urlscan.io logo urlscan.io
SecurityTrails logo

www.apss.tn.it Open in urlscan Pro
99.80.82.152  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/2UyQTJQ)
Effective URL: https://www.apss.tn.it/documents/10180/0/Scheda+Triage+Covid+A5
Submission: On June 20 via manual from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 18 HTTP transactions. The main IP is 99.80.82.152, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.apss.tn.it.
TLS certificate: Issued by R3 on May 14th 2022. Valid for: 3 months.
This is the only time www.apss.tn.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-CL...)
11 99.80.82.152 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 156.54.45.194 20746 (ASN-IDC T...)
1 2a00:1450:400... 15169 (GOOGLE)
2 78.46.39.10 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
18 7
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
11    99.80.82.152 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-82-152.eu-west-1.compute.amazonaws.com
www.apss.tn.it
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    156.54.45.194 (Italy)

ASN20746 (ASN-IDC T.NO.OM.I.NC, IT)
ingestion.webanalytics.italia.it
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    78.46.39.10 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.10.39.46.78.clients.your-server.de
apss.pokedem.com
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
11 apss.tn.it
www.apss.tn.it
975 KB
2 pokedem.com
apss.pokedem.com
801 B
2 italia.it
ingestion.webanalytics.italia.it — Cisco Umbrella Rank: 290651
24 KB
1 gstatic.com
fonts.gstatic.com
125 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
868 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 444
5 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 4075
310 B
18 7
Domain Requested by
11 www.apss.tn.it www.apss.tn.it
2 apss.pokedem.com cdn.jsdelivr.net
2 ingestion.webanalytics.italia.it www.apss.tn.it
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com cdn.jsdelivr.net
1 cdn.jsdelivr.net www.apss.tn.it
1 bit.ly 1 redirects
18 7
Subject Issuer Validity Valid
apss.tn.it
R3		 2022-05-14 -
2022-08-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
ingestion.webanalytics.italia.it
R3		 2022-04-27 -
2022-07-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
pokedem.com
R3		 2022-04-12 -
2022-07-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.apss.tn.it/documents/10180/0/Scheda+Triage+Covid+A5
Frame ID: 2730CA8DD9DBAA85120F2D962EF41C9B
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

kernel (20) / Errore - Azienda Provinciale per i Servizi Sanitariit-calendarit-calendar

Page URL History Show full URLs

  1. https://bit.ly/2UyQTJQ) HTTP 301
    https://www.apss.tn.it/documents/10180/0/Scheda+Triage+Covid+A5 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

18
Requests

100 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

7
IPs

4
Countries

1131 kB
Transfer

3589 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/2UyQTJQ) HTTP 301
    https://www.apss.tn.it/documents/10180/0/Scheda+Triage+Covid+A5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Scheda+Triage+Covid+A5
www.apss.tn.it/documents/10180/0/
Redirect Chain
  • https://bit.ly/2UyQTJQ)
  • https://www.apss.tn.it/documents/10180/0/Scheda+Triage+Covid+A5
135 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.apss.tn.it/documents/10180/0/Scheda+Triage+Covid+A5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.82.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-82-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3f750a711e581ec3e86c712430cbff24df02e1d634ebac5b3ffb4b667ea4ffc3
Security Headers
Name Value
Content-Security-Policy default-src *; font-src 'self' data: https://fonts.gstatic.com https://acsbapp.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

age
0
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-language
it
content-security-policy
default-src *; font-src 'self' data: https://fonts.gstatic.com https://acsbapp.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
content-type
text/html; charset=utf-8
date
Mon, 20 Jun 2022 12:26:17 GMT
expect-ct
max-age=0, report-uri=https://saasopenpa.report-uri.com/r/d/ct/reportOnly
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Mon, 20 Jun 2022 12:26:17 GMT
permissions-policy
camera=(), payment=(), microphone=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://saasopenpa.report-uri.com/a/d/g"}],"include_subdomains":true}
served-by
www.apss.tn.it
strict-transport-security
max-age=63072000; includeSubdomains
transfer-encoding
chunked
vary
Accept-Encoding
via
1.1 varnish-v4
x-cache
MISS
x-content-type-options
nosniff
x-debug
x-frame-options
sameorigin
x-permitted-cross-domain-policies
none
x-served-by
ip-10-200-0-75.eu-west-1.compute.internal
x-varnish
885236849
x-xss-protection
1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
150
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Mon, 20 Jun 2022 12:26:16 GMT
location
https://www.apss.tn.it/documents/10180/0/Scheda+Triage+Covid+A5
referrer-policy
unsafe-url
server
nginx
via
1.1 google
bf412e29a8578d956832f5d302cb0990_all.css
www.apss.tn.it/var/apss/cache/public/stylesheets/ 		717 KB
107 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.apss.tn.it/var/apss/cache/public/stylesheets/bf412e29a8578d956832f5d302cb0990_all.css
Requested by
Host: www.apss.tn.it
URL: https://www.apss.tn.it/documents/10180/0/Scheda+Triage+Covid+A5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.82.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-82-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1bc862106a89125873c1179475083d2239df40c664194a7836eda55772df4b29
Security Headers
Name Value
Content-Security-Policy default-src *; font-src 'self' data: https://fonts.gstatic.com https://acsbapp.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.apss.tn.it/documents/10180/0/Scheda+Triage+Covid+A5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 12:21:21 GMT
via
1.1 varnish-v4
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
295
x-debug
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://saasopenpa.report-uri.com/a/d/g"}],"include_subdomains":true}
x-cache
HIT
content-encoding
gzip
vary
Accept-Encoding
content-length
107904
x-xss-protection
1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce
x-served-by
ip-10-200-0-75.eu-west-1.compute.internal
served-by
www.apss.tn.it
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 15 Jun 2022 10:45:05 GMT
x-ttl
31d
x-frame-options
sameorigin
etag
W/"1655289905-734280"
expect-ct
max-age=0, report-uri=https://saasopenpa.report-uri.com/r/d/ct/reportOnly, max-age=86400
strict-transport-security
max-age=63072000; includeSubdomains
access-control-allow-methods
GET, OPTIONS
x-varnish
895846680 892111436
access-control-allow-origin
https://www2.stanzadelcittadino.it
expires
Thu, 21 Jul 2022 12:21:21 GMT
permissions-policy
camera=(), payment=(), microphone=()
content-security-policy
default-src *; font-src 'self' data: https://fonts.gstatic.com https://acsbapp.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
accept-ranges
bytes
content-type
text/css;charset=UTF-8
access-control-allow-headers
*
x-cache-hits
75
1c87ff55f45565d3cceeedf56529e71d.js
www.apss.tn.it/var/apss/cache/public/javascript/ 		2 MB
466 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.apss.tn.it/var/apss/cache/public/javascript/1c87ff55f45565d3cceeedf56529e71d.js
Requested by
Host: www.apss.tn.it
URL: https://www.apss.tn.it/documents/10180/0/Scheda+Triage+Covid+A5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.82.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-82-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
453d59650910320fbf81a2ca74f48bd92326831ec5a0d5aa47cdd245a444dd16
Security Headers
Name Value
Content-Security-Policy default-src *; font-src 'self' data: https://fonts.gstatic.com https://acsbapp.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.apss.tn.it/documents/10180/0/Scheda+Triage+Covid+A5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 12:21:22 GMT
via
1.1 varnish-v4
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
295
x-debug
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://saasopenpa.report-uri.com/a/d/g"}],"include_subdomains":true}
x-cache
HIT
content-encoding
gzip
vary
Accept-Encoding
content-length
476049
x-xss-protection
1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce
x-served-by
ip-10-200-0-75.eu-west-1.compute.internal
served-by
www.apss.tn.it
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 15 Jun 2022 10:45:05 GMT
x-ttl
31d
x-frame-options
sameorigin
etag
W/"1655289905-2044855"
expect-ct
max-age=0, report-uri=https://saasopenpa.report-uri.com/r/d/ct/reportOnly, max-age=86400
strict-transport-security
max-age=63072000; includeSubdomains
access-control-allow-methods
GET, OPTIONS
x-varnish
885236855 889488941
access-control-allow-origin
https://www2.stanzadelcittadino.it
expires
Thu, 21 Jul 2022 12:21:22 GMT
permissions-policy
camera=(), payment=(), microphone=()
content-security-policy
default-src *; font-src 'self' data: https://fonts.gstatic.com https://acsbapp.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
accept-ranges
bytes
content-type
text/javascript;charset=UTF-8
access-control-allow-headers
*
x-cache-hits
78
Azienda-Provinciale-per-i-Servizi-Sanitari_header_logo.png
www.apss.tn.it/var/apss/storage/images/1245-49-ita-IT/ 		131 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.apss.tn.it/var/apss/storage/images/1245-49-ita-IT/Azienda-Provinciale-per-i-Servizi-Sanitari_header_logo.png
Requested by
Host: www.apss.tn.it
URL: https://www.apss.tn.it/documents/10180/0/Scheda+Triage+Covid+A5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.82.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-82-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2e2cb35b225b00b29815f8c4421a93675b1facf9dfc6e13946eea0a0d7c87e7e
Security Headers
Name Value
Content-Security-Policy default-src *; font-src 'self' data: https://fonts.gstatic.com https://acsbapp.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.apss.tn.it/documents/10180/0/Scheda+Triage+Covid+A5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 12:21:15 GMT
via
1.1 varnish-v4
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
302
x-debug
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://saasopenpa.report-uri.com/a/d/g"}],"include_subdomains":true}
x-cache
HIT
content-length
133919
x-xss-protection
1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce
x-served-by
ip-10-200-0-75.eu-west-1.compute.internal
served-by
www.apss.tn.it
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 28 Jul 2021 15:24:34 GMT
x-ttl
31d
x-frame-options
sameorigin
etag
"1627485874-133919"
expect-ct
max-age=0, report-uri=https://saasopenpa.report-uri.com/r/d/ct/reportOnly, max-age=86400
strict-transport-security
max-age=63072000; includeSubdomains
access-control-allow-methods
GET, OPTIONS
x-varnish
885236857 889488849
access-control-allow-origin
https://www2.stanzadelcittadino.it
expires
Thu, 21 Jul 2022 12:21:15 GMT
permissions-policy
camera=(), payment=(), microphone=()
content-security-policy
default-src *; font-src 'self' data: https://fonts.gstatic.com https://acsbapp.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
accept-ranges
bytes
content-type
image/png
access-control-allow-headers
*
x-cache-hits
76
fm-chatbot-client
cdn.jsdelivr.net/npm/@claudio.giuliano/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@claudio.giuliano/fm-chatbot-client
Requested by
Host: www.apss.tn.it
URL: https://www.apss.tn.it/documents/10180/0/Scheda+Triage+Covid+A5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cac64d21e8e5ac16459f4ce50b0e9aae0e251148ad03599c652c3f5db49110f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.apss.tn.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 12:26:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
18400
x-jsd-version
1.2.6
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19152-FRA, cache-mxp6940-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"3bf4-nU3sM1IsIlarUjzTQpVSRP5X4i4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1UN3e85HbDCO47D45YczF%2FzQOJULg8jeBxasw1FJGiolLjdUj9AhWtpTtsi%2FXbET0p0hQXd3%2BvKDQFdovdF4geMxEAN2ZwLWY%2BE51HEKOBESyGyXp5pwU9c83gf0UjNgBBK6HaQLWc7EZQcvA%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
71e47df3ba2ce8ff-MXP
app.min.js
www.apss.tn.it/extension/openpa_bootstrapitalia/design/bootstrapitalia/javascript/ 		210 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.apss.tn.it/extension/openpa_bootstrapitalia/design/bootstrapitalia/javascript/app.min.js
Requested by
Host: www.apss.tn.it
URL: https://www.apss.tn.it/documents/10180/0/Scheda+Triage+Covid+A5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.82.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-82-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1e0dd51f3f096cf987111dd9bfc40b1229fc5e18f68ee646b820fb3d363e6e
Security Headers
Name Value
Content-Security-Policy default-src *; font-src 'self' data: https://fonts.gstatic.com https://acsbapp.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.apss.tn.it/documents/10180/0/Scheda+Triage+Covid+A5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 12:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
302
x-debug
x-cache
HIT
access-control-allow-methods
GET, OPTIONS
vary
Accept-Encoding
content-length
53241
x-xss-protection
1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce
x-served-by
ip-10-200-0-75.eu-west-1.compute.internal
access-control-allow-origin
https://www2.stanzadelcittadino.it
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 12 May 2022 19:22:05 GMT
x-ttl
31d
x-frame-options
sameorigin
etag
W/"627d5e5d-34890"
expect-ct
max-age=0, report-uri=https://saasopenpa.report-uri.com/r/d/ct/reportOnly, max-age=86400
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://saasopenpa.report-uri.com/a/d/g"}],"include_subdomains":true}
x-varnish
894365766 895257012
via
1.1 varnish-v4
expires
Thu, 21 Jul 2022 12:21:15 GMT
permissions-policy
camera=(), payment=(), microphone=()
content-security-policy
default-src *; font-src 'self' data: https://fonts.gstatic.com https://acsbapp.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
75
sprite.svg
www.apss.tn.it/extension/openpa_bootstrapitalia/design/standard/images/svg/ 		45 KB
46 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.apss.tn.it/extension/openpa_bootstrapitalia/design/standard/images/svg/sprite.svg
Requested by
Host: www.apss.tn.it
URL: https://www.apss.tn.it/documents/10180/0/Scheda+Triage+Covid+A5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.82.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-82-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f4c98d175ae6a74344ddf7312b338660e9f217cf410762f469e389b5a6adf10b
Security Headers
Name Value
Content-Security-Policy default-src *; font-src 'self' data: https://fonts.gstatic.com https://acsbapp.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.apss.tn.it/documents/10180/0/Scheda+Triage+Covid+A5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 12:21:16 GMT
x-debug
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
301
x-cache
HIT
access-control-allow-methods
GET, OPTIONS
content-length
45758
x-xss-protection
1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce
x-served-by
ip-10-200-0-75.eu-west-1.compute.internal
access-control-allow-origin
https://www2.stanzadelcittadino.it
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 12 May 2022 19:22:05 GMT
x-ttl
31d
x-frame-options
sameorigin
etag
"627d5e5d-b2be"
expect-ct
max-age=0, report-uri=https://saasopenpa.report-uri.com/r/d/ct/reportOnly, max-age=86400
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://saasopenpa.report-uri.com/a/d/g"}],"include_subdomains":true}
x-varnish
892273673 892111394
via
1.1 varnish-v4
expires
Thu, 21 Jul 2022 12:21:16 GMT
permissions-policy
camera=(), payment=(), microphone=()
content-security-policy
default-src *; font-src 'self' data: https://fonts.gstatic.com https://acsbapp.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
*
x-cache-hits
76
truncated
/ 		202 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c382770c98cec3cfec6d7048c4077d92cfae6351bbc1a5c6cd9724998b28966a

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/svg+xml
matomo.js
ingestion.webanalytics.italia.it/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ingestion.webanalytics.italia.it/matomo.js
Requested by
Host: www.apss.tn.it
URL: https://www.apss.tn.it/documents/10180/0/Scheda+Triage+Covid+A5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.54.45.194 , Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software
/
Resource Hash
0995371a359a4a701d66f8b183de6144de9a042e5bac84b6f920968f51567742
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.apss.tn.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Mon, 20 Jun 2022 12:26:18 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 10 Sep 2020 22:55:10 GMT
etag
W/"5f5aaece-1131c"
allow
GET, POST
content-type
application/javascript
cache-control
max-age=3600, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Mon, 20 Jun 2022 13:26:18 GMT
TitilliumWeb-Light.woff2
www.apss.tn.it/extension/openpa_bootstrapitalia/design/bootstrapitalia/fonts/Titillium_Web/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apss.tn.it/extension/openpa_bootstrapitalia/design/bootstrapitalia/fonts/Titillium_Web/TitilliumWeb-Light.woff2
Requested by
Host: www.apss.tn.it
URL: https://www.apss.tn.it/documents/10180/0/Scheda+Triage+Covid+A5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.82.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-82-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
fe1257b5c39a8a62a91b85bbf01b9826411e8e9f77c5895a742670cf0d466240
Security Headers
Name Value
Content-Security-Policy default-src *; font-src 'self' data: https://fonts.gstatic.com https://acsbapp.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce

Request headers

Referer
https://www.apss.tn.it/documents/10180/0/Scheda+Triage+Covid+A5
Origin
https://www.apss.tn.it
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 12:25:22 GMT
x-debug
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
56
x-cache
HIT
access-control-allow-methods
GET, OPTIONS
content-length
18076
x-xss-protection
1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce
x-served-by
ip-10-200-0-75.eu-west-1.compute.internal
access-control-allow-origin
https://www2.stanzadelcittadino.it
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 12 May 2022 19:22:05 GMT
x-frame-options
sameorigin
etag
"627d5e5d-469c"
expect-ct
max-age=0, report-uri=https://saasopenpa.report-uri.com/r/d/ct/reportOnly, max-age=86400
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://saasopenpa.report-uri.com/a/d/g"}],"include_subdomains":true}
x-varnish
895846692 878106244
via
1.1 varnish-v4
permissions-policy
camera=(), payment=(), microphone=()
content-security-policy
default-src *; font-src 'self' data: https://fonts.gstatic.com https://acsbapp.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
accept-ranges
bytes
content-type
font/woff2
access-control-allow-headers
*
x-cache-hits
13
TitilliumWeb-Regular.woff2
www.apss.tn.it/extension/openpa_bootstrapitalia/design/bootstrapitalia/fonts/Titillium_Web/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apss.tn.it/extension/openpa_bootstrapitalia/design/bootstrapitalia/fonts/Titillium_Web/TitilliumWeb-Regular.woff2
Requested by
Host: www.apss.tn.it
URL: https://www.apss.tn.it/documents/10180/0/Scheda+Triage+Covid+A5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.82.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-82-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
10a0b293d1d46ce9853549ea0dbecb22208e19c9a78ac6a024e7b2642a657e82
Security Headers
Name Value
Content-Security-Policy default-src *; font-src 'self' data: https://fonts.gstatic.com https://acsbapp.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce

Request headers

Referer
https://www.apss.tn.it/documents/10180/0/Scheda+Triage+Covid+A5
Origin
https://www.apss.tn.it
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 12:25:22 GMT
x-debug
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
55
x-cache
HIT
access-control-allow-methods
GET, OPTIONS
content-length
18020
x-xss-protection
1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce
x-served-by
ip-10-200-0-75.eu-west-1.compute.internal
access-control-allow-origin
https://www2.stanzadelcittadino.it
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 12 May 2022 19:22:05 GMT
x-frame-options
sameorigin
etag
"627d5e5d-4664"
expect-ct
max-age=0, report-uri=https://saasopenpa.report-uri.com/r/d/ct/reportOnly, max-age=86400
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://saasopenpa.report-uri.com/a/d/g"}],"include_subdomains":true}
x-varnish
894365779 894365684
via
1.1 varnish-v4
permissions-policy
camera=(), payment=(), microphone=()
content-security-policy
default-src *; font-src 'self' data: https://fonts.gstatic.com https://acsbapp.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
accept-ranges
bytes
content-type
font/woff2
access-control-allow-headers
*
x-cache-hits
13
TitilliumWeb-Bold.woff2
www.apss.tn.it/extension/openpa_bootstrapitalia/design/bootstrapitalia/fonts/Titillium_Web/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apss.tn.it/extension/openpa_bootstrapitalia/design/bootstrapitalia/fonts/Titillium_Web/TitilliumWeb-Bold.woff2
Requested by
Host: www.apss.tn.it
URL: https://www.apss.tn.it/documents/10180/0/Scheda+Triage+Covid+A5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.82.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-82-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
10e231d670dd23dbbc9e0824e99346477a799a361c755389654ca2ff2aeed499
Security Headers
Name Value
Content-Security-Policy default-src *; font-src 'self' data: https://fonts.gstatic.com https://acsbapp.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce

Request headers

Referer
https://www.apss.tn.it/documents/10180/0/Scheda+Triage+Covid+A5
Origin
https://www.apss.tn.it
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 12:25:22 GMT
x-debug
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
56
x-cache
HIT
access-control-allow-methods
GET, OPTIONS
content-length
17152
x-xss-protection
1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce
x-served-by
ip-10-200-0-75.eu-west-1.compute.internal
access-control-allow-origin
https://www2.stanzadelcittadino.it
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 12 May 2022 19:22:05 GMT
x-frame-options
sameorigin
etag
"627d5e5d-4300"
expect-ct
max-age=0, report-uri=https://saasopenpa.report-uri.com/r/d/ct/reportOnly, max-age=86400
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://saasopenpa.report-uri.com/a/d/g"}],"include_subdomains":true}
x-varnish
895846698 867035429
via
1.1 varnish-v4
permissions-policy
camera=(), payment=(), microphone=()
content-security-policy
default-src *; font-src 'self' data: https://fonts.gstatic.com https://acsbapp.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
accept-ranges
bytes
content-type
font/woff2
access-control-allow-headers
*
x-cache-hits
13
TitilliumWeb-SemiBold.woff2
www.apss.tn.it/extension/openpa_bootstrapitalia/design/bootstrapitalia/fonts/Titillium_Web/ 		17 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apss.tn.it/extension/openpa_bootstrapitalia/design/bootstrapitalia/fonts/Titillium_Web/TitilliumWeb-SemiBold.woff2
Requested by
Host: www.apss.tn.it
URL: https://www.apss.tn.it/documents/10180/0/Scheda+Triage+Covid+A5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.82.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-82-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2dff0ec7d7554ff9f7ac85f1ef06e72cc35303e38efe7ecfcd367934994b39fd
Security Headers
Name Value
Content-Security-Policy default-src *; font-src 'self' data: https://fonts.gstatic.com https://acsbapp.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce

Request headers

Referer
https://www.apss.tn.it/documents/10180/0/Scheda+Triage+Covid+A5
Origin
https://www.apss.tn.it
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 12:25:22 GMT
x-debug
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
56
x-cache
HIT
access-control-allow-methods
GET, OPTIONS
content-length
17804
x-xss-protection
1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce
x-served-by
ip-10-200-0-75.eu-west-1.compute.internal
access-control-allow-origin
https://www2.stanzadelcittadino.it
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 12 May 2022 19:22:05 GMT
x-frame-options
sameorigin
etag
"627d5e5d-458c"
expect-ct
max-age=0, report-uri=https://saasopenpa.report-uri.com/r/d/ct/reportOnly, max-age=86400
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://saasopenpa.report-uri.com/a/d/g"}],"include_subdomains":true}
x-varnish
894365785 894644321
via
1.1 varnish-v4
permissions-policy
camera=(), payment=(), microphone=()
content-security-policy
default-src *; font-src 'self' data: https://fonts.gstatic.com https://acsbapp.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
accept-ranges
bytes
content-type
font/woff2
access-control-allow-headers
*
x-cache-hits
13
icon
fonts.googleapis.com/ 		569 B
868 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@claudio.giuliano/fm-chatbot-client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fabb409cb851ec0674d4e4c618e5aafeb7f9698a1dfb6c59bc1687490acbb007
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.apss.tn.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 20 Jun 2022 12:26:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 20 Jun 2022 12:26:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Jun 2022 12:26:18 GMT
webhook
apss.pokedem.com/webhooks/rest/ 		457 B
801 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apss.pokedem.com/webhooks/rest/webhook
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@claudio.giuliano/fm-chatbot-client
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.39.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.10.39.46.78.clients.your-server.de
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
12faf97b1db339e670ccf95d4a1dd90ab98ef36ef28d69d6acc75a5434d7fc4c

Request headers

Referer
https://www.apss.tn.it/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/json

Response headers

Date
Mon, 20 Jun 2022 12:26:18 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.apss.tn.it
Access-Control-Expose-Headers
filename
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
457
webhook
apss.pokedem.com/webhooks/rest/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://apss.pokedem.com/webhooks/rest/webhook
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.39.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.10.39.46.78.clients.your-server.de
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.apss.tn.it
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin
https://www.apss.tn.it
Access-Control-Expose-Headers
filename
Access-Control-Max-Age
None
Connection
Keep-Alive
Content-Length
0
Date
Mon, 20 Jun 2022 12:26:18 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.18 (Ubuntu)
Vary
Origin
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v130/ 		124 KB
125 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v130/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e000dd6f32279c3575f5ea8c55f2a8e851249bb3736100db863343f290aa0da2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.apss.tn.it
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 21:14:17 GMT
x-content-type-options
nosniff
age
573121
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127420
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 00:59:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Jun 2023 21:14:17 GMT
matomo.php
ingestion.webanalytics.italia.it/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ingestion.webanalytics.italia.it/matomo.php?action_name=kernel%20(20)%20%2F%20Errore%20-%20Azienda%20Provinciale%20per%20i%20Servizi%20Sanitari&idsite=jg7pYNwqvM&rec=1&r=458115&h=12&m=26&s=18&url=https%3A%2F%2Fwww.apss.tn.it%2Fdocuments%2F10180%2F0%2FScheda%2BTriage%2BCovid%2BA5&_id=36e25f40baf70133&_idts=1655727978&_idvc=1&_idn=1&_refts=0&_viewts=1655727978&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=261&pv_id=pHpRrW
Requested by
Host: www.apss.tn.it
URL: https://www.apss.tn.it/documents/10180/0/Scheda+Triage+Covid+A5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.54.45.194 , Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.apss.tn.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers
fontawesome-webfont.woff2
www.apss.tn.it/extension/openpa_bootstrapitalia/design/bootstrapitalia/fonts/ 		75 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.apss.tn.it/extension/openpa_bootstrapitalia/design/bootstrapitalia/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.apss.tn.it
URL: https://www.apss.tn.it/var/apss/cache/public/stylesheets/bf412e29a8578d956832f5d302cb0990_all.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.82.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-82-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Content-Security-Policy default-src *; font-src 'self' data: https://fonts.gstatic.com https://acsbapp.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce

Request headers

Referer
https://www.apss.tn.it/var/apss/cache/public/stylesheets/bf412e29a8578d956832f5d302cb0990_all.css
Origin
https://www.apss.tn.it
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 12:25:35 GMT
x-debug
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
43
x-cache
HIT
access-control-allow-methods
GET, OPTIONS
content-length
77160
x-xss-protection
1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce
x-served-by
ip-10-200-0-75.eu-west-1.compute.internal
access-control-allow-origin
https://www2.stanzadelcittadino.it
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 12 May 2022 19:22:05 GMT
x-frame-options
sameorigin
etag
"627d5e5d-12d68"
expect-ct
max-age=0, report-uri=https://saasopenpa.report-uri.com/r/d/ct/reportOnly, max-age=86400
strict-transport-security
max-age=63072000; includeSubdomains
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://saasopenpa.report-uri.com/a/d/g"}],"include_subdomains":true}
x-varnish
891125964 888118824
via
1.1 varnish-v4
permissions-policy
camera=(), payment=(), microphone=()
content-security-policy
default-src *; font-src 'self' data: https://fonts.gstatic.com https://acsbapp.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
accept-ranges
bytes
content-type
font/woff2
access-control-allow-headers
*
x-cache-hits
13

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| opendataDataTableRenderField function| OpenContentOcopendataConnector object| __core-js_shared__ object| core object| CookieConsent function| parcelRequire function| $ function| jQuery function| Popper function| moment object| L object| blueimp object| Handlebars object| HandlebarsPrecompiled function| Base function| Alpaca object| async function| equiv string| CurrentLanguage boolean| CurrentUserIsLoggedIn string| UiContext string| UriPrefix object| PathArray string| ModuleResultUri object| LanguageUrlAliasList string| MomentDateFormat string| MomentDateTimeFormat object| CookieConsentText boolean| HasGoogleAnalytics boolean| HasWebAnalyticsItalia boolean| NeedCookieConsentForAnalytics boolean| NeedCookieConsentForMultimedia string| CookieConsentServicesForMultimedia boolean| NeedCookieConsent function| documentIsReady function| showIframes function| hideIframes object| CookieConsentCategories object| CookieConsentServices function| FmChatbot string| __PUBLIC_PATH__ object| bootstrap function| isIe object| _paq object| JSON_PIWIK object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

3 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: m5kcqg-9c18bcd986d15ba078-00d
www.apss.tn.it/ Name: _pk_id.jg7pYNwqvM.1ad5
Value: 36e25f40baf70133.1655727978.1.1655727978.1655727978.
www.apss.tn.it/ Name: _pk_ses.jg7pYNwqvM.1ad5
Value: 1

2 Console Messages

Source Level URL
Text
network error URL: https://www.apss.tn.it/documents/10180/0/Scheda+Triage+Covid+A5
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://ingestion.webanalytics.italia.it/matomo.php?action_name=kernel%20(20)%20%2F%20Errore%20-%20Azienda%20Provinciale%20per%20i%20Servizi%20Sanitari&idsite=jg7pYNwqvM&rec=1&r=458115&h=12&m=26&s=18&url=https%3A%2F%2Fwww.apss.tn.it%2Fdocuments%2F10180%2F0%2FScheda%2BTriage%2BCovid%2BA5&_id=36e25f40baf70133&_idts=1655727978&_idvc=1&_idn=1&_refts=0&_viewts=1655727978&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=261&pv_id=pHpRrW
Message:
Failed to load resource: the server responded with a status of 502 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src *; font-src 'self' data: https://fonts.gstatic.com https://acsbapp.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src blob:; style-src 'self' 'unsafe-inline' https:; img-src * 'self' data: https:; report-uri https://saasopenpa.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block; report=https://saasopenpa.report-uri.com/r/d/xss/enforce

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apss.pokedem.com
bit.ly
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
ingestion.webanalytics.italia.it
www.apss.tn.it
156.54.45.194
2606:4700::6810:5714
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
67.199.248.11
78.46.39.10
99.80.82.152
0995371a359a4a701d66f8b183de6144de9a042e5bac84b6f920968f51567742
10a0b293d1d46ce9853549ea0dbecb22208e19c9a78ac6a024e7b2642a657e82
10e231d670dd23dbbc9e0824e99346477a799a361c755389654ca2ff2aeed499
12faf97b1db339e670ccf95d4a1dd90ab98ef36ef28d69d6acc75a5434d7fc4c
1bc862106a89125873c1179475083d2239df40c664194a7836eda55772df4b29
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2dff0ec7d7554ff9f7ac85f1ef06e72cc35303e38efe7ecfcd367934994b39fd
2e2cb35b225b00b29815f8c4421a93675b1facf9dfc6e13946eea0a0d7c87e7e
3f750a711e581ec3e86c712430cbff24df02e1d634ebac5b3ffb4b667ea4ffc3
453d59650910320fbf81a2ca74f48bd92326831ec5a0d5aa47cdd245a444dd16
7cac64d21e8e5ac16459f4ce50b0e9aae0e251148ad03599c652c3f5db49110f
c382770c98cec3cfec6d7048c4077d92cfae6351bbc1a5c6cd9724998b28966a
e000dd6f32279c3575f5ea8c55f2a8e851249bb3736100db863343f290aa0da2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1e0dd51f3f096cf987111dd9bfc40b1229fc5e18f68ee646b820fb3d363e6e
f4c98d175ae6a74344ddf7312b338660e9f217cf410762f469e389b5a6adf10b
fabb409cb851ec0674d4e4c618e5aafeb7f9698a1dfb6c59bc1687490acbb007
fe1257b5c39a8a62a91b85bbf01b9826411e8e9f77c5895a742670cf0d466240