe/indexba.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://residencemiramare.it/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 07:15:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 723, 617, 617 age 14214540 cdn-cachedat 2021-07-24 10:52:10 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:06 GMT server cloudflare cdn-requestpullcode 200 vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid c60073e21cbf9fb14834b984d87d67f4 timing-allow-origin * cdn-requestcountrycode EG cdn-status 200 cf-ray 79186a8aaa313745-MXP cdn-requestpullsuccess True
GET H2	200	jquery.session.min.js Show response cdn.jsdelivr.net/npm/jquery.session@1.0.0/	2 KB 1 KB	67ms 16ms	Script application/javascript	2a04:4e42:600::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/jquery.session@1.0.0/jquery.session.min.js Requested by Host: residencemiramare.it URL: https://residencemiramare.it/indexe/indexba.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 76ad6584ac5bdd459939dc7532fae7c2bdd8e22d773ff16d2306f42a1ffc569c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://residencemiramare.it/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 30 Jan 2023 07:15:23 GMT x-content-type-options nosniff content-encoding gzip age 4749188 x-jsd-version 1.0.0 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 933 x-served-by cache-fra-eddf8230128-FRA, cache-mxp6946-MXP x-jsd-version-type version etag W/"91d-mUGbC+S4VCL/hIcOVNvYpS3G2rE" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	Primary Request V31IMqcU1HQgMqrMrRrJtxyiFuvcsqkT7d8FNbyX04Y Show response k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/	15 KB 4 KB	111ms 34ms	Document text/html	13.225.78.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/V31IMqcU1HQgMqrMrRrJtxyiFuvcsqkT7d8FNbyX04Y?msg= Requested by Host: residencemiramare.it URL: https://residencemiramare.it/indexe/indexba.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.98 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-98.fra2.r.cloudfront.net Software / Resource Hash 7b793906da431d0a5182e51329e2b439a0a2ced875643cf67cd44d57dcdca096 Request headers Referer https://residencemiramare.it/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language it-IT,it;q=0.9 Response headers age 29893 cache-control public,must-revalidate,max-age=2592000 content-encoding br content-type text/html; charset=utf-8 date Sun, 29 Jan 2023 22:57:12 GMT vary Accept-Encoding Origin via 1.1 ac0e9b19969df989a920e6d1b834d008.cloudfront.net (CloudFront) x-amz-cf-id bPe-8_A3WezlPEAIKmySOVVvqfw0xNo5TM_JmcgVLn1kJLffgwYUIw== x-amz-cf-pop FRA2-C2 x-cache Hit from cloudfront x-trace OOopgyLMMZ
GET H2	200	css fonts.googleapis.com/	2 KB 824 B	101ms 35ms	Stylesheet text/css	2a00:1450:4001:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:300,400,700&subset=latin,latin-ext Requested by Host: k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net URL: https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/V31IMqcU1HQgMqrMrRrJtxyiFuvcsqkT7d8FNbyX04Y?msg= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash fee2feda388d361fde02b5b7a1aaa02f7f43db6777b9c97d106d37f4b76c938d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 30 Jan 2023 07:15:25 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 30 Jan 2023 06:19:27 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 30 Jan 2023 07:15:25 GMT
GET H2	200	login.css webmail.aruba.it/web_imgs/login/css/	15 KB 4 KB	157ms 67ms	Stylesheet text/css	62.149.158.90 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://webmail.aruba.it/web_imgs/login/css/login.css?_v_=v4r2b65pl4.20210517_1745 Requested by Host: k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net URL: https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/V31IMqcU1HQgMqrMrRrJtxyiFuvcsqkT7d8FNbyX04Y?msg= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.149.158.90 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webmaildomini.aruba.it Software openresty / Resource Hash a87e5df6e43be901cc49387f945b55ab3f971722ee67b41fe1462768502f9eff Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language it-IT,it;q=0.9 Referer https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 07:15:25 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff content-security-policy frame-ancestors 'self' content-encoding gzip x-fe webxmaildh15.ad.aruba.it x-xss-protection 1; mode=block last-modified Tue, 20 Dec 2022 14:55:35 GMT server openresty etag W/"3c85-5f043a0d26cb1" vary Accept-Encoding x-frame-options SAMEORIGIN, SAMEORIGIN content-type text/css access-control-allow-origin * access-control-allow-methods GET, POST access-control-max-age 1000 access-control-allow-headers Content-Type, Authorization, X-Requested-With
GET H2	200	dojo.js Show response webmail.aruba.it/javascript/startup/dojo/dojo/	88 KB 31 KB	138ms 49ms	Script application/javascript	62.149.158.90 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://webmail.aruba.it/javascript/startup/dojo/dojo/dojo.js?_v_=v4r2b65pl4.20210517_1745 Requested by Host: k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net URL: https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/V31IMqcU1HQgMqrMrRrJtxyiFuvcsqkT7d8FNbyX04Y?msg= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.149.158.90 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webmaildomini.aruba.it Software openresty / Resource Hash 7afc9948fd7de6f923f7b2487c245bc616942cdce31d0e348a59dc28f6d7404f Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language it-IT,it;q=0.9 Referer https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 07:15:25 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff content-security-policy frame-ancestors 'self' content-encoding gzip x-fe webxmaildh15.ad.aruba.it x-xss-protection 1; mode=block last-modified Tue, 20 Dec 2022 14:50:18 GMT server openresty etag W/"161cc-5f0438df06319" vary Accept-Encoding x-frame-options SAMEORIGIN, SAMEORIGIN content-type application/javascript access-control-allow-origin * access-control-allow-methods GET, POST access-control-max-age 1000 access-control-allow-headers Content-Type, Authorization, X-Requested-With
GET H2	200	login.js Show response webmail.aruba.it/ext_aruba/js/	21 KB 7 KB	157ms 68ms	Script application/javascript	62.149.158.90 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://webmail.aruba.it/ext_aruba/js/login.js?_v_=v4r2b65pl4.20210517_1745 Requested by Host: k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net URL: https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/V31IMqcU1HQgMqrMrRrJtxyiFuvcsqkT7d8FNbyX04Y?msg= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.149.158.90 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webmaildomini.aruba.it Software openresty / Resource Hash 97b3b0e14b669688fce8aca98cc6da6333948aa8df90cb425a55339b17aba2e3 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language it-IT,it;q=0.9 Referer https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 07:15:25 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff content-security-policy frame-ancestors 'self' content-encoding gzip x-fe webxmaildh15.ad.aruba.it x-xss-protection 1; mode=block last-modified Tue, 20 Dec 2022 14:55:38 GMT server openresty etag W/"53a1-5f043a1089fab" vary Accept-Encoding x-frame-options SAMEORIGIN, SAMEORIGIN content-type application/javascript access-control-allow-origin * access-control-allow-methods GET, POST access-control-max-age 1000 access-control-allow-headers Content-Type, Authorization, X-Requested-With
GET H2	200	aes.js Show response webmail.aruba.it/ext_aruba/js/	13 KB 5 KB	116ms 27ms	Script application/javascript	62.149.158.90 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://webmail.aruba.it/ext_aruba/js/aes.js?_v_=v4r2b65pl4.20210517_1745 Requested by Host: k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net URL: https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/V31IMqcU1HQgMqrMrRrJtxyiFuvcsqkT7d8FNbyX04Y?msg= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.149.158.90 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webmaildomini.aruba.it Software openresty / Resource Hash fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language it-IT,it;q=0.9 Referer https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 07:15:25 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff content-security-policy frame-ancestors 'self' content-encoding gzip x-fe webxmaildh15.ad.aruba.it x-xss-protection 1; mode=block last-modified Tue, 20 Dec 2022 14:55:37 GMT server openresty etag W/"3430-5f043a0fd8bbc" vary Accept-Encoding x-frame-options SAMEORIGIN, SAMEORIGIN content-type application/javascript access-control-allow-origin * access-control-allow-methods GET, POST access-control-max-age 1000 access-control-allow-headers Content-Type, Authorization, X-Requested-With
GET H2	200	ads.js Show response webmail.aruba.it/layout/js/	118 B 568 B	154ms 65ms	Script application/javascript	62.149.158.90 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://webmail.aruba.it/layout/js/ads.js?_v_=v4r2b65pl4.20210517_1745 Requested by Host: k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net URL: https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/V31IMqcU1HQgMqrMrRrJtxyiFuvcsqkT7d8FNbyX04Y?msg= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.149.158.90 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webmaildomini.aruba.it Software openresty / Resource Hash cf1afcc73a07669582611f374641bbbd0bfa8f6d8ecc8d803faa0b791742b407 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language it-IT,it;q=0.9 Referer https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 07:15:25 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff content-security-policy frame-ancestors 'self' x-fe webxmaildh15.ad.aruba.it content-length 118 x-xss-protection 1; mode=block last-modified Tue, 20 Dec 2022 14:55:35 GMT server openresty etag "76-5f043a0d61e00" x-frame-options SAMEORIGIN, SAMEORIGIN access-control-allow-methods GET, POST content-type application/javascript access-control-allow-origin * access-control-max-age 1000 accept-ranges bytes access-control-allow-headers Content-Type, Authorization, X-Requested-With
GET H2	200	cookie_directive.js Show response webmail.aruba.it/layout/js/	829 B 829 B	157ms 68ms	Script application/javascript	62.149.158.90 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://webmail.aruba.it/layout/js/cookie_directive.js?_v_=v4r2b65pl4.20210517_1745 Requested by Host: k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net URL: https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/V31IMqcU1HQgMqrMrRrJtxyiFuvcsqkT7d8FNbyX04Y?msg= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.149.158.90 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webmaildomini.aruba.it Software openresty / Resource Hash 88a4dd6cb471f3b77b7946e9e3297c45ea04f9a07a0773ca0996c3a22efc6157 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language it-IT,it;q=0.9 Referer https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 07:15:25 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff content-security-policy frame-ancestors 'self' content-encoding gzip x-fe webxmaildh15.ad.aruba.it x-xss-protection 1; mode=block last-modified Tue, 20 Dec 2022 14:55:38 GMT server openresty etag W/"33d-5f043a107672b" vary Accept-Encoding x-frame-options SAMEORIGIN, SAMEORIGIN content-type application/javascript access-control-allow-origin * access-control-allow-methods GET, POST access-control-max-age 1000 access-control-allow-headers Content-Type, Authorization, X-Requested-With
GET H2	200	capslock_detect.js Show response webmail.aruba.it/layout/js/	323 B 678 B	155ms 66ms	Script application/javascript	62.149.158.90 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://webmail.aruba.it/layout/js/capslock_detect.js?_v_=v4r2b65pl4.20210517_1745 Requested by Host: k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net URL: https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/V31IMqcU1HQgMqrMrRrJtxyiFuvcsqkT7d8FNbyX04Y?msg= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.149.158.90 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webmaildomini.aruba.it Software openresty / Resource Hash e47fc2c94a26f26d8761b7e13757ca87356908dc08960860ddf5e38d4dccee92 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language it-IT,it;q=0.9 Referer https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 07:15:25 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff content-security-policy frame-ancestors 'self' content-encoding gzip x-fe webxmaildh15.ad.aruba.it x-xss-protection 1; mode=block last-modified Tue, 20 Dec 2022 14:55:35 GMT server openresty etag W/"143-5f043a0d621e8" vary Accept-Encoding x-frame-options SAMEORIGIN, SAMEORIGIN content-type application/javascript access-control-allow-origin * access-control-allow-methods GET, POST access-control-max-age 1000 access-control-allow-headers Content-Type, Authorization, X-Requested-With
GET H2	400	bootstrap.bundle.min.js k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/skins/elastic/deps/	0 0	420ms 416ms	Script text/plain	13.225.78.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/skins/elastic/deps/bootstrap.bundle.min.js?s=1593860330 Requested by Host: k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net URL: https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/V31IMqcU1HQgMqrMrRrJtxyiFuvcsqkT7d8FNbyX04Y?msg= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.98 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-98.fra2.r.cloudfront.net Software envoy / Resource Hash Request headers accept-language it-IT,it;q=0.9 Referer https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/V31IMqcU1HQgMqrMrRrJtxyiFuvcsqkT7d8FNbyX04Y?msg= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 07:15:25 GMT via 1.1 ac0e9b19969df989a920e6d1b834d008.cloudfront.net (CloudFront) server envoy x-amz-cf-pop FRA2-C2 x-trace 65WTEyqbeS vary Origin x-cache Error from cloudfront x-envoy-upstream-service-time 106 content-length 23 x-amz-cf-id L0b04jAgjyNrD6Df7GMQDRXsVTg1QX2VknrE-rg9efKpZ6tBg9m_1A==
GET H2	400	ui.min.js k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/skins/elastic/	0 0	435ms 431ms	Script text/plain	13.225.78.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/skins/elastic/ui.min.js?s=1593860317 Requested by Host: k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net URL: https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/V31IMqcU1HQgMqrMrRrJtxyiFuvcsqkT7d8FNbyX04Y?msg= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.98 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-98.fra2.r.cloudfront.net Software envoy / Resource Hash Request headers accept-language it-IT,it;q=0.9 Referer https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/V31IMqcU1HQgMqrMrRrJtxyiFuvcsqkT7d8FNbyX04Y?msg= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 07:15:25 GMT via 1.1 ac0e9b19969df989a920e6d1b834d008.cloudfront.net (CloudFront) server envoy x-amz-cf-pop FRA2-C2 x-trace zFafQgaQF_ vary Origin x-cache Error from cloudfront x-envoy-upstream-service-time 106 content-length 23 x-amz-cf-id hlM5-GKWZR1YJOGjm9QTR2U4g9JBP_ZWnsm_3PRdapdifxnWGL2AMQ==
GET H2	200	jquery-3.2.1.slim.min.js Show response code.jquery.com/	68 KB 24 KB	26ms 22ms	Script application/javascript	2001:4de0:ac18::1:a:2a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.2.1.slim.min.js Requested by Host: k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net URL: https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/V31IMqcU1HQgMqrMrRrJtxyiFuvcsqkT7d8FNbyX04Y?msg= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398 Request headers Referer https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/ Origin https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 07:15:25 GMT content-encoding gzip x-sp-metadata HS256.CJ353Z4GEo0BCiRmOWFkNWNiMS1kYWQzLTRiODMtOWYzNC0yNTk0OWViNTk4NGQQ+OiCoKvU+wIaBgiN3d2eBiISMjAwMTphYzg6MjQ6NDQ6OjE5KNzHAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkMjNjN2EyNmYtZDkzZC00NmNlLTlhZGYtOGI1ZTkxYmI1M2Y4GLC6ASIYCAISFGNkczIwOS5tbDEuaHdjZG4ubmV0.OooYwCfEoOtyXjV0UzpJfWJL/AVOK44kWgNSzg2Ri1k= last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx etag W/"28feccc0-10fdd" vary Accept-Encoding x-hw 1675062925.dop033.ml1.t,1675062925.cds210.ml1.hn,1675062925.cds209.ml1.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 23856
GET H2	200	popper.min.js Show response cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/	19 KB 6 KB	30ms 26ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js Requested by Host: k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net URL: https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/V31IMqcU1HQgMqrMrRrJtxyiFuvcsqkT7d8FNbyX04Y?msg= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/ Origin https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 07:15:25 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 909534 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 6157 last-modified Mon, 04 May 2020 16:15:37 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fa9-4af4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=poIewRUfzIJIM3WH3iOH6qmnKVEZ5vyK84esLTDrWqozf1mI%2FjRdwRayH%2FacGMFobXAruzC7xGwSo2uayvuiiCEmKShXIagpJOef6AJOZecTKwbvZBNyk0JFs3oTsqIOs2gncyxN8tIJzROGE3Ssoot0"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 79186a92a98959e9-MXP expires Sat, 20 Jan 2024 07:15:25 GMT
GET H2	200	bootstrap.min.js Show response maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/	48 KB 13 KB	35ms 31ms	Script application/javascript	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js Requested by Host: k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net URL: https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/V31IMqcU1HQgMqrMrRrJtxyiFuvcsqkT7d8FNbyX04Y?msg= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/ Origin https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 07:15:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 865 age 9248 cdn-cachedat 11/25/2022 23:23:38 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:04 GMT cdn-proxyver 1.03 cdn-requestpullcode 200 server cloudflare etag W/"14d449eb8876fa55e1ef3c2cc52b0c17" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 620e20fe4f9e2eb60098748a96831af1 timing-allow-origin * cdn-requestcountrycode DE cdn-status 200 cf-ray 79186a92ab43bacd-MXP cdn-requestpullsuccess True
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.2.4/	84 KB 29 KB	43ms 39ms	Script text/javascript	2a00:1450:400d:80a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js Requested by Host: k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net URL: https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/V31IMqcU1HQgMqrMrRrJtxyiFuvcsqkT7d8FNbyX04Y?msg= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 23 Jan 2023 15:22:58 GMT content-encoding gzip x-content-type-options nosniff age 575547 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30028 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Tue, 23 Jan 2024 15:22:58 GMT
GET H2	200	bootstrap.min.js Show response stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/	50 KB 14 KB	33ms 29ms	Script application/javascript	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js Requested by Host: k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net URL: https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/V31IMqcU1HQgMqrMrRrJtxyiFuvcsqkT7d8FNbyX04Y?msg= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 07:15:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 723, 617, 617 age 14214542 cdn-cachedat 2021-07-24 10:52:10 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:06 GMT server cloudflare cdn-requestpullcode 200 vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid c60073e21cbf9fb14834b984d87d67f4 timing-allow-origin * cdn-requestcountrycode EG cdn-status 200 cf-ray 79186a92adcc3745-MXP cdn-requestpullsuccess True
GET H2	200	jquery.session.min.js Show response cdn.jsdelivr.net/npm/jquery.session@1.0.0/	2 KB 1007 B	27ms 23ms	Script application/javascript	2a04:4e42:600::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/jquery.session@1.0.0/jquery.session.min.js Requested by Host: k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net URL: https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/V31IMqcU1HQgMqrMrRrJtxyiFuvcsqkT7d8FNbyX04Y?msg= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 76ad6584ac5bdd459939dc7532fae7c2bdd8e22d773ff16d2306f42a1ffc569c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 30 Jan 2023 07:15:25 GMT x-content-type-options nosniff content-encoding gzip age 4749189 x-jsd-version 1.0.0 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 933 x-served-by cache-fra-eddf8230128-FRA, cache-mxp6946-MXP x-jsd-version-type version etag W/"91d-mUGbC+S4VCL/hIcOVNvYpS3G2rE" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	400	left_block.html Show response k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/ Frame 2890	23 B 299 B	403ms 401ms	Document text/plain	13.225.78.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/left_block.html Requested by Host: k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net URL: https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/V31IMqcU1HQgMqrMrRrJtxyiFuvcsqkT7d8FNbyX04Y?msg= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.98 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-98.fra2.r.cloudfront.net Software envoy / Resource Hash 589c6cbbd1f8e79e7c4b892a432c1c017411d73e99b779d2bdd55bea94851296 Request headers Referer https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/V31IMqcU1HQgMqrMrRrJtxyiFuvcsqkT7d8FNbyX04Y?msg= Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language it-IT,it;q=0.9 Response headers content-length 23 date Mon, 30 Jan 2023 07:15:25 GMT server envoy vary Origin via 1.1 ac0e9b19969df989a920e6d1b834d008.cloudfront.net (CloudFront) x-amz-cf-id hIF2ht4KMOAjGS144BrS7z2MUP4c5nENAWHcE48dShnCf6vJhui7gA== x-amz-cf-pop FRA2-C2 x-cache Error from cloudfront x-envoy-upstream-service-time 1 x-trace hVvLzIfS12
GET H2	200	aruba-logo.svg webmail.aruba.it/web_imgs/login/images/	15 KB 6 KB	36ms 33ms	Image image/svg+xml	62.149.158.90 ARUBA-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://webmail.aruba.it/web_imgs/login/images/aruba-logo.svg?_v_=4.2.82.20221219_1445 Requested by Host: webmail.aruba.it URL: https://webmail.aruba.it/web_imgs/login/css/login.css?_v_=v4r2b65pl4.20210517_1745 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.149.158.90 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webmaildomini.aruba.it Software openresty / Resource Hash a32e14929dae4030d8fe0164ac57453ec28a2927b4e6f22d445934b829f6df14 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language it-IT,it;q=0.9 Referer https://webmail.aruba.it/web_imgs/login/css/login.css?_v_=v4r2b65pl4.20210517_1745 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 07:15:25 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff content-security-policy frame-ancestors 'self' content-encoding gzip x-fe webxmaildh15.ad.aruba.it x-xss-protection 1; mode=block last-modified Tue, 20 Dec 2022 14:50:18 GMT server openresty etag W/"3b00-5f0438ded4639" vary Accept-Encoding x-frame-options SAMEORIGIN, SAMEORIGIN content-type image/svg+xml access-control-allow-origin * access-control-allow-methods GET, POST access-control-max-age 1000 access-control-allow-headers Content-Type, Authorization, X-Requested-With
GET H2	200	envelope.svg webmail.aruba.it/web_imgs/login/images/	681 B 889 B	30ms 28ms	Image image/svg+xml	62.149.158.90 ARUBA-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://webmail.aruba.it/web_imgs/login/images/envelope.svg?_v_=4.2.82.20221219_1445 Requested by Host: webmail.aruba.it URL: https://webmail.aruba.it/web_imgs/login/css/login.css?_v_=v4r2b65pl4.20210517_1745 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.149.158.90 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webmaildomini.aruba.it Software openresty / Resource Hash 5e96c408271ce2999c052da5821e78872d784aa9a08b87fc6f4fb036e46eab99 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language it-IT,it;q=0.9 Referer https://webmail.aruba.it/web_imgs/login/css/login.css?_v_=v4r2b65pl4.20210517_1745 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 07:15:25 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff content-security-policy frame-ancestors 'self' content-encoding gzip x-fe webxmaildh15.ad.aruba.it x-xss-protection 1; mode=block last-modified Tue, 20 Dec 2022 14:50:18 GMT server openresty etag W/"2a9-5f0438ded4639" vary Accept-Encoding x-frame-options SAMEORIGIN, SAMEORIGIN content-type image/svg+xml access-control-allow-origin * access-control-allow-methods GET, POST access-control-max-age 1000 access-control-allow-headers Content-Type, Authorization, X-Requested-With
GET H2	200	gb.png webmail.aruba.it/web_imgs/login/images/flag/	599 B 1 KB	41ms 39ms	Image image/png	62.149.158.90 ARUBA-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://webmail.aruba.it/web_imgs/login/images/flag/gb.png?_v_=4.2.82.20221219_1445 Requested by Host: webmail.aruba.it URL: https://webmail.aruba.it/web_imgs/login/css/login.css?_v_=v4r2b65pl4.20210517_1745 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.149.158.90 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webmaildomini.aruba.it Software openresty / Resource Hash 5d72c5a8bef80fca6f99f476e15ec95ce2d5e5f65c6dab9ee8e56348be0d39fc Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language it-IT,it;q=0.9 Referer https://webmail.aruba.it/web_imgs/login/css/login.css?_v_=v4r2b65pl4.20210517_1745 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 07:15:25 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff content-security-policy frame-ancestors 'self' x-fe webxmaildh15.ad.aruba.it content-length 599 x-xss-protection 1; mode=block last-modified Tue, 20 Dec 2022 14:50:18 GMT server openresty etag "257-5f0438ded4639" x-frame-options SAMEORIGIN, SAMEORIGIN access-control-allow-methods GET, POST content-type image/png access-control-allow-origin * access-control-max-age 1000 accept-ranges bytes access-control-allow-headers Content-Type, Authorization, X-Requested-With
GET H2	200	login-icon.svg webmail.aruba.it/web_imgs/login/images/	666 B 832 B	37ms 35ms	Image image/svg+xml	62.149.158.90 ARUBA-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://webmail.aruba.it/web_imgs/login/images/login-icon.svg?_v_=4.2.82.20221219_1445 Requested by Host: webmail.aruba.it URL: https://webmail.aruba.it/web_imgs/login/css/login.css?_v_=v4r2b65pl4.20210517_1745 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.149.158.90 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webmaildomini.aruba.it Software openresty / Resource Hash c7eca97d84ed3469e7d1a20a8c28ef7177270b93a2d9913a0adad9a3e4bdfc9a Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language it-IT,it;q=0.9 Referer https://webmail.aruba.it/web_imgs/login/css/login.css?_v_=v4r2b65pl4.20210517_1745 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 07:15:25 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff content-security-policy frame-ancestors 'self' content-encoding gzip x-fe webxmaildh15.ad.aruba.it x-xss-protection 1; mode=block last-modified Tue, 20 Dec 2022 14:50:18 GMT server openresty etag W/"29a-5f0438ded4a21" vary Accept-Encoding x-frame-options SAMEORIGIN, SAMEORIGIN content-type image/svg+xml access-control-allow-origin * access-control-allow-methods GET, POST access-control-max-age 1000 access-control-allow-headers Content-Type, Authorization, X-Requested-With
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v23/	23 KB 24 KB	137ms 39ms	Font font/woff2	2a00:1450:400d:80d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&subset=latin,latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 24 Jan 2023 15:21:12 GMT x-content-type-options nosniff age 489253 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23580 x-xss-protection 0 last-modified Tue, 26 Apr 2022 15:48:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 24 Jan 2024 15:21:12 GMT
GET H2	200	password-icon.svg webmail.aruba.it/web_imgs/login/images/	585 B 805 B	40ms 39ms	Image image/svg+xml	62.149.158.90 ARUBA-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://webmail.aruba.it/web_imgs/login/images/password-icon.svg?_v_=4.2.82.20221219_1445 Requested by Host: webmail.aruba.it URL: https://webmail.aruba.it/web_imgs/login/css/login.css?_v_=v4r2b65pl4.20210517_1745 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.149.158.90 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webmaildomini.aruba.it Software openresty / Resource Hash d1a498e72f62f80af25d958364158a781a8cdee723e700756b28756c97ee2fa1 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language it-IT,it;q=0.9 Referer https://webmail.aruba.it/web_imgs/login/css/login.css?_v_=v4r2b65pl4.20210517_1745 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 07:15:25 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff content-security-policy frame-ancestors 'self' content-encoding gzip x-fe webxmaildh15.ad.aruba.it x-xss-protection 1; mode=block last-modified Tue, 20 Dec 2022 14:50:18 GMT server openresty etag W/"249-5f0438ded4a21" vary Accept-Encoding x-frame-options SAMEORIGIN, SAMEORIGIN content-type image/svg+xml access-control-allow-origin * access-control-allow-methods GET, POST access-control-max-age 1000 access-control-allow-headers Content-Type, Authorization, X-Requested-With
GET H2	200	password-icon-2.svg webmail.aruba.it/web_imgs/login/images/	947 B 864 B	32ms 31ms	Image image/svg+xml	62.149.158.90 ARUBA-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://webmail.aruba.it/web_imgs/login/images/password-icon-2.svg?_v_=4.2.82.20221219_1445 Requested by Host: webmail.aruba.it URL: https://webmail.aruba.it/web_imgs/login/css/login.css?_v_=v4r2b65pl4.20210517_1745 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.149.158.90 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webmaildomini.aruba.it Software openresty / Resource Hash 8955ee5e3071f91ed2460b5b634cdab6f6c15d5d8adefac0e3328de7f5889a97 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language it-IT,it;q=0.9 Referer https://webmail.aruba.it/web_imgs/login/css/login.css?_v_=v4r2b65pl4.20210517_1745 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 07:15:25 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff content-security-policy frame-ancestors 'self' content-encoding gzip x-fe webxmaildh15.ad.aruba.it x-xss-protection 1; mode=block last-modified Tue, 20 Dec 2022 14:50:18 GMT server openresty etag W/"3b3-5f0438ded4a21" vary Accept-Encoding x-frame-options SAMEORIGIN, SAMEORIGIN content-type image/svg+xml access-control-allow-origin * access-control-allow-methods GET, POST access-control-max-age 1000 access-control-allow-headers Content-Type, Authorization, X-Requested-With
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ.woff2 fonts.gstatic.com/s/lato/v23/	23 KB 23 KB	173ms 78ms	Font font/woff2	2a00:1450:400d:80d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&subset=latin,latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 24 Jan 2023 22:49:45 GMT x-content-type-options nosniff age 462340 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23040 x-xss-protection 0 last-modified Tue, 26 Apr 2022 15:56:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 24 Jan 2024 22:49:45 GMT
GET H2	400	login.json Show response k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/ext_aruba/js/nls/	23 B 300 B	309ms 309ms	XHR text/plain	13.225.78.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/ext_aruba/js/nls/login.json?_v_=4.2.82.20221219_1445 Requested by Host: webmail.aruba.it URL: https://webmail.aruba.it/ext_aruba/js/login.js?_v_=v4r2b65pl4.20210517_1745 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.98 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-98.fra2.r.cloudfront.net Software envoy / Resource Hash 589c6cbbd1f8e79e7c4b892a432c1c017411d73e99b779d2bdd55bea94851296 Request headers accept-language it-IT,it;q=0.9 Referer https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/V31IMqcU1HQgMqrMrRrJtxyiFuvcsqkT7d8FNbyX04Y?msg= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 07:15:25 GMT via 1.1 ac0e9b19969df989a920e6d1b834d008.cloudfront.net (CloudFront) server envoy x-amz-cf-pop FRA2-C2 x-trace bK--nrx5Qw vary Origin x-cache Error from cloudfront x-envoy-upstream-service-time 1 content-length 23 x-amz-cf-id NEUfCoWaWTMPyqodJ30JSaA9tLccgIUOAnwZOj0jYJqn9A7OsA7Icg==

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Aruba (Online)

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange string| message function| clickIE4 function| clickNS4 object| dojo object| dijit object| dojox string| UX_LEGGERA string| UX_WEB2CS string| UX_HTML string| UX_PEC boolean| manage boolean| classic object| i18n_dirs object| i18n_bundles string| i18n_default object| i18n_login string| default_classic_ext string| leggera_ext string| leggera_customer boolean| enable_pec_authentication_warning function| isBrowserSupported object| JsonFormatter function| encodeCredentials function| login_setCredentials function| login_getCookie function| login_setCookie function| login_initAdvancedPage function| checkXfm function| login_initPage function| login_initRadios function| displayTab function| getLanguage function| login_showPopup function| login_errorPopup function| login_getSelectedUx function| launchUser function| launchAdmin function| login_web2cs function| login_processError function| login_errorCallback function| isSmartOptimizable function| login_leggera function| auto_login function| isPecDomain function| login_pec function| login_html function| display_redirect function| showPassword function| onInputFocus function| onInputBlur function| onInputChange function| DOMContentLoadedListener function| login_setLanguageCookie function| loginGetLanguage function| loginGetSingleLanguage function| login_initLocalization function| changeLanguage function| changeLanguageGtm function| showLanguage function| hideLanguage function| login_localize function| fstring function| focusFirstInput function| validateForm function| pecRedirect function| pecShowDialog function| pecHideDialog function| showFeedback function| lostPassword object| CryptoJS object| e function| cookie_directive_accept function| capLock function| $ function| jQuery function| Popper object| bootstrap function| keyup

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			residencemiramare.it/	1970-01-20 09:17:43	Name: __session:0.9248154442938881: Value: https:
			k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/	1970-01-20 09:17:43	Name: __session:0.9248154442938881: Value: https:

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/skins/elastic/deps/bootstrap.bundle.min.js?s=1593860330 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/skins/elastic/ui.min.js?s=1593860317 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/left_block.html Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://k56uqmvhctkhiibsvlgk2gwjw4okefxl3szkse7n34ctlpex2oda.arweave.net/ext_aruba/js/nls/login.json?_v_=4.2.82.20221219_1445 Message: Failed to load resource: the server responded with a status of 400 ()