urlscan.io logo urlscan.io
SecurityTrails logo

covdemo.tiani-spirit.com Open in urlscan Pro
217.175.200.177  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://demo.covidstayfree.at/
Effective URL: https://covdemo.tiani-spirit.com/auth/realms/StayFree/login-actions/authenticate?client_id=urn%3Atiani-spirit%3Asts&tab_id=pHVQTY...
Submission: On October 22 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 30 HTTP transactions. The main IP is 217.175.200.177, located in Austria and belongs to NEXTLAYER-AS, AT. The main domain is covdemo.tiani-spirit.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 27th 2019. Valid for: 2 years.
This is the only time covdemo.tiani-spirit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 32 217.175.200.177 1764 (NEXTLAYER-AS)
30 1
Apex Domain
Subdomains		 Transfer
31 tiani-spirit.com
covdemo.tiani-spirit.com
3 MB
1 covidstayfree.at
demo.covidstayfree.at
118 B
30 2
Domain Requested by
31 covdemo.tiani-spirit.com 1 redirects covdemo.tiani-spirit.com
1 demo.covidstayfree.at 1 redirects
30 2

This site contains links to these domains. Also see Links.

Domain
covdemo.spirit.int
Subject Issuer Validity Valid
*.tiani-spirit.com
Sectigo RSA Domain Validation Secure Server CA		 2019-04-27 -
2021-04-26		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://covdemo.tiani-spirit.com/auth/realms/StayFree/login-actions/authenticate?client_id=urn%3Atiani-spirit%3Asts&tab_id=pHVQTYeqmwQ
Frame ID: 6F346DF1207C174797C755DE55471D2B
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://demo.covidstayfree.at/ HTTP 301
    https://covdemo.tiani-spirit.com/SpiritPatientPortal/ Page URL
  2. https://covdemo.tiani-spirit.com/auth/realms/StayFree/protocol/saml HTTP 302
    https://covdemo.tiani-spirit.com/auth/realms/StayFree/login-actions/authenticate?client_id=urn%3Atiani-spirit... Page URL

Page Statistics

30
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

3137 kB
Transfer

3330 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://demo.covidstayfree.at/ HTTP 301
    https://covdemo.tiani-spirit.com/SpiritPatientPortal/ Page URL
  2. https://covdemo.tiani-spirit.com/auth/realms/StayFree/protocol/saml HTTP 302
    https://covdemo.tiani-spirit.com/auth/realms/StayFree/login-actions/authenticate?client_id=urn%3Atiani-spirit%3Asts&tab_id=pHVQTYeqmwQ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://demo.covidstayfree.at/ HTTP 301
  • https://covdemo.tiani-spirit.com/SpiritPatientPortal/

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
covdemo.tiani-spirit.com/SpiritPatientPortal/
Redirect Chain
  • https://demo.covidstayfree.at/
  • https://covdemo.tiani-spirit.com/SpiritPatientPortal/
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://covdemo.tiani-spirit.com/SpiritPatientPortal/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.200.177 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
stat-217-194-200.customers.nextlayer.at
Software
WildFly/10 / Undertow/1
Resource Hash
b5f1dbf711f6c77606791df8fdcbb3d935ebab2100ff93f2f1886191c1575632
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Host
covdemo.tiani-spirit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

last-modified
Wed, 14 Oct 2020 13:37:48 GMT
x-powered-by
Undertow/1
server
WildFly/10
content-type
text/html
content-length
2850
accept-ranges
bytes
date
Thu, 22 Oct 2020 09:04:37 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-frame-options
SAMEORIGIN
x-xss-protection
1;mode=block
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
referrer-policy
no-referrer-when-downgrade

Redirect headers

content-length
0
location
https://covdemo.tiani-spirit.com/SpiritPatientPortal/
loadingPage.css
covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/webresource/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/webresource/css/loadingPage.css
Requested by
Host: covdemo.tiani-spirit.com
URL: https://covdemo.tiani-spirit.com/SpiritPatientPortal/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.200.177 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
stat-217-194-200.customers.nextlayer.at
Software
/
Resource Hash
281f6bb84e69bb44f1cd00d95166725d6a0d37df109dfe3bb49aaba4f6bce709
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://covdemo.tiani-spirit.com/SpiritPatientPortal/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:04:37 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 18 Nov 2019 14:14:23 GMT
etag
loadingPage.css_1585_1574086463000
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
content-disposition
inline;filename="loadingPage.css"
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
strict-transport-security
max-age=31536000;includeSubDomains;preload
accept-ranges
bytes
content-length
555
x-xss-protection
1;mode=block
expires
Thu, 22 Oct 2020 09:04:37 GMT
PatientPortal.nocache.js
covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/PatientPortal.nocache.js
Requested by
Host: covdemo.tiani-spirit.com
URL: https://covdemo.tiani-spirit.com/SpiritPatientPortal/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.200.177 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
stat-217-194-200.customers.nextlayer.at
Software
WildFly/10 / Undertow/1
Resource Hash
fb113656ad8bf6785173beda045f59b3c9d8d90ab2c24bd76c2fdefb47f858e0
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://covdemo.tiani-spirit.com/SpiritPatientPortal/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Oct 2020 09:04:37 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Oct 2020 18:12:58 GMT
server
WildFly/10
x-powered-by
Undertow/1
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
strict-transport-security
max-age=31536000;includeSubDomains;preload
accept-ranges
bytes
content-length
8112
x-xss-protection
1;mode=block
expires
Wed, 21 Oct 2020 09:04:37 GMT
logoLoading.svg
covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/webresource/images/loading/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/webresource/images/loading/logoLoading.svg
Requested by
Host: covdemo.tiani-spirit.com
URL: https://covdemo.tiani-spirit.com/SpiritPatientPortal/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.200.177 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
stat-217-194-200.customers.nextlayer.at
Software
/
Resource Hash
7190fbd6d0b8ef9a8c44ab83641d9e23f6b9b3b74f03c9c44a445ad7f1ea0a6a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://covdemo.tiani-spirit.com/SpiritPatientPortal/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:04:37 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 21 Oct 2020 16:54:19 GMT
etag
logoLoading.svg_11719_1603299259000
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
content-disposition
inline;filename="logoLoading.svg"
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
strict-transport-security
max-age=31536000;includeSubDomains;preload
accept-ranges
bytes
content-length
11719
x-xss-protection
1;mode=block
expires
Thu, 22 Oct 2020 09:04:37 GMT
animation.css
covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/css/ 		71 KB
72 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/css/animation.css
Requested by
Host: covdemo.tiani-spirit.com
URL: https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/PatientPortal.nocache.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.200.177 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
stat-217-194-200.customers.nextlayer.at
Software
WildFly/10 / Undertow/1
Resource Hash
c9e196ddb57dac085c71058d1bb5573e088422b7bf4e82e27957d89b10e866c6
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://covdemo.tiani-spirit.com/SpiritPatientPortal/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:04:37 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 06 Aug 2018 08:47:38 GMT
server
WildFly/10
x-powered-by
Undertow/1
x-frame-options
SAMEORIGIN
content-type
text/css
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
strict-transport-security
max-age=31536000;includeSubDomains;preload
accept-ranges
bytes
content-length
73176
x-xss-protection
1;mode=block
material-icons.css
covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/css/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/css/material-icons.css
Requested by
Host: covdemo.tiani-spirit.com
URL: https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/PatientPortal.nocache.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.200.177 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
stat-217-194-200.customers.nextlayer.at
Software
WildFly/10 / Undertow/1
Resource Hash
d2aa39981011933c6697e1839bfa77b7dc367bffa1be90c00ebd1e07f0bda406
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://covdemo.tiani-spirit.com/SpiritPatientPortal/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:04:37 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 06 Aug 2018 08:47:38 GMT
server
WildFly/10
x-powered-by
Undertow/1
x-frame-options
SAMEORIGIN
content-type
text/css
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
strict-transport-security
max-age=31536000;includeSubDomains;preload
accept-ranges
bytes
content-length
1243
x-xss-protection
1;mode=block
materialize.min.css
covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/css/ 		145 KB
146 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/css/materialize.min.css
Requested by
Host: covdemo.tiani-spirit.com
URL: https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/PatientPortal.nocache.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.200.177 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
stat-217-194-200.customers.nextlayer.at
Software
WildFly/10 / Undertow/1
Resource Hash
1a0cb15e675a210f935bdb8230c098caa553c0a15aeb2a499ed7334d4cdf422f
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://covdemo.tiani-spirit.com/SpiritPatientPortal/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:04:37 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 14 Oct 2020 13:36:54 GMT
server
WildFly/10
x-powered-by
Undertow/1
x-frame-options
SAMEORIGIN
content-type
text/css
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
strict-transport-security
max-age=31536000;includeSubDomains;preload
accept-ranges
bytes
content-length
148889
x-xss-protection
1;mode=block
overridecss.css
covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/css/ 		28 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/css/overridecss.css
Requested by
Host: covdemo.tiani-spirit.com
URL: https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/PatientPortal.nocache.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.200.177 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
stat-217-194-200.customers.nextlayer.at
Software
WildFly/10 / Undertow/1
Resource Hash
7507e4a07df04517a248c8bd4f59fa7af952b422b741b2f6c388fe8a5c395e36
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://covdemo.tiani-spirit.com/SpiritPatientPortal/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:04:37 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 14 Oct 2020 13:36:54 GMT
server
WildFly/10
x-powered-by
Undertow/1
x-frame-options
SAMEORIGIN
content-type
text/css
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
strict-transport-security
max-age=31536000;includeSubDomains;preload
accept-ranges
bytes
content-length
28641
x-xss-protection
1;mode=block
PatientDetail.css
covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/ 		904 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/PatientDetail.css
Requested by
Host: covdemo.tiani-spirit.com
URL: https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/PatientPortal.nocache.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.200.177 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
stat-217-194-200.customers.nextlayer.at
Software
WildFly/10 / Undertow/1
Resource Hash
abe51d0e6cd5207116264aedaa82360e93765e0b235772e9b329f1e95f34ef10
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://covdemo.tiani-spirit.com/SpiritPatientPortal/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:04:37 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 14 Oct 2020 13:36:44 GMT
server
WildFly/10
x-powered-by
Undertow/1
x-frame-options
SAMEORIGIN
content-type
text/css
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
strict-transport-security
max-age=31536000;includeSubDomains;preload
accept-ranges
bytes
content-length
904
x-xss-protection
1;mode=block
DocumentSearch.css
covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/ 		7 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/DocumentSearch.css
Requested by
Host: covdemo.tiani-spirit.com
URL: https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/PatientPortal.nocache.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.200.177 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
stat-217-194-200.customers.nextlayer.at
Software
WildFly/10 / Undertow/1
Resource Hash
7eadbd83d586c5e420ce02f1bfbb501e2ef6b0031dc6ab495b5482032288544b
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://covdemo.tiani-spirit.com/SpiritPatientPortal/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:04:37 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 14 Oct 2020 13:37:12 GMT
server
WildFly/10
x-powered-by
Undertow/1
x-frame-options
SAMEORIGIN
content-type
text/css
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
strict-transport-security
max-age=31536000;includeSubDomains;preload
accept-ranges
bytes
content-length
7444
x-xss-protection
1;mode=block
DocumentSubmit.css
covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/ 		7 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/DocumentSubmit.css
Requested by
Host: covdemo.tiani-spirit.com
URL: https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/PatientPortal.nocache.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.200.177 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
stat-217-194-200.customers.nextlayer.at
Software
WildFly/10 / Undertow/1
Resource Hash
7eadbd83d586c5e420ce02f1bfbb501e2ef6b0031dc6ab495b5482032288544b
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://covdemo.tiani-spirit.com/SpiritPatientPortal/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:04:37 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 14 Oct 2020 13:36:46 GMT
server
WildFly/10
x-powered-by
Undertow/1
x-frame-options
SAMEORIGIN
content-type
text/css
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
strict-transport-security
max-age=31536000;includeSubDomains;preload
accept-ranges
bytes
content-length
7444
x-xss-protection
1;mode=block
materialize.css
covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/webresource/css/ 		186 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/webresource/css/materialize.css
Requested by
Host: covdemo.tiani-spirit.com
URL: https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/PatientPortal.nocache.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.200.177 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
stat-217-194-200.customers.nextlayer.at
Software
/
Resource Hash
0b787e4d8549b537592029585f3da64bf33c424b7577e9ddaee1b15c57d502e9
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://covdemo.tiani-spirit.com/SpiritPatientPortal/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:04:37 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 21 Oct 2020 15:09:56 GMT
etag
materialize.css_190913_1603292996000
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
content-disposition
inline;filename="materialize.css"
connection
close
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
strict-transport-security
max-age=31536000;includeSubDomains;preload
accept-ranges
bytes
x-xss-protection
1;mode=block
expires
Thu, 22 Oct 2020 09:04:37 GMT
overridecss.css
covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/webresource/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/webresource/css/overridecss.css
Requested by
Host: covdemo.tiani-spirit.com
URL: https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/PatientPortal.nocache.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.200.177 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
stat-217-194-200.customers.nextlayer.at
Software
/
Resource Hash
e18ae2ba9e6b4c90f91fe98d1f741fa7183a779a203ae938527495e657c80e14
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://covdemo.tiani-spirit.com/SpiritPatientPortal/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:04:37 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Feb 2020 13:53:21 GMT
etag
overridecss.css_3015_1580910801000
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
content-disposition
inline;filename="overridecss.css"
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
strict-transport-security
max-age=31536000;includeSubDomains;preload
accept-ranges
bytes
content-length
866
x-xss-protection
1;mode=block
expires
Thu, 22 Oct 2020 09:04:37 GMT
overridecss_theme.css
covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/webresource/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/webresource/css/overridecss_theme.css
Requested by
Host: covdemo.tiani-spirit.com
URL: https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/PatientPortal.nocache.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.200.177 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
stat-217-194-200.customers.nextlayer.at
Software
/
Resource Hash
af925599be8f7f1ae0d65fb1d59314d0d2a50d5a8b8dd0751fb278622732ed5f
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://covdemo.tiani-spirit.com/SpiritPatientPortal/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:04:37 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 21 Oct 2020 15:15:17 GMT
etag
overridecss_theme.css_6751_1603293317000
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
content-disposition
inline;filename="overridecss_theme.css"
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
strict-transport-security
max-age=31536000;includeSubDomains;preload
accept-ranges
bytes
content-length
1533
x-xss-protection
1;mode=block
expires
Thu, 22 Oct 2020 09:04:37 GMT
706D6FCBFF45A4A10D41964CD38B7542.cache.js
covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/ 		889 KB
889 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/706D6FCBFF45A4A10D41964CD38B7542.cache.js
Requested by
Host: covdemo.tiani-spirit.com
URL: https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/PatientPortal.nocache.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.200.177 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
stat-217-194-200.customers.nextlayer.at
Software
WildFly/10 / Undertow/1
Resource Hash
b1144081595b7f0a6884f78b734c3dca781c9a8fc5964c1c364edeb1933fefa1
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://covdemo.tiani-spirit.com/SpiritPatientPortal/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:04:37 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Oct 2020 18:12:58 GMT
server
WildFly/10
x-powered-by
Undertow/1
x-frame-options
SAMEORIGIN
content-type
application/javascript
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
strict-transport-security
max-age=31536000;includeSubDomains;preload
accept-ranges
bytes
content-length
909962
x-xss-protection
1;mode=block
Roboto-Regular.woff2
covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/font/roboto/ 		48 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/font/roboto/Roboto-Regular.woff2
Requested by
Host: covdemo.tiani-spirit.com
URL: https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/css/materialize.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.200.177 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
stat-217-194-200.customers.nextlayer.at
Software
WildFly/10 / Undertow/1
Resource Hash
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Origin
https://covdemo.tiani-spirit.com
Referer
https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/css/materialize.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:04:37 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 06 Aug 2018 08:47:38 GMT
server
WildFly/10
x-powered-by
Undertow/1
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
strict-transport-security
max-age=31536000;includeSubDomains;preload
accept-ranges
bytes
content-length
49236
x-xss-protection
1;mode=block
LanguageLoaderService
covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/ 		58 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/LanguageLoaderService
Requested by
Host:
URL: PatientPortal-0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.200.177 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
stat-217-194-200.customers.nextlayer.at
Software
WildFly/10 / Undertow/1
Resource Hash
545fcaf637b1deac9a9fc83ef428bfcce75764e2b67f8effbc10366bd4ecd7dd
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

X-GWT-Module-Base
https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/
X-GWT-Permutation
706D6FCBFF45A4A10D41964CD38B7542
Referer
https://covdemo.tiani-spirit.com/SpiritPatientPortal/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Thu, 22 Oct 2020 09:04:38 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
server
WildFly/10
x-powered-by
Undertow/1
x-frame-options
SAMEORIGIN
content-type
application/json;charset=utf-8
content-disposition
attachment
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
strict-transport-security
max-age=31536000;includeSubDomains;preload
content-length
16230
x-xss-protection
1;mode=block
EhrRS_SpiritGwtApplicationConfig
covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/EhrRS_SpiritGwtApplicationConfig
Requested by
Host:
URL: PatientPortal-0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.200.177 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
stat-217-194-200.customers.nextlayer.at
Software
WildFly/10 / Undertow/1
Resource Hash
3a6feeacb44863b17572ac2c84aac97c6b5c0c788d39aab5fceea7154d2be751
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

X-GWT-Module-Base
https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/
X-GWT-Permutation
706D6FCBFF45A4A10D41964CD38B7542
Referer
https://covdemo.tiani-spirit.com/SpiritPatientPortal/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Thu, 22 Oct 2020 09:04:38 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
server
WildFly/10
x-powered-by
Undertow/1
x-frame-options
SAMEORIGIN
content-type
application/json;charset=utf-8
content-disposition
attachment
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
strict-transport-security
max-age=31536000;includeSubDomains;preload
content-length
862
x-xss-protection
1;mode=block
EhrRS_SamlAssertionLogin
covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/EhrRS_SamlAssertionLogin
Requested by
Host:
URL: PatientPortal-0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.200.177 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
stat-217-194-200.customers.nextlayer.at
Software
WildFly/10 / Undertow/1
Resource Hash
f83a23da419fad190d26bf50a9ca222a6c61d3d8a42bd6d9ee925fcae8d4e761
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

X-GWT-Module-Base
https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/
X-GWT-Permutation
706D6FCBFF45A4A10D41964CD38B7542
Referer
https://covdemo.tiani-spirit.com/SpiritPatientPortal/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Thu, 22 Oct 2020 09:04:38 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
server
WildFly/10
x-powered-by
Undertow/1
x-frame-options
SAMEORIGIN
content-type
application/json;charset=utf-8
content-disposition
attachment
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
strict-transport-security
max-age=31536000;includeSubDomains;preload
content-length
1293
x-xss-protection
1;mode=block
EhrRS_SamlAssertionLogin
covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/ 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/EhrRS_SamlAssertionLogin
Requested by
Host:
URL: PatientPortal-0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.200.177 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
stat-217-194-200.customers.nextlayer.at
Software
WildFly/10 / Undertow/1
Resource Hash
f7d0ed8e998431e7dabe978de8454d0443d616a67dc2e0f95c8c1d7670918083
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

X-GWT-Module-Base
https://covdemo.tiani-spirit.com/SpiritPatientPortal/PatientPortal/
X-GWT-Permutation
706D6FCBFF45A4A10D41964CD38B7542
Referer
https://covdemo.tiani-spirit.com/SpiritPatientPortal/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Thu, 22 Oct 2020 09:04:38 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
server
WildFly/10
x-powered-by
Undertow/1
x-frame-options
SAMEORIGIN
content-type
application/json;charset=utf-8
content-disposition
attachment
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
strict-transport-security
max-age=31536000;includeSubDomains;preload
content-length
3156
x-xss-protection
1;mode=block
Primary Request authenticate
covdemo.tiani-spirit.com/auth/realms/StayFree/login-actions/
Redirect Chain
  • https://covdemo.tiani-spirit.com/auth/realms/StayFree/protocol/saml
  • https://covdemo.tiani-spirit.com/auth/realms/StayFree/login-actions/authenticate?client_id=urn%3Atiani-spirit%3Asts&tab_id=pHVQTYeqmwQ
5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://covdemo.tiani-spirit.com/auth/realms/StayFree/login-actions/authenticate?client_id=urn%3Atiani-spirit%3Asts&tab_id=pHVQTYeqmwQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.200.177 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
stat-217-194-200.customers.nextlayer.at
Software
/
Resource Hash
3e391a365fd9082bc6591add40add9c502c60cabff42c7ec8060f90bde476600
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Host
covdemo.tiani-spirit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://covdemo.tiani-spirit.com/SpiritPatientPortal/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
AUTH_SESSION_ID=4f90c681-2ebf-4820-8778-cd89661b0db5.keycloak; KC_RESTART=eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJlOGJmN2UzYS1jNDViLTRiY2UtODJmMS0wYjQ2NGZjMzNjMzcifQ.eyJjaWQiOiJ1cm46dGlhbmktc3Bpcml0OnN0cyIsInB0eSI6InNhbWwiLCJydXJpIjoiaHR0cHM6Ly9jb3ZkZW1vLnRpYW5pLXNwaXJpdC5jb20vU3Bpcml0UGF0aWVudFBvcnRhbC9TYW1sUmVjZWl2ZXIiLCJhY3QiOiJBVVRIRU5USUNBVEUiLCJub3RlcyI6eyJTQU1MX1JFUVVFU1RfSUQiOiJhMjc2MWNmZC1lY2E5LTQ5OTMtYjVlNS05ZTM2NmIzMDQ3NGIiLCJzYW1sX2JpbmRpbmciOiJwb3N0In19.P3QpkZNyTuvD9bTfpMmKGzlXNVS1uxR57wks_OWB8IY
Upgrade-Insecure-Requests
1
Origin
https://covdemo.tiani-spirit.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://covdemo.tiani-spirit.com/SpiritPatientPortal/

Response headers

cache-control
no-store, must-revalidate, max-age=0
date
Thu, 22 Oct 2020 09:04:38 GMT
x-robots-tag
none
x-content-type-options
nosniff
content-type
text/html;charset=utf-8
content-length
4987
content-language
en
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-frame-options
SAMEORIGIN
x-xss-protection
1;mode=block
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
referrer-policy
no-referrer-when-downgrade

Redirect headers

set-cookie
AUTH_SESSION_ID=4f90c681-2ebf-4820-8778-cd89661b0db5.keycloak; Version=1; Path=/auth/realms/StayFree/; Secure; HttpOnly KC_RESTART=eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJlOGJmN2UzYS1jNDViLTRiY2UtODJmMS0wYjQ2NGZjMzNjMzcifQ.eyJjaWQiOiJ1cm46dGlhbmktc3Bpcml0OnN0cyIsInB0eSI6InNhbWwiLCJydXJpIjoiaHR0cHM6Ly9jb3ZkZW1vLnRpYW5pLXNwaXJpdC5jb20vU3Bpcml0UGF0aWVudFBvcnRhbC9TYW1sUmVjZWl2ZXIiLCJhY3QiOiJBVVRIRU5USUNBVEUiLCJub3RlcyI6eyJTQU1MX1JFUVVFU1RfSUQiOiJhMjc2MWNmZC1lY2E5LTQ5OTMtYjVlNS05ZTM2NmIzMDQ3NGIiLCJzYW1sX2JpbmRpbmciOiJwb3N0In19.P3QpkZNyTuvD9bTfpMmKGzlXNVS1uxR57wks_OWB8IY; Version=1; Path=/auth/realms/StayFree/; Secure; HttpOnly
location
https://covdemo.tiani-spirit.com/auth/realms/StayFree/login-actions/authenticate?client_id=urn%3Atiani-spirit%3Asts&tab_id=pHVQTYeqmwQ
content-length
0
date
Thu, 22 Oct 2020 09:04:38 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-frame-options
SAMEORIGIN
x-xss-protection
1;mode=block
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
referrer-policy
no-referrer-when-downgrade
patternfly.css
covdemo.tiani-spirit.com/auth/resources/6.0.1/login/StayFree/node_modules/patternfly/dist/css/ 		214 KB
215 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://covdemo.tiani-spirit.com/auth/resources/6.0.1/login/StayFree/node_modules/patternfly/dist/css/patternfly.css
Requested by
Host: covdemo.tiani-spirit.com
URL: https://covdemo.tiani-spirit.com/auth/realms/StayFree/login-actions/authenticate?client_id=urn%3Atiani-spirit%3Asts&tab_id=pHVQTYeqmwQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.200.177 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
stat-217-194-200.customers.nextlayer.at
Software
/
Resource Hash
0a40b3b2ff66e275054bcb357b43c2fa33c6874dfc251536ffc9b73aba441bb4
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://covdemo.tiani-spirit.com/auth/realms/StayFree/login-actions/authenticate?client_id=urn%3Atiani-spirit%3Asts&tab_id=pHVQTYeqmwQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:04:38 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
referrer-policy
no-referrer-when-downgrade
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
cache-control
max-age=2592000
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
connection
close
x-xss-protection
1;mode=block
patternfly-additions.css
covdemo.tiani-spirit.com/auth/resources/6.0.1/login/StayFree/node_modules/patternfly/dist/css/ 		228 KB
229 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://covdemo.tiani-spirit.com/auth/resources/6.0.1/login/StayFree/node_modules/patternfly/dist/css/patternfly-additions.css
Requested by
Host: covdemo.tiani-spirit.com
URL: https://covdemo.tiani-spirit.com/auth/realms/StayFree/login-actions/authenticate?client_id=urn%3Atiani-spirit%3Asts&tab_id=pHVQTYeqmwQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.200.177 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
stat-217-194-200.customers.nextlayer.at
Software
/
Resource Hash
7e77fcc753baca61311f1708f06c79d8af592f5a2e3c80dc014e36c292c1e954
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://covdemo.tiani-spirit.com/auth/realms/StayFree/login-actions/authenticate?client_id=urn%3Atiani-spirit%3Asts&tab_id=pHVQTYeqmwQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:04:38 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
referrer-policy
no-referrer-when-downgrade
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
cache-control
max-age=2592000
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
connection
close
x-xss-protection
1;mode=block
zocial.css
covdemo.tiani-spirit.com/auth/resources/6.0.1/login/StayFree/lib/zocial/ 		43 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://covdemo.tiani-spirit.com/auth/resources/6.0.1/login/StayFree/lib/zocial/zocial.css
Requested by
Host: covdemo.tiani-spirit.com
URL: https://covdemo.tiani-spirit.com/auth/realms/StayFree/login-actions/authenticate?client_id=urn%3Atiani-spirit%3Asts&tab_id=pHVQTYeqmwQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.200.177 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
stat-217-194-200.customers.nextlayer.at
Software
/
Resource Hash
bae41ff593e0cfd5d25ce72edf6731524c8eb91c21e4757ce725e01dafceddb5
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://covdemo.tiani-spirit.com/auth/realms/StayFree/login-actions/authenticate?client_id=urn%3Atiani-spirit%3Asts&tab_id=pHVQTYeqmwQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:04:38 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
referrer-policy
no-referrer-when-downgrade
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
cache-control
max-age=2592000
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
connection
close
x-xss-protection
1;mode=block
login.css
covdemo.tiani-spirit.com/auth/resources/6.0.1/login/StayFree/css/ 		8 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://covdemo.tiani-spirit.com/auth/resources/6.0.1/login/StayFree/css/login.css
Requested by
Host: covdemo.tiani-spirit.com
URL: https://covdemo.tiani-spirit.com/auth/realms/StayFree/login-actions/authenticate?client_id=urn%3Atiani-spirit%3Asts&tab_id=pHVQTYeqmwQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.200.177 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
stat-217-194-200.customers.nextlayer.at
Software
/
Resource Hash
f82d6dda801d168a8dfb0316b87b92d0db2d1f3a7380917462f458e52ddc81c6
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://covdemo.tiani-spirit.com/auth/realms/StayFree/login-actions/authenticate?client_id=urn%3Atiani-spirit%3Asts&tab_id=pHVQTYeqmwQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
referrer-policy
no-referrer-when-downgrade
date
Thu, 22 Oct 2020 09:04:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
cache-control
max-age=2592000
strict-transport-security
max-age=31536000;includeSubDomains;preload
content-length
8610
x-xss-protection
1;mode=block
covid-19-4975604_1280.png
covdemo.tiani-spirit.com/auth/resources/6.0.1/login/StayFree/img/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://covdemo.tiani-spirit.com/auth/resources/6.0.1/login/StayFree/img/covid-19-4975604_1280.png
Requested by
Host: covdemo.tiani-spirit.com
URL: https://covdemo.tiani-spirit.com/auth/resources/6.0.1/login/StayFree/css/login.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.200.177 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
stat-217-194-200.customers.nextlayer.at
Software
/
Resource Hash
460dcba8b78a53daa6ad827ef9cbfbf49dd01318b72a6e7d012114f9c760e8fe
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://covdemo.tiani-spirit.com/auth/resources/6.0.1/login/StayFree/css/login.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:04:38 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
referrer-policy
no-referrer-when-downgrade
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=2592000
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
connection
close
x-xss-protection
1;mode=block
covidstayfree.jpg
covdemo.tiani-spirit.com/auth/resources/6.0.1/login/StayFree/img/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://covdemo.tiani-spirit.com/auth/resources/6.0.1/login/StayFree/img/covidstayfree.jpg
Requested by
Host: covdemo.tiani-spirit.com
URL: https://covdemo.tiani-spirit.com/auth/resources/6.0.1/login/StayFree/css/login.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.200.177 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
stat-217-194-200.customers.nextlayer.at
Software
/
Resource Hash
727b81162018bb45476c42a3427a692fe953e274b0130d9a6f84959a83c05e45
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://covdemo.tiani-spirit.com/auth/resources/6.0.1/login/StayFree/css/login.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:04:38 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
referrer-policy
no-referrer-when-downgrade
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=2592000
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
connection
close
x-xss-protection
1;mode=block
OpenSans-Regular-webfont.woff2
covdemo.tiani-spirit.com/auth/resources/6.0.1/login/StayFree/node_modules/patternfly/dist/fonts/ 		61 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://covdemo.tiani-spirit.com/auth/resources/6.0.1/login/StayFree/node_modules/patternfly/dist/fonts/OpenSans-Regular-webfont.woff2
Requested by
Host: covdemo.tiani-spirit.com
URL: https://covdemo.tiani-spirit.com/auth/resources/6.0.1/login/StayFree/node_modules/patternfly/dist/css/patternfly.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.200.177 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
stat-217-194-200.customers.nextlayer.at
Software
/
Resource Hash
3cfb28778895d6adca324710b2000c6e15ef5a7b88d461f39b29ff6fb877b778
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Origin
https://covdemo.tiani-spirit.com
Referer
https://covdemo.tiani-spirit.com/auth/resources/6.0.1/login/StayFree/node_modules/patternfly/dist/css/patternfly.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:04:38 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
referrer-policy
no-referrer-when-downgrade
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
cache-control
max-age=2592000
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
connection
close
x-xss-protection
1;mode=block
OpenSans-Semibold-webfont.woff2
covdemo.tiani-spirit.com/auth/resources/6.0.1/login/StayFree/node_modules/patternfly/dist/fonts/ 		62 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://covdemo.tiani-spirit.com/auth/resources/6.0.1/login/StayFree/node_modules/patternfly/dist/fonts/OpenSans-Semibold-webfont.woff2
Requested by
Host: covdemo.tiani-spirit.com
URL: https://covdemo.tiani-spirit.com/auth/resources/6.0.1/login/StayFree/node_modules/patternfly/dist/css/patternfly.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.200.177 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
stat-217-194-200.customers.nextlayer.at
Software
/
Resource Hash
dabab8829a3f91d63ed1f8430d439c5dad1d35aca216e69cd842b58d2dac4f9c
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Origin
https://covdemo.tiani-spirit.com
Referer
https://covdemo.tiani-spirit.com/auth/resources/6.0.1/login/StayFree/node_modules/patternfly/dist/css/patternfly.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:04:38 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
referrer-policy
no-referrer-when-downgrade
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
cache-control
max-age=2592000
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
connection
close
x-xss-protection
1;mode=block
OpenSans-Light-webfont.woff2
covdemo.tiani-spirit.com/auth/resources/6.0.1/login/StayFree/node_modules/patternfly/dist/fonts/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://covdemo.tiani-spirit.com/auth/resources/6.0.1/login/StayFree/node_modules/patternfly/dist/fonts/OpenSans-Light-webfont.woff2
Requested by
Host: covdemo.tiani-spirit.com
URL: https://covdemo.tiani-spirit.com/auth/resources/6.0.1/login/StayFree/node_modules/patternfly/dist/css/patternfly.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.175.200.177 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
stat-217-194-200.customers.nextlayer.at
Software
/
Resource Hash
19edd2b018063320559188548b225aa63914bbc90fb756bc26872db1669e89f0
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Origin
https://covdemo.tiani-spirit.com
Referer
https://covdemo.tiani-spirit.com/auth/resources/6.0.1/login/StayFree/node_modules/patternfly/dist/css/patternfly.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:04:38 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
referrer-policy
no-referrer-when-downgrade
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
cache-control
max-age=2592000
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
connection
close
x-xss-protection
1;mode=block

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes

2 Cookies

Domain/Path Name / Value
covdemo.tiani-spirit.com/auth/realms/StayFree/ Name: KC_RESTART
Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJlOGJmN2UzYS1jNDViLTRiY2UtODJmMS0wYjQ2NGZjMzNjMzcifQ.eyJjaWQiOiJ1cm46dGlhbmktc3Bpcml0OnN0cyIsInB0eSI6InNhbWwiLCJydXJpIjoiaHR0cHM6Ly9jb3ZkZW1vLnRpYW5pLXNwaXJpdC5jb20vU3Bpcml0UGF0aWVudFBvcnRhbC9TYW1sUmVjZWl2ZXIiLCJhY3QiOiJBVVRIRU5USUNBVEUiLCJub3RlcyI6eyJTQU1MX1JFUVVFU1RfSUQiOiJhMjc2MWNmZC1lY2E5LTQ5OTMtYjVlNS05ZTM2NmIzMDQ3NGIiLCJzYW1sX2JpbmRpbmciOiJwb3N0In19.P3QpkZNyTuvD9bTfpMmKGzlXNVS1uxR57wks_OWB8IY
covdemo.tiani-spirit.com/auth/realms/StayFree/ Name: AUTH_SESSION_ID
Value: 4f90c681-2ebf-4820-8778-cd89661b0db5.keycloak

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://covdemo.tiani-spirit.com; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

covdemo.tiani-spirit.com
demo.covidstayfree.at
217.175.200.177
0a40b3b2ff66e275054bcb357b43c2fa33c6874dfc251536ffc9b73aba441bb4
0b787e4d8549b537592029585f3da64bf33c424b7577e9ddaee1b15c57d502e9
19edd2b018063320559188548b225aa63914bbc90fb756bc26872db1669e89f0
1a0cb15e675a210f935bdb8230c098caa553c0a15aeb2a499ed7334d4cdf422f
281f6bb84e69bb44f1cd00d95166725d6a0d37df109dfe3bb49aaba4f6bce709
3a6feeacb44863b17572ac2c84aac97c6b5c0c788d39aab5fceea7154d2be751
3cfb28778895d6adca324710b2000c6e15ef5a7b88d461f39b29ff6fb877b778
3e391a365fd9082bc6591add40add9c502c60cabff42c7ec8060f90bde476600
460dcba8b78a53daa6ad827ef9cbfbf49dd01318b72a6e7d012114f9c760e8fe
545fcaf637b1deac9a9fc83ef428bfcce75764e2b67f8effbc10366bd4ecd7dd
7190fbd6d0b8ef9a8c44ab83641d9e23f6b9b3b74f03c9c44a445ad7f1ea0a6a
727b81162018bb45476c42a3427a692fe953e274b0130d9a6f84959a83c05e45
7507e4a07df04517a248c8bd4f59fa7af952b422b741b2f6c388fe8a5c395e36
7e77fcc753baca61311f1708f06c79d8af592f5a2e3c80dc014e36c292c1e954
7eadbd83d586c5e420ce02f1bfbb501e2ef6b0031dc6ab495b5482032288544b
abe51d0e6cd5207116264aedaa82360e93765e0b235772e9b329f1e95f34ef10
af925599be8f7f1ae0d65fb1d59314d0d2a50d5a8b8dd0751fb278622732ed5f
b1144081595b7f0a6884f78b734c3dca781c9a8fc5964c1c364edeb1933fefa1
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
b5f1dbf711f6c77606791df8fdcbb3d935ebab2100ff93f2f1886191c1575632
bae41ff593e0cfd5d25ce72edf6731524c8eb91c21e4757ce725e01dafceddb5
c9e196ddb57dac085c71058d1bb5573e088422b7bf4e82e27957d89b10e866c6
d2aa39981011933c6697e1839bfa77b7dc367bffa1be90c00ebd1e07f0bda406
dabab8829a3f91d63ed1f8430d439c5dad1d35aca216e69cd842b58d2dac4f9c
e18ae2ba9e6b4c90f91fe98d1f741fa7183a779a203ae938527495e657c80e14
f7d0ed8e998431e7dabe978de8454d0443d616a67dc2e0f95c8c1d7670918083
f82d6dda801d168a8dfb0316b87b92d0db2d1f3a7380917462f458e52ddc81c6
f83a23da419fad190d26bf50a9ca222a6c61d3d8a42bd6d9ee925fcae8d4e761
fb113656ad8bf6785173beda045f59b3c9d8d90ab2c24bd76c2fdefb47f858e0