URL: https://controlpanel.suafisio.asteria.qa/
Submission: On October 09 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 13 HTTP transactions. The main IP is 18.213.85.247, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is controlpanel.suafisio.asteria.qa.
TLS certificate: Issued by R3 on October 9th 2021. Valid for: 3 months.
This is the only time controlpanel.suafisio.asteria.qa was scanned on urlscan.io!

urlscan.io Verdict: No classification


Live information

Domain & IP information

IP Address AS Autonomous System
10 18.213.85.247 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
13 3
Domain Requested by
10 controlpanel.suafisio.asteria.qa controlpanel.suafisio.asteria.qa
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com controlpanel.suafisio.asteria.qa
13 3

This site contains no links.

Subject Issuer Validity Valid
controlpanel.suafisio.asteria.qa
R3
2021-10-09 -
2022-01-07
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh

This page contains 1 frames:

Primary Page: https://controlpanel.suafisio.asteria.qa/
Frame ID: 0493B9048BBEFCC24148A70108DC58A0
Requests: 13 HTTP requests in this frame

Screenshot

Page Title

SuaFisio - QA

Detected technologies

Overall confidence: 100%
Detected patterns
  • \bangular.{0,32}\.js

Page Statistics

13
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

849 kB
Transfer

1981 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
controlpanel.suafisio.asteria.qa/
2 KB
2 KB
Document
General
Full URL
https://controlpanel.suafisio.asteria.qa/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
18.213.85.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-85-247.compute-1.amazonaws.com
Software
Microsoft-IIS/8.0 /
Resource Hash
93a572048adaeba34c44867b037f3364e3bc2a15c24757a9acb5dd18349b3e2a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' cdn.asteria.com.br s3.us-east-1.amazonaws.com data:; script-src 'self' 'unsafe-inline'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' https://fonts.gstatic.com; base-uri 'self'; manifest-src 'self'; connect-src 'self' data: *.suafisio.asteria.qa; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
controlpanel.suafisio.asteria.qa
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Thu, 19 Nov 2020 21:42:50 GMT
Accept-Ranges
bytes
ETag
"0a965edbcbed61:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/8.0
Content-Security-Policy
default-src 'self'; img-src 'self' cdn.asteria.com.br s3.us-east-1.amazonaws.com data:; script-src 'self' 'unsafe-inline'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' https://fonts.gstatic.com; base-uri 'self'; manifest-src 'self'; connect-src 'self' data: *.suafisio.asteria.qa; form-action 'self'; frame-ancestors 'none'
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Permissions-Policy
layout-animations 'none'; unoptimized-images 'none'; oversized-images 'none'; sync-script 'none'; sync-xhr 'none'; unsized-media 'none';
Feature-Policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; layout-animations 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; publickey-credentials-get 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; screen-wake-lock 'none'; xr-spatial-tracking 'none';
Referrer-Policy
origin
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Date
Sat, 09 Oct 2021 09:03:49 GMT
Content-Length
845
libraries.css
controlpanel.suafisio.asteria.qa/css/
354 KB
101 KB
Stylesheet
General
Full URL
https://controlpanel.suafisio.asteria.qa/css/libraries.css
Requested by
Host: controlpanel.suafisio.asteria.qa
URL: https://controlpanel.suafisio.asteria.qa/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
18.213.85.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-85-247.compute-1.amazonaws.com
Software
Microsoft-IIS/8.0 /
Resource Hash
0f8cfd59cefc68a90f8b7b6cdd96f352c865a0423230b6cf7a25df925c3bbf3b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' cdn.asteria.com.br s3.us-east-1.amazonaws.com data:; script-src 'self' 'unsafe-inline'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' https://fonts.gstatic.com; base-uri 'self'; manifest-src 'self'; connect-src 'self' data: *.suafisio.asteria.qa; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
controlpanel.suafisio.asteria.qa
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://controlpanel.suafisio.asteria.qa/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://controlpanel.suafisio.asteria.qa/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; img-src 'self' cdn.asteria.com.br s3.us-east-1.amazonaws.com data:; script-src 'self' 'unsafe-inline'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' https://fonts.gstatic.com; base-uri 'self'; manifest-src 'self'; connect-src 'self' data: *.suafisio.asteria.qa; form-action 'self'; frame-ancestors 'none'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Referrer-Policy
origin
Last-Modified
Thu, 19 Nov 2020 21:42:47 GMT
Server
Microsoft-IIS/8.0
X-Frame-Options
SAMEORIGIN
Date
Sat, 09 Oct 2021 09:03:49 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/css
Feature-Policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; layout-animations 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; publickey-credentials-get 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; screen-wake-lock 'none'; xr-spatial-tracking 'none';
Permissions-Policy
layout-animations 'none'; unoptimized-images 'none'; oversized-images 'none'; sync-script 'none'; sync-xhr 'none'; unsized-media 'none';
ETag
"80e59bebbcbed61:0"
Accept-Ranges
bytes
style.css
controlpanel.suafisio.asteria.qa/css/
19 KB
7 KB
Stylesheet
General
Full URL
https://controlpanel.suafisio.asteria.qa/css/style.css
Requested by
Host: controlpanel.suafisio.asteria.qa
URL: https://controlpanel.suafisio.asteria.qa/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
18.213.85.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-85-247.compute-1.amazonaws.com
Software
Microsoft-IIS/8.0 /
Resource Hash
51135b1cc8d66651156d5759ccb94d4826086c6be93b0664271bd0efbc13d576
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' cdn.asteria.com.br s3.us-east-1.amazonaws.com data:; script-src 'self' 'unsafe-inline'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' https://fonts.gstatic.com; base-uri 'self'; manifest-src 'self'; connect-src 'self' data: *.suafisio.asteria.qa; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
controlpanel.suafisio.asteria.qa
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://controlpanel.suafisio.asteria.qa/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://controlpanel.suafisio.asteria.qa/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; img-src 'self' cdn.asteria.com.br s3.us-east-1.amazonaws.com data:; script-src 'self' 'unsafe-inline'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' https://fonts.gstatic.com; base-uri 'self'; manifest-src 'self'; connect-src 'self' data: *.suafisio.asteria.qa; form-action 'self'; frame-ancestors 'none'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding
Content-Length
5457
X-XSS-Protection
1; mode=block
Referrer-Policy
origin
Last-Modified
Thu, 19 Nov 2020 21:42:50 GMT
Server
Microsoft-IIS/8.0
X-Frame-Options
SAMEORIGIN
Date
Sat, 09 Oct 2021 09:03:49 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/css
Feature-Policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; layout-animations 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; publickey-credentials-get 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; screen-wake-lock 'none'; xr-spatial-tracking 'none';
Permissions-Policy
layout-animations 'none'; unoptimized-images 'none'; oversized-images 'none'; sync-script 'none'; sync-xhr 'none'; unsized-media 'none';
ETag
"0a965edbcbed61:0"
Accept-Ranges
bytes
scripts.js
controlpanel.suafisio.asteria.qa/js/
550 KB
218 KB
Script
General
Full URL
https://controlpanel.suafisio.asteria.qa/js/scripts.js
Requested by
Host: controlpanel.suafisio.asteria.qa
URL: https://controlpanel.suafisio.asteria.qa/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
18.213.85.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-85-247.compute-1.amazonaws.com
Software
Microsoft-IIS/8.0 /
Resource Hash
18cccbccf55284657ddbb6b3426f333ee3d889b0e0a69a9134722e1f6b9a91ec
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' cdn.asteria.com.br s3.us-east-1.amazonaws.com data:; script-src 'self' 'unsafe-inline'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' https://fonts.gstatic.com; base-uri 'self'; manifest-src 'self'; connect-src 'self' data: *.suafisio.asteria.qa; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
controlpanel.suafisio.asteria.qa
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://controlpanel.suafisio.asteria.qa/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://controlpanel.suafisio.asteria.qa/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; img-src 'self' cdn.asteria.com.br s3.us-east-1.amazonaws.com data:; script-src 'self' 'unsafe-inline'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' https://fonts.gstatic.com; base-uri 'self'; manifest-src 'self'; connect-src 'self' data: *.suafisio.asteria.qa; form-action 'self'; frame-ancestors 'none'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Referrer-Policy
origin
Last-Modified
Thu, 19 Nov 2020 21:42:22 GMT
Server
Microsoft-IIS/8.0
X-Frame-Options
SAMEORIGIN
Date
Sat, 09 Oct 2021 09:03:49 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/javascript
Feature-Policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; layout-animations 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; publickey-credentials-get 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; screen-wake-lock 'none'; xr-spatial-tracking 'none';
Permissions-Policy
layout-animations 'none'; unoptimized-images 'none'; oversized-images 'none'; sync-script 'none'; sync-xhr 'none'; unsized-media 'none';
ETag
"033b5dcbcbed61:0"
Accept-Ranges
bytes
angular.js
controlpanel.suafisio.asteria.qa/js/
754 KB
285 KB
Script
General
Full URL
https://controlpanel.suafisio.asteria.qa/js/angular.js
Requested by
Host: controlpanel.suafisio.asteria.qa
URL: https://controlpanel.suafisio.asteria.qa/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
18.213.85.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-85-247.compute-1.amazonaws.com
Software
Microsoft-IIS/8.0 /
Resource Hash
7b5c951f719defde46ef846e6f7bddd11ae40bb4dca9c149751452f1a92fc497
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' cdn.asteria.com.br s3.us-east-1.amazonaws.com data:; script-src 'self' 'unsafe-inline'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' https://fonts.gstatic.com; base-uri 'self'; manifest-src 'self'; connect-src 'self' data: *.suafisio.asteria.qa; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
controlpanel.suafisio.asteria.qa
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://controlpanel.suafisio.asteria.qa/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://controlpanel.suafisio.asteria.qa/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; img-src 'self' cdn.asteria.com.br s3.us-east-1.amazonaws.com data:; script-src 'self' 'unsafe-inline'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' https://fonts.gstatic.com; base-uri 'self'; manifest-src 'self'; connect-src 'self' data: *.suafisio.asteria.qa; form-action 'self'; frame-ancestors 'none'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Referrer-Policy
origin
Last-Modified
Thu, 19 Nov 2020 21:42:44 GMT
Server
Microsoft-IIS/8.0
X-Frame-Options
SAMEORIGIN
Date
Sat, 09 Oct 2021 09:03:49 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/javascript
Feature-Policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; layout-animations 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; publickey-credentials-get 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; screen-wake-lock 'none'; xr-spatial-tracking 'none';
Permissions-Policy
layout-animations 'none'; unoptimized-images 'none'; oversized-images 'none'; sync-script 'none'; sync-xhr 'none'; unsized-media 'none';
ETag
"022d2e9bcbed61:0"
Accept-Ranges
bytes
app.js
controlpanel.suafisio.asteria.qa/js/
87 KB
21 KB
Script
General
Full URL
https://controlpanel.suafisio.asteria.qa/js/app.js
Requested by
Host: controlpanel.suafisio.asteria.qa
URL: https://controlpanel.suafisio.asteria.qa/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
18.213.85.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-85-247.compute-1.amazonaws.com
Software
Microsoft-IIS/8.0 /
Resource Hash
3615c7cd278b7ad70435fd084cfe29cfb53c557c8d851fd0f454d6f50e62a17b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' cdn.asteria.com.br s3.us-east-1.amazonaws.com data:; script-src 'self' 'unsafe-inline'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' https://fonts.gstatic.com; base-uri 'self'; manifest-src 'self'; connect-src 'self' data: *.suafisio.asteria.qa; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
controlpanel.suafisio.asteria.qa
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://controlpanel.suafisio.asteria.qa/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://controlpanel.suafisio.asteria.qa/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; img-src 'self' cdn.asteria.com.br s3.us-east-1.amazonaws.com data:; script-src 'self' 'unsafe-inline'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' https://fonts.gstatic.com; base-uri 'self'; manifest-src 'self'; connect-src 'self' data: *.suafisio.asteria.qa; form-action 'self'; frame-ancestors 'none'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding
Content-Length
20322
X-XSS-Protection
1; mode=block
Referrer-Policy
origin
Last-Modified
Thu, 19 Nov 2020 21:42:49 GMT
Server
Microsoft-IIS/8.0
X-Frame-Options
SAMEORIGIN
Date
Sat, 09 Oct 2021 09:03:49 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/javascript
Feature-Policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; layout-animations 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; publickey-credentials-get 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; screen-wake-lock 'none'; xr-spatial-tracking 'none';
Permissions-Policy
layout-animations 'none'; unoptimized-images 'none'; oversized-images 'none'; sync-script 'none'; sync-xhr 'none'; unsized-media 'none';
ETag
"8012cdecbcbed61:0"
Accept-Ranges
bytes
css
fonts.googleapis.com/
9 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Raleway:400,700|Roboto:300,700|Roboto+Condensed:700
Requested by
Host: controlpanel.suafisio.asteria.qa
URL: https://controlpanel.suafisio.asteria.qa/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cf8664280daf799fbc88cbe8d6b5931035874af6584ef9ddd449e9752a42939a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://controlpanel.suafisio.asteria.qa/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 09 Oct 2021 09:03:53 GMT
server
ESF
date
Sat, 09 Oct 2021 09:03:53 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 09 Oct 2021 09:03:53 GMT
pt-BR.json
controlpanel.suafisio.asteria.qa/lang/
3 KB
5 KB
XHR
General
Full URL
https://controlpanel.suafisio.asteria.qa/lang/pt-BR.json
Requested by
Host: controlpanel.suafisio.asteria.qa
URL: https://controlpanel.suafisio.asteria.qa/js/angular.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
18.213.85.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-85-247.compute-1.amazonaws.com
Software
Microsoft-IIS/8.0 /
Resource Hash
2c1fa29937dc9d50782b82699434f569f087069a8810fe9d14b3b5de72e56b7c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' cdn.asteria.com.br s3.us-east-1.amazonaws.com data:; script-src 'self' 'unsafe-inline'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' https://fonts.gstatic.com; base-uri 'self'; manifest-src 'self'; connect-src 'self' data: *.suafisio.asteria.qa; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
controlpanel.suafisio.asteria.qa
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors
Accept
application/json, text/plain, */*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://controlpanel.suafisio.asteria.qa/
Connection
keep-alive
Accept
application/json, text/plain, */*
Referer
https://controlpanel.suafisio.asteria.qa/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 09:03:51 GMT
Content-Security-Policy
default-src 'self'; img-src 'self' cdn.asteria.com.br s3.us-east-1.amazonaws.com data:; script-src 'self' 'unsafe-inline'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' https://fonts.gstatic.com; base-uri 'self'; manifest-src 'self'; connect-src 'self' data: *.suafisio.asteria.qa; form-action 'self'; frame-ancestors 'none'
Referrer-Policy
origin
Last-Modified
Thu, 19 Nov 2020 21:42:50 GMT
Server
Microsoft-IIS/8.0
ETag
"0a965edbcbed61:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
X-XSS-Protection
1; mode=block
Feature-Policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; layout-animations 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; publickey-credentials-get 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; screen-wake-lock 'none'; xr-spatial-tracking 'none';
Permissions-Policy
layout-animations 'none'; unoptimized-images 'none'; oversized-images 'none'; sync-script 'none'; sync-xhr 'none'; unsized-media 'none';
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
3365
X-Content-Type-Options
nosniff
jcs-auto-validate_pt-br.json
controlpanel.suafisio.asteria.qa/lang/angular-auto-validate/
689 B
2 KB
XHR
General
Full URL
https://controlpanel.suafisio.asteria.qa/lang/angular-auto-validate/jcs-auto-validate_pt-br.json
Requested by
Host: controlpanel.suafisio.asteria.qa
URL: https://controlpanel.suafisio.asteria.qa/js/angular.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
18.213.85.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-85-247.compute-1.amazonaws.com
Software
Microsoft-IIS/8.0 /
Resource Hash
7deeb24bb4e073b11680bfad20c0feaaa01db663eca9fe7d7f1df13bcf8e9d1a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' cdn.asteria.com.br s3.us-east-1.amazonaws.com data:; script-src 'self' 'unsafe-inline'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' https://fonts.gstatic.com; base-uri 'self'; manifest-src 'self'; connect-src 'self' data: *.suafisio.asteria.qa; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
controlpanel.suafisio.asteria.qa
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors
Accept
application/json, text/plain, */*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://controlpanel.suafisio.asteria.qa/
Connection
keep-alive
Accept
application/json, text/plain, */*
Referer
https://controlpanel.suafisio.asteria.qa/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 09:03:51 GMT
Content-Security-Policy
default-src 'self'; img-src 'self' cdn.asteria.com.br s3.us-east-1.amazonaws.com data:; script-src 'self' 'unsafe-inline'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' https://fonts.gstatic.com; base-uri 'self'; manifest-src 'self'; connect-src 'self' data: *.suafisio.asteria.qa; form-action 'self'; frame-ancestors 'none'
Referrer-Policy
origin
Last-Modified
Thu, 19 Nov 2020 21:42:22 GMT
Server
Microsoft-IIS/8.0
ETag
"033b5dcbcbed61:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
X-XSS-Protection
1; mode=block
Feature-Policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; layout-animations 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; publickey-credentials-get 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; screen-wake-lock 'none'; xr-spatial-tracking 'none';
Permissions-Policy
layout-animations 'none'; unoptimized-images 'none'; oversized-images 'none'; sync-script 'none'; sync-xhr 'none'; unsized-media 'none';
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
689
X-Content-Type-Options
nosniff
logo-sua-fisio.png
controlpanel.suafisio.asteria.qa/images/
6 KB
8 KB
Image
General
Full URL
https://controlpanel.suafisio.asteria.qa/images/logo-sua-fisio.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
18.213.85.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-85-247.compute-1.amazonaws.com
Software
Microsoft-IIS/8.0 /
Resource Hash
e9b27d89e760cd6591d4571c0da15ae61625f901e0521cfc5b3775ba4b2d94fd
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' cdn.asteria.com.br s3.us-east-1.amazonaws.com data:; script-src 'self' 'unsafe-inline'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' https://fonts.gstatic.com; base-uri 'self'; manifest-src 'self'; connect-src 'self' data: *.suafisio.asteria.qa; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
controlpanel.suafisio.asteria.qa
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://controlpanel.suafisio.asteria.qa/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://controlpanel.suafisio.asteria.qa/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 09:03:51 GMT
Content-Security-Policy
default-src 'self'; img-src 'self' cdn.asteria.com.br s3.us-east-1.amazonaws.com data:; script-src 'self' 'unsafe-inline'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' https://fonts.gstatic.com; base-uri 'self'; manifest-src 'self'; connect-src 'self' data: *.suafisio.asteria.qa; form-action 'self'; frame-ancestors 'none'
Referrer-Policy
origin
Last-Modified
Thu, 19 Nov 2020 21:42:50 GMT
Server
Microsoft-IIS/8.0
ETag
"0a965edbcbed61:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
X-XSS-Protection
1; mode=block
Feature-Policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; layout-animations 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; publickey-credentials-get 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; screen-wake-lock 'none'; xr-spatial-tracking 'none';
Permissions-Policy
layout-animations 'none'; unoptimized-images 'none'; oversized-images 'none'; sync-script 'none'; sync-xhr 'none'; unsized-media 'none';
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
6094
X-Content-Type-Options
nosniff
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/
46 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,700|Roboto:300,700|Roboto+Condensed:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://controlpanel.suafisio.asteria.qa
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 04:17:51 GMT
x-content-type-options
nosniff
age
362762
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 19:40:30 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Oct 2022 04:17:51 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,700|Roboto:300,700|Roboto+Condensed:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://controlpanel.suafisio.asteria.qa
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 16:31:40 GMT
x-content-type-options
nosniff
age
232333
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 06 Oct 2022 16:31:40 GMT
fa-solid-900.woff2
controlpanel.suafisio.asteria.qa/webfonts/
134 KB
136 KB
Font
General
Full URL
https://controlpanel.suafisio.asteria.qa/webfonts/fa-solid-900.woff2
Requested by
Host: controlpanel.suafisio.asteria.qa
URL: https://controlpanel.suafisio.asteria.qa/css/libraries.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
18.213.85.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-85-247.compute-1.amazonaws.com
Software
Microsoft-IIS/8.0 /
Resource Hash
68eb827a2fa6f035eab41392f863522ae5dc0d4c0c31d5245362a7f1a5aed46a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' cdn.asteria.com.br s3.us-east-1.amazonaws.com data:; script-src 'self' 'unsafe-inline'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' https://fonts.gstatic.com; base-uri 'self'; manifest-src 'self'; connect-src 'self' data: *.suafisio.asteria.qa; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://controlpanel.suafisio.asteria.qa
Accept-Encoding
gzip, deflate, br
Host
controlpanel.suafisio.asteria.qa
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://controlpanel.suafisio.asteria.qa/
Connection
keep-alive
Referer
https://controlpanel.suafisio.asteria.qa/
Origin
https://controlpanel.suafisio.asteria.qa
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 09:03:51 GMT
Content-Security-Policy
default-src 'self'; img-src 'self' cdn.asteria.com.br s3.us-east-1.amazonaws.com data:; script-src 'self' 'unsafe-inline'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' https://fonts.gstatic.com; base-uri 'self'; manifest-src 'self'; connect-src 'self' data: *.suafisio.asteria.qa; form-action 'self'; frame-ancestors 'none'
Referrer-Policy
origin
Last-Modified
Thu, 19 Nov 2020 21:42:51 GMT
Server
Microsoft-IIS/8.0
ETag
"803ffeedbcbed61:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff2
X-XSS-Protection
1; mode=block
Feature-Policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; layout-animations 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; publickey-credentials-get 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; screen-wake-lock 'none'; xr-spatial-tracking 'none';
Permissions-Policy
layout-animations 'none'; unoptimized-images 'none'; oversized-images 'none'; sync-script 'none'; sync-xhr 'none'; unsized-media 'none';
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
137704
X-Content-Type-Options
nosniff

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery function| Popper object| bootstrap function| moment function| Color function| Chart function| Spinner object| Ladda function| Picker function| tinycolor object| config object| angular object| @uirouter/core object| @uirouter/angularjs function| Flow function| format function| ColorThief function| MegaPixImage object| AngularjsColorPicker object| ApplicationConfiguration

0 Cookies

12 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'battery'.
security warning
Message:
Error with Feature-Policy header: Origin trial controlled feature not enabled: 'display-capture'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'layout-animations'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'legacy-image-formats'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'navigation-override'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'oversized-images'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'vr'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'wake-lock'.
security error
Message:
Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; img-src 'self' cdn.asteria.com.br s3.us-east-1.amazonaws.com data:; script-src 'self' 'unsafe-inline'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' https://fonts.gstatic.com; base-uri 'self'; manifest-src 'self'; connect-src 'self' data: *.suafisio.asteria.qa; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block