urlscan.io logo urlscan.io
SecurityTrails logo

www.apss.tn.it Open in urlscan Pro
99.80.82.152  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/3aUwBCX
Effective URL: https://www.apss.tn.it/content/view/full/21033
Submission: On November 12 via manual from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 9 domains to perform 23 HTTP transactions. The main IP is 99.80.82.152, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.apss.tn.it.
TLS certificate: Issued by R3 on September 15th 2021. Valid for: 3 months.
This is the only time www.apss.tn.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-PR...)
13 99.80.82.152 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 78.46.39.10 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 156.54.45.194 20746 (ASN-IDC T...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
23 8
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
13    99.80.82.152 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-82-152.eu-west-1.compute.amazonaws.com
www.apss.tn.it
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    78.46.39.10 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.10.39.46.78.clients.your-server.de
apss.pokedem.com
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    156.54.45.194 (Italy)

ASN20746 (ASN-IDC T.NO.OM.I.NC, IT)
ingestion.webanalytics.italia.it
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
13 www.apss.tn.it www.apss.tn.it
2 ingestion.webanalytics.italia.it www.apss.tn.it
2 www.google-analytics.com www.apss.tn.it
www.google-analytics.com
2 apss.pokedem.com cdn.jsdelivr.net
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com cdn.jsdelivr.net
1 www.googletagmanager.com www.apss.tn.it
1 cdn.jsdelivr.net www.apss.tn.it
1 bit.ly 1 redirects
23 9
Subject Issuer Validity Valid
apss.tn.it
R3		 2021-09-15 -
2021-12-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-03 -
2022-07-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
pokedem.com
R3		 2021-10-18 -
2022-01-16		 3 months crt.sh
ingestion.webanalytics.italia.it
R3		 2021-10-29 -
2022-01-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.apss.tn.it/content/view/full/21033
Frame ID: A6850972E8CF79A0818051CDCA05DFB9
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Moduli vaccinazione anti Covid-19 / Modulistica / Documenti e dati / Azienda Provinciale per i Servizi Sanitari - Azienda Provinciale per i Servizi Sanitariit-calendarit-calendar

Page URL History Show full URLs

  1. https://bit.ly/3aUwBCX HTTP 301
    https://www.apss.tn.it/content/view/full/21033 Page URL

Page Statistics

23
Requests

100 %
HTTPS

56 %
IPv6

9
Domains

9
Subdomains

8
IPs

4
Countries

1283 kB
Transfer

3775 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3aUwBCX HTTP 301
    https://www.apss.tn.it/content/view/full/21033 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 21033
www.apss.tn.it/content/view/full/
Redirect Chain
  • https://bit.ly/3aUwBCX
  • https://www.apss.tn.it/content/view/full/21033
154 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.apss.tn.it/content/view/full/21033
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.82.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-82-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5766bc002202c6433a4a2a0543595123f896a67d69d1704ac30fd0b9fe2037dc
Security Headers
Name Value
Content-Security-Policy default-src *; font-src 'self' data: https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
it-IT,it;q=0.9

Response headers

date
Fri, 12 Nov 2021 10:37:23 GMT
content-type
text/html; charset=utf-8
cache-control
public, must-revalidate, max-age=10, s-maxage=259200
pragma
no-cache
expires
Fri, 12 Nov 2021 08:37:23 GMT
last-modified
Fri, 12 Nov 2021 10:37:23 GMT
served-by
www.apss.tn.it
content-language
it
strict-transport-security
max-age=63072000; includeSubdomains
x-frame-options
sameorigin
x-xss-protection
1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
referrer-policy
strict-origin-when-cross-origin
permissions-policy
camera=(), payment=(), microphone=()
content-security-policy
default-src *; font-src 'self' data: https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
expect-ct
max-age=0, report-uri=https://saasopenpa.report-uri.com/r/d/ct/reportOnly max-age=86400
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://saasopenpa.report-uri.com/a/d/g"}],"include_subdomains":true}
content-encoding
gzip
x-debug
x-varnish
837657411
age
0
via
1.1 varnish-v4
vary
Accept-Encoding
x-cache
MISS
x-served-by
ip-10-200-0-28.eu-west-1.compute.internal
accept-ranges
bytes
transfer-encoding
chunked

Redirect headers

server
nginx
date
Fri, 12 Nov 2021 10:37:23 GMT
content-type
text/html; charset=utf-8
content-length
133
cache-control
private, max-age=90
content-security-policy
referrer always;
location
https://www.apss.tn.it/content/view/full/21033
referrer-policy
unsafe-url
via
1.1 google
alt-svc
clear
bf412e29a8578d956832f5d302cb0990_all.css
www.apss.tn.it/var/apss/cache/public/stylesheets/ 		717 KB
107 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.apss.tn.it/var/apss/cache/public/stylesheets/bf412e29a8578d956832f5d302cb0990_all.css
Requested by
Host: www.apss.tn.it
URL: https://www.apss.tn.it/content/view/full/21033
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.82.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-82-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1bc862106a89125873c1179475083d2239df40c664194a7836eda55772df4b29
Security Headers
Name Value
Content-Security-Policy default-src *; font-src 'self' data: https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.apss.tn.it/content/view/full/21033
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 10:32:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
271
x-debug
x-cache
HIT
vary
Accept-Encoding
content-length
107904
x-xss-protection
1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce
x-served-by
ip-10-200-0-28.eu-west-1.compute.internal
served-by
www.apss.tn.it
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 10 Nov 2021 13:22:52 GMT
x-ttl
31d
x-frame-options
sameorigin
etag
W/"1636550572-734280"
expect-ct
max-age=0, report-uri=https://saasopenpa.report-uri.com/r/d/ct/reportOnly, max-age=86400
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://saasopenpa.report-uri.com/a/d/g"}],"include_subdomains":true}
x-varnish
837915343 837830073
via
1.1 varnish-v4
expires
Mon, 13 Dec 2021 10:32:52 GMT
permissions-policy
camera=(), payment=(), microphone=()
content-security-policy
default-src *; font-src 'self' data: https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
accept-ranges
bytes
content-type
text/css;charset=UTF-8
x-cache-hits
68
190275fc0f1d8e395720ce666601b5b8.js
www.apss.tn.it/var/apss/cache/public/javascript/ 		2 MB
447 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.apss.tn.it/var/apss/cache/public/javascript/190275fc0f1d8e395720ce666601b5b8.js
Requested by
Host: www.apss.tn.it
URL: https://www.apss.tn.it/content/view/full/21033
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.82.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-82-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
52349a117a877fa0a239f47c6b168e1839c66613f50a137a52301c3f359d6ce9
Security Headers
Name Value
Content-Security-Policy default-src *; font-src 'self' data: https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.apss.tn.it/content/view/full/21033
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 10:32:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
270
x-debug
x-cache
HIT
vary
Accept-Encoding
content-length
456453
x-xss-protection
1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce
x-served-by
ip-10-200-0-28.eu-west-1.compute.internal
served-by
www.apss.tn.it
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 10 Nov 2021 13:22:53 GMT
x-ttl
31d
x-frame-options
sameorigin
etag
W/"1636550573-1969767"
expect-ct
max-age=0, report-uri=https://saasopenpa.report-uri.com/r/d/ct/reportOnly, max-age=86400
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://saasopenpa.report-uri.com/a/d/g"}],"include_subdomains":true}
x-varnish
830237284 836909512
via
1.1 varnish-v4
expires
Mon, 13 Dec 2021 10:32:53 GMT
permissions-policy
camera=(), payment=(), microphone=()
content-security-policy
default-src *; font-src 'self' data: https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
accept-ranges
bytes
content-type
text/javascript;charset=UTF-8
x-cache-hits
71
Azienda-Provinciale-per-i-Servizi-Sanitari_header_logo.png
www.apss.tn.it/var/apss/storage/images/1245-49-ita-IT/ 		131 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.apss.tn.it/var/apss/storage/images/1245-49-ita-IT/Azienda-Provinciale-per-i-Servizi-Sanitari_header_logo.png
Requested by
Host: www.apss.tn.it
URL: https://www.apss.tn.it/content/view/full/21033
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.82.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-82-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2e2cb35b225b00b29815f8c4421a93675b1facf9dfc6e13946eea0a0d7c87e7e
Security Headers
Name Value
Content-Security-Policy default-src *; font-src 'self' data: https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.apss.tn.it/content/view/full/21033
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 10:32:55 GMT
x-debug
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
269
x-cache
HIT
content-length
133919
x-xss-protection
1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce
x-served-by
ip-10-200-0-28.eu-west-1.compute.internal
served-by
www.apss.tn.it
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 28 Jul 2021 15:24:34 GMT
x-ttl
31d
x-frame-options
sameorigin
etag
"1627485874-133919"
expect-ct
max-age=0, report-uri=https://saasopenpa.report-uri.com/r/d/ct/reportOnly, max-age=86400
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://saasopenpa.report-uri.com/a/d/g"}],"include_subdomains":true}
x-varnish
837915345 836909546
via
1.1 varnish-v4
expires
Mon, 13 Dec 2021 10:32:55 GMT
permissions-policy
camera=(), payment=(), microphone=()
content-security-policy
default-src *; font-src 'self' data: https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
accept-ranges
bytes
content-type
image/png
x-cache-hits
67
Moduli-vaccinazione-anti-Covid-19_reference.jpg
www.apss.tn.it/var/apss/storage/images/documenti-e-dati/modulistica/moduli-vaccinazione-anti-covid-19/707196-29-ita-IT/ 		153 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.apss.tn.it/var/apss/storage/images/documenti-e-dati/modulistica/moduli-vaccinazione-anti-covid-19/707196-29-ita-IT/Moduli-vaccinazione-anti-Covid-19_reference.jpg
Requested by
Host: www.apss.tn.it
URL: https://www.apss.tn.it/content/view/full/21033
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.82.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-82-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
862ff1d106543733cc93819a967749836786c458895cd895e5598ebb1f758983
Security Headers
Name Value
Content-Security-Policy default-src *; font-src 'self' data: https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.apss.tn.it/content/view/full/21033
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 10:34:05 GMT
x-debug
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
198
x-cache
HIT
content-length
156842
x-xss-protection
1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce
x-served-by
ip-10-200-0-28.eu-west-1.compute.internal
served-by
www.apss.tn.it
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Oct 2021 08:59:19 GMT
x-ttl
31d
x-frame-options
sameorigin
etag
"1634029159-156842"
expect-ct
max-age=0, report-uri=https://saasopenpa.report-uri.com/r/d/ct/reportOnly, max-age=86400
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://saasopenpa.report-uri.com/a/d/g"}],"include_subdomains":true}
x-varnish
837657421 833517093
via
1.1 varnish-v4
expires
Mon, 13 Dec 2021 10:34:05 GMT
permissions-policy
camera=(), payment=(), microphone=()
content-security-policy
default-src *; font-src 'self' data: https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
10
fm-chatbot-client
cdn.jsdelivr.net/npm/@claudio.giuliano/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@claudio.giuliano/fm-chatbot-client
Requested by
Host: www.apss.tn.it
URL: https://www.apss.tn.it/content/view/full/21033
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cac64d21e8e5ac16459f4ce50b0e9aae0e251148ad03599c652c3f5db49110f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.apss.tn.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 10:37:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5791
x-jsd-version
1.2.6
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19183-FRA, cache-mxp6920-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"3bf4-nU3sM1IsIlarUjzTQpVSRP5X4i4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6acf1ff17b0c5995-MXP
app.min.js
www.apss.tn.it/extension/openpa_bootstrapitalia/design/bootstrapitalia/javascript/ 		210 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.apss.tn.it/extension/openpa_bootstrapitalia/design/bootstrapitalia/javascript/app.min.js
Requested by
Host: www.apss.tn.it
URL: https://www.apss.tn.it/content/view/full/21033
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.82.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-82-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1e0dd51f3f096cf987111dd9bfc40b1229fc5e18f68ee646b820fb3d363e6e
Security Headers
Name Value
Content-Security-Policy default-src *; font-src 'self' data: https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.apss.tn.it/content/view/full/21033
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 10:32:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
269
x-debug
x-cache
HIT
vary
Accept-Encoding
content-length
53241
x-xss-protection
1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce
x-served-by
ip-10-200-0-28.eu-west-1.compute.internal
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 09 Nov 2021 12:20:52 GMT
x-ttl
31d
x-frame-options
sameorigin
etag
W/"618a67a4-34890"
expect-ct
max-age=0, report-uri=https://saasopenpa.report-uri.com/r/d/ct/reportOnly, max-age=86400
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://saasopenpa.report-uri.com/a/d/g"}],"include_subdomains":true}
x-varnish
838180625 837983954
via
1.1 varnish-v4
expires
Mon, 13 Dec 2021 10:32:55 GMT
permissions-policy
camera=(), payment=(), microphone=()
content-security-policy
default-src *; font-src 'self' data: https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
65
gtm.js
www.googletagmanager.com/ 		73 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MCRZP4F
Requested by
Host: www.apss.tn.it
URL: https://www.apss.tn.it/content/view/full/21033
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
539dee077bf187481bad9b2b3ed2eec7f223b11f4a76c63d4a714f302937f613
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.apss.tn.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 10:37:24 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
29571
x-xss-protection
0
last-modified
Fri, 12 Nov 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 12 Nov 2021 10:37:24 GMT
sprite.svg
www.apss.tn.it/extension/openpa_bootstrapitalia/design/standard/images/svg/ 		45 KB
46 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.apss.tn.it/extension/openpa_bootstrapitalia/design/standard/images/svg/sprite.svg
Requested by
Host: www.apss.tn.it
URL: https://www.apss.tn.it/content/view/full/21033
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.82.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-82-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f4c98d175ae6a74344ddf7312b338660e9f217cf410762f469e389b5a6adf10b
Security Headers
Name Value
Content-Security-Policy default-src *; font-src 'self' data: https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.apss.tn.it/content/view/full/21033
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 10:32:55 GMT
x-debug
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
269
x-cache
HIT
content-length
45758
x-xss-protection
1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce
x-served-by
ip-10-200-0-28.eu-west-1.compute.internal
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 09 Nov 2021 12:20:52 GMT
x-ttl
31d
x-frame-options
sameorigin
etag
"618a67a4-b2be"
expect-ct
max-age=0, report-uri=https://saasopenpa.report-uri.com/r/d/ct/reportOnly, max-age=86400
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://saasopenpa.report-uri.com/a/d/g"}],"include_subdomains":true}
x-varnish
838050212 838469031
via
1.1 varnish-v4
expires
Mon, 13 Dec 2021 10:32:55 GMT
permissions-policy
camera=(), payment=(), microphone=()
content-security-policy
default-src *; font-src 'self' data: https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
accept-ranges
bytes
content-type
image/svg+xml
x-cache-hits
63
TitilliumWeb-Light.woff2
www.apss.tn.it/extension/openpa_bootstrapitalia/design/bootstrapitalia/fonts/Titillium_Web/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apss.tn.it/extension/openpa_bootstrapitalia/design/bootstrapitalia/fonts/Titillium_Web/TitilliumWeb-Light.woff2
Requested by
Host: www.apss.tn.it
URL: https://www.apss.tn.it/content/view/full/21033
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.82.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-82-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
fe1257b5c39a8a62a91b85bbf01b9826411e8e9f77c5895a742670cf0d466240
Security Headers
Name Value
Content-Security-Policy default-src *; font-src 'self' data: https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce

Request headers

Referer
https://www.apss.tn.it/content/view/full/21033
Origin
https://www.apss.tn.it
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 10:37:07 GMT
x-debug
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
17
x-cache
HIT
content-length
18076
x-xss-protection
1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce
x-served-by
ip-10-200-0-28.eu-west-1.compute.internal
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 09 Nov 2021 12:20:52 GMT
x-frame-options
sameorigin
etag
"618a67a4-469c"
expect-ct
max-age=0, report-uri=https://saasopenpa.report-uri.com/r/d/ct/reportOnly, max-age=86400
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://saasopenpa.report-uri.com/a/d/g"}],"include_subdomains":true}
x-varnish
838050216 838469307
via
1.1 varnish-v4
permissions-policy
camera=(), payment=(), microphone=()
content-security-policy
default-src *; font-src 'self' data: https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
accept-ranges
bytes
content-type
font/woff2
x-cache-hits
4
TitilliumWeb-Regular.woff2
www.apss.tn.it/extension/openpa_bootstrapitalia/design/bootstrapitalia/fonts/Titillium_Web/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apss.tn.it/extension/openpa_bootstrapitalia/design/bootstrapitalia/fonts/Titillium_Web/TitilliumWeb-Regular.woff2
Requested by
Host: www.apss.tn.it
URL: https://www.apss.tn.it/content/view/full/21033
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.82.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-82-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
10a0b293d1d46ce9853549ea0dbecb22208e19c9a78ac6a024e7b2642a657e82
Security Headers
Name Value
Content-Security-Policy default-src *; font-src 'self' data: https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce

Request headers

Referer
https://www.apss.tn.it/content/view/full/21033
Origin
https://www.apss.tn.it
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 10:37:07 GMT
x-debug
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
17
x-cache
HIT
content-length
18020
x-xss-protection
1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce
x-served-by
ip-10-200-0-28.eu-west-1.compute.internal
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 09 Nov 2021 12:20:52 GMT
x-frame-options
sameorigin
etag
"618a67a4-4664"
expect-ct
max-age=0, report-uri=https://saasopenpa.report-uri.com/r/d/ct/reportOnly, max-age=86400
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://saasopenpa.report-uri.com/a/d/g"}],"include_subdomains":true}
x-varnish
836682929 838180615
via
1.1 varnish-v4
permissions-policy
camera=(), payment=(), microphone=()
content-security-policy
default-src *; font-src 'self' data: https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
accept-ranges
bytes
content-type
font/woff2
x-cache-hits
4
TitilliumWeb-Bold.woff2
www.apss.tn.it/extension/openpa_bootstrapitalia/design/bootstrapitalia/fonts/Titillium_Web/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apss.tn.it/extension/openpa_bootstrapitalia/design/bootstrapitalia/fonts/Titillium_Web/TitilliumWeb-Bold.woff2
Requested by
Host: www.apss.tn.it
URL: https://www.apss.tn.it/content/view/full/21033
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.82.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-82-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
10e231d670dd23dbbc9e0824e99346477a799a361c755389654ca2ff2aeed499
Security Headers
Name Value
Content-Security-Policy default-src *; font-src 'self' data: https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce

Request headers

Referer
https://www.apss.tn.it/content/view/full/21033
Origin
https://www.apss.tn.it
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 10:37:07 GMT
x-debug
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
17
x-cache
HIT
content-length
17152
x-xss-protection
1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce
x-served-by
ip-10-200-0-28.eu-west-1.compute.internal
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 09 Nov 2021 12:20:52 GMT
x-frame-options
sameorigin
etag
"618a67a4-4300"
expect-ct
max-age=0, report-uri=https://saasopenpa.report-uri.com/r/d/ct/reportOnly, max-age=86400
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://saasopenpa.report-uri.com/a/d/g"}],"include_subdomains":true}
x-varnish
836682933 836632418
via
1.1 varnish-v4
permissions-policy
camera=(), payment=(), microphone=()
content-security-policy
default-src *; font-src 'self' data: https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
accept-ranges
bytes
content-type
font/woff2
x-cache-hits
4
webhook
apss.pokedem.com/webhooks/rest/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://apss.pokedem.com/webhooks/rest/webhook
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.39.10 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.10.39.46.78.clients.your-server.de
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.apss.tn.it
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Fri, 12 Nov 2021 10:37:24 GMT
Server
Apache/2.4.18 (Ubuntu)
Access-Control-Allow-Origin
https://www.apss.tn.it
Access-Control-Expose-Headers
filename
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Max-Age
None
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
Vary
Origin
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
TitilliumWeb-SemiBold.woff2
www.apss.tn.it/extension/openpa_bootstrapitalia/design/bootstrapitalia/fonts/Titillium_Web/ 		17 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apss.tn.it/extension/openpa_bootstrapitalia/design/bootstrapitalia/fonts/Titillium_Web/TitilliumWeb-SemiBold.woff2
Requested by
Host: www.apss.tn.it
URL: https://www.apss.tn.it/content/view/full/21033
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.82.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-82-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2dff0ec7d7554ff9f7ac85f1ef06e72cc35303e38efe7ecfcd367934994b39fd
Security Headers
Name Value
Content-Security-Policy default-src *; font-src 'self' data: https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce

Request headers

Referer
https://www.apss.tn.it/content/view/full/21033
Origin
https://www.apss.tn.it
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 10:37:07 GMT
x-debug
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
17
x-cache
HIT
content-length
17804
x-xss-protection
1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce
x-served-by
ip-10-200-0-28.eu-west-1.compute.internal
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 09 Nov 2021 12:20:52 GMT
x-frame-options
sameorigin
etag
"618a67a4-458c"
expect-ct
max-age=0, report-uri=https://saasopenpa.report-uri.com/r/d/ct/reportOnly, max-age=86400
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://saasopenpa.report-uri.com/a/d/g"}],"include_subdomains":true}
x-varnish
838406297 837657290
via
1.1 varnish-v4
permissions-policy
camera=(), payment=(), microphone=()
content-security-policy
default-src *; font-src 'self' data: https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
accept-ranges
bytes
content-type
font/woff2
x-cache-hits
4
RobotoMono-Bold.woff2
www.apss.tn.it/extension/openpa_bootstrapitalia/design/bootstrapitalia/fonts/Roboto_Mono/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apss.tn.it/extension/openpa_bootstrapitalia/design/bootstrapitalia/fonts/Roboto_Mono/RobotoMono-Bold.woff2
Requested by
Host: www.apss.tn.it
URL: https://www.apss.tn.it/content/view/full/21033
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.82.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-82-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b6a55ad8c9ba4ea17bc4aa040ef549e4095631888ce6e907db9808bafba65dc1
Security Headers
Name Value
Content-Security-Policy default-src *; font-src 'self' data: https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce

Request headers

Referer
https://www.apss.tn.it/content/view/full/21033
Origin
https://www.apss.tn.it
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 10:37:20 GMT
x-debug
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
4
x-cache
HIT
content-length
21128
x-xss-protection
1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce
x-served-by
ip-10-200-0-28.eu-west-1.compute.internal
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 09 Nov 2021 12:20:52 GMT
x-frame-options
sameorigin
etag
"618a67a4-5288"
expect-ct
max-age=0, report-uri=https://saasopenpa.report-uri.com/r/d/ct/reportOnly, max-age=86400
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://saasopenpa.report-uri.com/a/d/g"}],"include_subdomains":true}
x-varnish
838180629 838341384
via
1.1 varnish-v4
permissions-policy
camera=(), payment=(), microphone=()
content-security-policy
default-src *; font-src 'self' data: https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
accept-ranges
bytes
content-type
font/woff2
x-cache-hits
2
Lora-Regular.woff2
www.apss.tn.it/extension/openpa_bootstrapitalia/design/bootstrapitalia/fonts/Lora/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apss.tn.it/extension/openpa_bootstrapitalia/design/bootstrapitalia/fonts/Lora/Lora-Regular.woff2
Requested by
Host: www.apss.tn.it
URL: https://www.apss.tn.it/content/view/full/21033
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.82.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-82-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c46571ae07f08cf72861c906044dc9bff58fe2ea18a46fe8ada32f8237c977f8
Security Headers
Name Value
Content-Security-Policy default-src *; font-src 'self' data: https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce

Request headers

Referer
https://www.apss.tn.it/content/view/full/21033
Origin
https://www.apss.tn.it
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 10:37:20 GMT
x-debug
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
4
x-cache
HIT
content-length
30704
x-xss-protection
1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce
x-served-by
ip-10-200-0-28.eu-west-1.compute.internal
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 09 Nov 2021 12:20:52 GMT
x-frame-options
sameorigin
etag
"618a67a4-77f0"
expect-ct
max-age=0, report-uri=https://saasopenpa.report-uri.com/r/d/ct/reportOnly, max-age=86400
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://saasopenpa.report-uri.com/a/d/g"}],"include_subdomains":true}
x-varnish
837915349 837254820
via
1.1 varnish-v4
permissions-policy
camera=(), payment=(), microphone=()
content-security-policy
default-src *; font-src 'self' data: https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
accept-ranges
bytes
content-type
font/woff2
x-cache-hits
2
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.apss.tn.it
URL: https://www.apss.tn.it/content/view/full/21033
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.apss.tn.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2210
date
Fri, 12 Nov 2021 10:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
20006
expires
Fri, 12 Nov 2021 12:00:34 GMT
matomo.js
ingestion.webanalytics.italia.it/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ingestion.webanalytics.italia.it/matomo.js
Requested by
Host: www.apss.tn.it
URL: https://www.apss.tn.it/content/view/full/21033
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.54.45.194 , Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software
/
Resource Hash
0995371a359a4a701d66f8b183de6144de9a042e5bac84b6f920968f51567742
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.apss.tn.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
public
date
Fri, 12 Nov 2021 10:37:24 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 10 Sep 2020 22:55:10 GMT
etag
W/"5f5aaece-1131c"
allow
GET, POST
content-type
application/javascript
cache-control
max-age=3600, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Fri, 12 Nov 2021 11:37:24 GMT
icon
fonts.googleapis.com/ 		569 B
705 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@claudio.giuliano/fm-chatbot-client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0c5e1da94a728c7a8cc4363b44d961c94459111d362eef8cf7895a9c6234d17c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.apss.tn.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
x-xss-protection
0
last-modified
Fri, 12 Nov 2021 10:37:24 GMT
server
ESF
date
Fri, 12 Nov 2021 10:37:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Nov 2021 10:37:24 GMT
webhook
apss.pokedem.com/webhooks/rest/ 		457 B
801 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apss.pokedem.com/webhooks/rest/webhook
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@claudio.giuliano/fm-chatbot-client
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.39.10 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.10.39.46.78.clients.your-server.de
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
4dfa8b3a221640b3b9812566bd786a67205324cda862e3d8c894cbc82cb1050f

Request headers

Referer
https://www.apss.tn.it/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 12 Nov 2021 10:37:24 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.apss.tn.it
Access-Control-Expose-Headers
filename
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
457
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v115/ 		115 KB
116 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v115/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efff98a3721641d17bb9ffd57a411430956d49f407e645a856f13a2906cbbf44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.apss.tn.it
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:33:47 GMT
x-content-type-options
nosniff
age
144217
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
117988
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 17:58:49 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 10 Nov 2022 18:33:47 GMT
collect
www.google-analytics.com/j/ 		2 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=406093708&t=pageview&_s=1&dl=https%3A%2F%2Fwww.apss.tn.it%2Fcontent%2Fview%2Ffull%2F21033&ul=en-us&de=UTF-8&dt=Moduli%20vaccinazione%20anti%20Covid-19%20%2F%20Modulistica%20%2F%20Documenti%20e%20dati%20%2F%20Azienda%20Provinciale%20per%20i%20Servizi%20Sanitari%20-%20Azienda%20Provinciale%20per%20i%20Servizi%20Sanitari&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1386666014&gjid=910068473&cid=431310991.1636713445&tid=UA-62995000-3&_gid=1204931003.1636713445&_r=1&_slc=1&z=1923194400
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.apss.tn.it/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 10:37:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.apss.tn.it
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
matomo.php
ingestion.webanalytics.italia.it/ 		43 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ingestion.webanalytics.italia.it/matomo.php?action_name=Moduli%20vaccinazione%20anti%20Covid-19%20%2F%20Modulistica%20%2F%20Documenti%20e%20dati%20%2F%20Azienda%20Provinciale%20per%20i%20Servizi%20Sanitari%20-%20Azienda%20Provinciale%20per%20i%20Servizi%20Sanitari&idsite=jg7pYNwqvM&rec=1&r=691373&h=10&m=37&s=24&url=https%3A%2F%2Fwww.apss.tn.it%2Fcontent%2Fview%2Ffull%2F21033&_id=5e699e739c10d02f&_idts=1636713445&_idvc=1&_idn=1&_refts=0&_viewts=1636713445&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=298&pv_id=1HCx0H
Requested by
Host: www.apss.tn.it
URL: https://www.apss.tn.it/content/view/full/21033
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.54.45.194 , Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.apss.tn.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 10:37:24 GMT
content-encoding
none
referrer-policy
origin
allow
GET, POST
content-type
image/gif
cache-control
no-store
strict-transport-security
max-age=15724800; includeSubDomains
content-length
43

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| opendataDataTableRenderField function| OpenContentOcopendataConnector function| $ function| jQuery function| Popper function| moment object| L object| blueimp object| Handlebars object| HandlebarsPrecompiled function| Base function| Alpaca object| async function| equiv object| dataLayer string| CurrentLanguage boolean| CurrentUserIsLoggedIn string| UiContext string| UriPrefix object| PathArray string| ModuleResultUri object| LanguageUrlAliasList string| MomentDateFormat string| MomentDateTimeFormat function| FmChatbot string| __PUBLIC_PATH__ object| bootstrap function| isIe string| GoogleAnalyticsObject function| ga object| _paq object| google_tag_manager object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| JSON_PIWIK object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

6 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: lacaBn-6b5c1c796c430db719-00j
.apss.tn.it/ Name: _ga
Value: GA1.3.431310991.1636713445
.apss.tn.it/ Name: _gid
Value: GA1.3.1204931003.1636713445
.apss.tn.it/ Name: _gat
Value: 1
www.apss.tn.it/ Name: _pk_id.jg7pYNwqvM.1ad5
Value: 5e699e739c10d02f.1636713445.1.1636713445.1636713445.
www.apss.tn.it/ Name: _pk_ses.jg7pYNwqvM.1ad5
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src *; font-src 'self' data: https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apss.pokedem.com
bit.ly
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
ingestion.webanalytics.italia.it
www.apss.tn.it
www.google-analytics.com
www.googletagmanager.com
156.54.45.194
2606:4700::6810:5614
2a00:1450:4001:810::200e
2a00:1450:4001:827::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200a
67.199.248.11
78.46.39.10
99.80.82.152
0995371a359a4a701d66f8b183de6144de9a042e5bac84b6f920968f51567742
0c5e1da94a728c7a8cc4363b44d961c94459111d362eef8cf7895a9c6234d17c
10a0b293d1d46ce9853549ea0dbecb22208e19c9a78ac6a024e7b2642a657e82
10e231d670dd23dbbc9e0824e99346477a799a361c755389654ca2ff2aeed499
1bc862106a89125873c1179475083d2239df40c664194a7836eda55772df4b29
2dff0ec7d7554ff9f7ac85f1ef06e72cc35303e38efe7ecfcd367934994b39fd
2e2cb35b225b00b29815f8c4421a93675b1facf9dfc6e13946eea0a0d7c87e7e
4dfa8b3a221640b3b9812566bd786a67205324cda862e3d8c894cbc82cb1050f
52349a117a877fa0a239f47c6b168e1839c66613f50a137a52301c3f359d6ce9
539dee077bf187481bad9b2b3ed2eec7f223b11f4a76c63d4a714f302937f613
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5766bc002202c6433a4a2a0543595123f896a67d69d1704ac30fd0b9fe2037dc
7cac64d21e8e5ac16459f4ce50b0e9aae0e251148ad03599c652c3f5db49110f
862ff1d106543733cc93819a967749836786c458895cd895e5598ebb1f758983
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b6a55ad8c9ba4ea17bc4aa040ef549e4095631888ce6e907db9808bafba65dc1
c46571ae07f08cf72861c906044dc9bff58fe2ea18a46fe8ada32f8237c977f8
ef1e0dd51f3f096cf987111dd9bfc40b1229fc5e18f68ee646b820fb3d363e6e
efff98a3721641d17bb9ffd57a411430956d49f407e645a856f13a2906cbbf44
f4c98d175ae6a74344ddf7312b338660e9f217cf410762f469e389b5a6adf10b
fe1257b5c39a8a62a91b85bbf01b9826411e8e9f77c5895a742670cf0d466240