bellini.welfare.it Open in urlscan Pro
108.157.4.64  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response bellini.welfare.it/	1 KB 2 KB	228ms 66ms	Document text/html	108.157.4.64 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bellini.welfare.it/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.157.4.64 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-157-4-64.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash d72bba1931d9906aa07ecdea3ba148905f2c579275a142856a57c739661730cf Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.buonowelfare.it/ *.welfare.it/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' *.buonowelfare.it/ https://fonts.googleapis.com/ *.welfare.it; object-src 'none'; base-uri 'self'; connect-src 'self' *.welfare.it/ https://s3welfare-customer-images-and-documents.s3.eu-west-1.amazonaws.com/ https://cognito-identity.eu-west-1.amazonaws.com/ https://cognito-idp.eu-west-1.amazonaws.com/ *.buonowelfare.it/ *.welfare.it/ https://maps.googleapis.com/; font-src 'self' data: https://fonts.gstatic.com/ *.welfare.it/; frame-src 'self' https://s3welfare-product-images.s3.eu-west-1.amazonaws.com/ https://www.google.com/ https://www.youtube.com/; img-src 'self' data: https://s3welfare-customer-images-and-documents.s3.eu-west-1.amazonaws.com/ *.buonowelfare.it *.welfare.it https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self' blob:; media-src 'self'; worker-src 'none'; script-src-elem 'self' 'unsafe-inline' *.welfare.it/ https://amazon-cognito-assets.eu-west-1.amazoncognito.com/ *.buonowelfare.it/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers age 86122 alt-svc h3=":443"; ma=86400 content-encoding br content-security-policy default-src 'self'; script-src 'self' 'unsafe-inline' *.buonowelfare.it/ *.welfare.it/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' *.buonowelfare.it/ https://fonts.googleapis.com/ *.welfare.it; object-src 'none'; base-uri 'self'; connect-src 'self' *.welfare.it/ https://s3welfare-customer-images-and-documents.s3.eu-west-1.amazonaws.com/ https://cognito-identity.eu-west-1.amazonaws.com/ https://cognito-idp.eu-west-1.amazonaws.com/ *.buonowelfare.it/ *.welfare.it/ https://maps.googleapis.com/; font-src 'self' data: https://fonts.gstatic.com/ *.welfare.it/; frame-src 'self' https://s3welfare-product-images.s3.eu-west-1.amazonaws.com/ https://www.google.com/ https://www.youtube.com/; img-src 'self' data: https://s3welfare-customer-images-and-documents.s3.eu-west-1.amazonaws.com/ *.buonowelfare.it *.welfare.it https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self' blob:; media-src 'self'; worker-src 'none'; script-src-elem 'self' 'unsafe-inline' *.welfare.it/ https://amazon-cognito-assets.eu-west-1.amazoncognito.com/ *.buonowelfare.it/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; content-type text/html date Wed, 17 Apr 2024 13:26:38 GMT etag W/"ecaaf80d51e0998b2d7548b486307e1b" last-modified Mon, 15 Apr 2024 13:23:49 GMT permissions-policy geolocation=(self "https://manager.welfare.it" "https://customer.buonowelfare.it" "https://customerapi.buonowelfare.it") referrer-policy strict-origin-when-cross-origin server AmazonS3 strict-transport-security max-age=63072000; includeSubDomains vary Accept-Encoding via 1.1 374989d04bb9f7efef831637d8f4b234.cloudfront.net (CloudFront) x-amz-cf-id 3YmZY0kIuDcltF8DSijJCmCnMiBuqqgIyoHlT47bCUuZrhwzRnLLyw== x-amz-cf-pop DUS51-P2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-content-type-options nosniff x-frame-options DENY
GET H2	200	amazon-cognito-advanced-security-data.min.js Show response amazon-cognito-assets.eu-west-1.amazoncognito.com/	262 KB 262 KB	203ms 71ms	Script application/javascript	18.173.233.29 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://amazon-cognito-assets.eu-west-1.amazoncognito.com/amazon-cognito-advanced-security-data.min.js Requested by Host: bellini.welfare.it URL: https://bellini.welfare.it/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.233.29 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-233-29.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash 76c8c8dd37624451353be94098f7f7594665abb6b9630049b5a30d9552c0c992 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://bellini.welfare.it/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 06:20:10 GMT x-amz-version-id null via 1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront) last-modified Wed, 29 Nov 2017 21:35:50 GMT server AmazonS3 x-amz-cf-pop DUS51-P3 age 25310 etag "f114c0fc11a637cf5e7b845216b144d0" x-cache Hit from cloudfront content-type application/javascript accept-ranges bytes content-length 267861 x-amz-cf-id Z4AGz8A8CpF_z64E4y2gbfgF-BRXQ_rH7c9p3bWbqtD3Jq_5D-dypg==
GET H2	200	index-PXBIcEg6.js Show response bellini.welfare.it/assets/	2 MB 538 KB	100ms 99ms	Script application/javascript	108.157.4.64 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bellini.welfare.it/assets/index-PXBIcEg6.js Requested by Host: bellini.welfare.it URL: https://bellini.welfare.it/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.157.4.64 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-157-4-64.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash c418ce03d3e43f41a6dfa3853ea162aacc438829367f134c5d0b08133c463f82 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.buonowelfare.it/ *.welfare.it/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' *.buonowelfare.it/ https://fonts.googleapis.com/ *.welfare.it; object-src 'none'; base-uri 'self'; connect-src 'self' *.welfare.it/ https://s3welfare-customer-images-and-documents.s3.eu-west-1.amazonaws.com/ https://cognito-identity.eu-west-1.amazonaws.com/ https://cognito-idp.eu-west-1.amazonaws.com/ *.buonowelfare.it/ *.welfare.it/ https://maps.googleapis.com/; font-src 'self' data: https://fonts.gstatic.com/ *.welfare.it/; frame-src 'self' https://s3welfare-product-images.s3.eu-west-1.amazonaws.com/ https://www.google.com/ https://www.youtube.com/; img-src 'self' data: https://s3welfare-customer-images-and-documents.s3.eu-west-1.amazonaws.com/ *.buonowelfare.it *.welfare.it https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self' blob:; media-src 'self'; worker-src 'none'; script-src-elem 'self' 'unsafe-inline' *.welfare.it/ https://amazon-cognito-assets.eu-west-1.amazoncognito.com/ *.buonowelfare.it/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://bellini.welfare.it/ Origin https://bellini.welfare.it Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 04:46:30 GMT content-encoding gzip via 1.1 374989d04bb9f7efef831637d8f4b234.cloudfront.net (CloudFront) content-security-policy default-src 'self'; script-src 'self' 'unsafe-inline' *.buonowelfare.it/ *.welfare.it/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' *.buonowelfare.it/ https://fonts.googleapis.com/ *.welfare.it; object-src 'none'; base-uri 'self'; connect-src 'self' *.welfare.it/ https://s3welfare-customer-images-and-documents.s3.eu-west-1.amazonaws.com/ https://cognito-identity.eu-west-1.amazonaws.com/ https://cognito-idp.eu-west-1.amazonaws.com/ *.buonowelfare.it/ *.welfare.it/ https://maps.googleapis.com/; font-src 'self' data: https://fonts.gstatic.com/ *.welfare.it/; frame-src 'self' https://s3welfare-product-images.s3.eu-west-1.amazonaws.com/ https://www.google.com/ https://www.youtube.com/; img-src 'self' data: https://s3welfare-customer-images-and-documents.s3.eu-west-1.amazonaws.com/ *.buonowelfare.it *.welfare.it https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self' blob:; media-src 'self'; worker-src 'none'; script-src-elem 'self' 'unsafe-inline' *.welfare.it/ https://amazon-cognito-assets.eu-west-1.amazoncognito.com/ *.buonowelfare.it/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains x-amz-cf-pop DUS51-P2 age 30930 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 referrer-policy strict-origin-when-cross-origin last-modified Mon, 15 Apr 2024 13:23:48 GMT server AmazonS3 etag W/"bc281772cffaa04f614af1e65681d0f5" vary Accept-Encoding x-frame-options DENY content-type application/javascript permissions-policy geolocation=(self "https://manager.welfare.it" "https://customer.buonowelfare.it" "https://customerapi.buonowelfare.it") x-amz-cf-id hjE10Xk0H0uPb5MEFPr0o4ftxqH65MWt1Ibbo9ihSp5KnLOx_qTuGA==
GET H2	200	index-U2LhKzJE.css bellini.welfare.it/assets/	24 KB 7 KB	63ms 63ms	Stylesheet text/css	108.157.4.64 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bellini.welfare.it/assets/index-U2LhKzJE.css Requested by Host: bellini.welfare.it URL: https://bellini.welfare.it/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.157.4.64 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-157-4-64.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash 13fa66161227e220cf708e85971351a87dfb456f879c7f468ebb3dcec2913f1a Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.buonowelfare.it/ *.welfare.it/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' *.buonowelfare.it/ https://fonts.googleapis.com/ *.welfare.it; object-src 'none'; base-uri 'self'; connect-src 'self' *.welfare.it/ https://s3welfare-customer-images-and-documents.s3.eu-west-1.amazonaws.com/ https://cognito-identity.eu-west-1.amazonaws.com/ https://cognito-idp.eu-west-1.amazonaws.com/ *.buonowelfare.it/ *.welfare.it/ https://maps.googleapis.com/; font-src 'self' data: https://fonts.gstatic.com/ *.welfare.it/; frame-src 'self' https://s3welfare-product-images.s3.eu-west-1.amazonaws.com/ https://www.google.com/ https://www.youtube.com/; img-src 'self' data: https://s3welfare-customer-images-and-documents.s3.eu-west-1.amazonaws.com/ *.buonowelfare.it *.welfare.it https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self' blob:; media-src 'self'; worker-src 'none'; script-src-elem 'self' 'unsafe-inline' *.welfare.it/ https://amazon-cognito-assets.eu-west-1.amazoncognito.com/ *.buonowelfare.it/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://bellini.welfare.it/ Origin https://bellini.welfare.it Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 17 Apr 2024 13:27:15 GMT content-encoding br via 1.1 374989d04bb9f7efef831637d8f4b234.cloudfront.net (CloudFront) content-security-policy default-src 'self'; script-src 'self' 'unsafe-inline' *.buonowelfare.it/ *.welfare.it/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' *.buonowelfare.it/ https://fonts.googleapis.com/ *.welfare.it; object-src 'none'; base-uri 'self'; connect-src 'self' *.welfare.it/ https://s3welfare-customer-images-and-documents.s3.eu-west-1.amazonaws.com/ https://cognito-identity.eu-west-1.amazonaws.com/ https://cognito-idp.eu-west-1.amazonaws.com/ *.buonowelfare.it/ *.welfare.it/ https://maps.googleapis.com/; font-src 'self' data: https://fonts.gstatic.com/ *.welfare.it/; frame-src 'self' https://s3welfare-product-images.s3.eu-west-1.amazonaws.com/ https://www.google.com/ https://www.youtube.com/; img-src 'self' data: https://s3welfare-customer-images-and-documents.s3.eu-west-1.amazonaws.com/ *.buonowelfare.it *.welfare.it https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self' blob:; media-src 'self'; worker-src 'none'; script-src-elem 'self' 'unsafe-inline' *.welfare.it/ https://amazon-cognito-assets.eu-west-1.amazoncognito.com/ *.buonowelfare.it/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains x-amz-cf-pop DUS51-P2 age 86085 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 referrer-policy strict-origin-when-cross-origin last-modified Mon, 15 Apr 2024 13:23:48 GMT server AmazonS3 etag W/"016ed1bbb325c37168b3ee8d272801f8" vary Accept-Encoding x-frame-options DENY content-type text/css permissions-policy geolocation=(self "https://manager.welfare.it" "https://customer.buonowelfare.it" "https://customerapi.buonowelfare.it") x-amz-cf-id jCWMiPSP6rr3xHBeFk280dKmr6AWp2HaQgEBPB9_rquTDeVmhh8J6A==
GET H2	200	web Show response api-v2.opened.welfare.it/backend/stores/customization/ui_setup/	1005 B 3 KB	79ms 78ms	XHR application/json	18.202.191.158 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api-v2.opened.welfare.it/backend/stores/customization/ui_setup/web Requested by Host: bellini.welfare.it URL: https://bellini.welfare.it/assets/index-PXBIcEg6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.202.191.158 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-202-191-158.eu-west-1.compute.amazonaws.com Software / Resource Hash e646a71760d51676d75f7371203bc827b7f347d4eba288866e6811b1953d3dac Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https:; object-src 'none'; base-uri 'none'; require-trusted-types-for 'script'; img-src 'self' *.welfare.it/; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Frontend-Version v1.28.3 Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer https://bellini.welfare.it/ sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 13:22:00 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https:; object-src 'none'; base-uri 'none'; require-trusted-types-for 'script'; img-src 'self' *.welfare.it/; server-timing middleware-HeadersCleaner;dur=0.00;desc="HeadersCleaner middleware",middleware-RequestId;dur=0.00;desc="RequestId middleware",middleware-CacheControl;dur=0.00;desc="CacheControl middleware",gateway-cache;dur=1.00;desc="Gateway Store Cache",gateway;dur=2.30;desc="Gateway" request-id 19g611lv59tgm5 content-length 1005 gateway-cached yes referrer-policy no-referrer, strict-origin-when-cross-origin vary Origin, Referer, Accept-Language, User-Agent, Frontend-Version x-ratelimit-remaining 299 content-type application/json; charset=utf-8 access-control-allow-origin https://bellini.welfare.it gateway-cached-for 36147 access-control-expose-headers request-id cache-control max-age=14400 gateway-cached-by Store x-ratelimit-reset 60 x-ratelimit-limit 300 gateway-cached-key fv_v1.28.3-GET-https://bellini.welfare.it/backend/stores/customization/ui_setup/web-body- timing-allow-origin https://bellini.welfare.it permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), unload=(), window-placement=(), vertical-scroll=() x-frame-options SAMEORIGIN
OPTIONS H2	204	web api-v2.opened.welfare.it/backend/stores/customization/ui_setup/ Frame	0 0	571ms 97ms	Preflight	18.202.191.158 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api-v2.opened.welfare.it/backend/stores/customization/ui_setup/web Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.202.191.158 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-202-191-158.eu-west-1.compute.amazonaws.com Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https:; object-src 'none'; base-uri 'none'; require-trusted-types-for 'script'; img-src 'self' *.welfare.it/; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept */* Access-Control-Request-Headers frontend-version Access-Control-Request-Method GET Origin https://bellini.welfare.it Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers access-control-allow-headers frontend-version access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin https://bellini.welfare.it access-control-expose-headers request-id content-security-policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https:; object-src 'none'; base-uri 'none'; require-trusted-types-for 'script'; img-src 'self' *.welfare.it/; date Thu, 18 Apr 2024 13:22:00 GMT permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), unload=(), window-placement=(), vertical-scroll=() referrer-policy no-referrer, strict-origin-when-cross-origin strict-transport-security max-age=31536000; includeSubDomains timing-allow-origin https://bellini.welfare.it vary Origin, Access-Control-Request-Headers x-content-type-options nosniff x-frame-options SAMEORIGIN
GET H2	200	css fonts.googleapis.com/	717 B 779 B	903ms 55ms	Stylesheet text/css	172.217.18.10 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato Requested by Host: bellini.welfare.it URL: https://bellini.welfare.it/assets/index-PXBIcEg6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.10 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f10.1e100.net Software ESF / Resource Hash 77d9907ca853ab885fd7a35a29faaf4206b8fe47347cd9c12391d64451ad6f37 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://bellini.welfare.it/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Thu, 18 Apr 2024 13:22:01 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 18 Apr 2024 12:39:47 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 18 Apr 2024 13:22:01 GMT
GET H2	200	generic.js Show response awscdnng.welfare.it/web-components/generic/esm/	624 B 1 KB	168ms 45ms	Script application/javascript	108.157.4.51 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://awscdnng.welfare.it/web-components/generic/esm/generic.js Requested by Host: bellini.welfare.it URL: https://bellini.welfare.it/assets/index-PXBIcEg6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.157.4.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-157-4-51.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash ffc50c03e5c2c81b743e44d71ef9cd863dfe01d0e91fa3e0eddd99b401924103 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'; base-uri 'self'; connect-src 'self'; font-src 'self' data:; frame-src 'self'; img-src 'self' data:; manifest-src 'self' blob:; media-src 'self'; worker-src 'none'; script-src-elem 'self'; Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://bellini.welfare.it/ Origin https://bellini.welfare.it Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 13:22:00 GMT via 1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront) x-content-type-options nosniff content-security-policy default-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'; base-uri 'self'; connect-src 'self'; font-src 'self' data:; frame-src 'self'; img-src 'self' data:; manifest-src 'self' blob:; media-src 'self'; worker-src 'none'; script-src-elem 'self'; strict-transport-security max-age=31536000 x-amz-cf-pop DUS51-P2 age 10715 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 624 referrer-policy strict-origin-when-cross-origin last-modified Thu, 09 Mar 2023 15:44:44 GMT server AmazonS3 etag "dd65c9fca405814da9c1333d71b097dd" vary Accept-Encoding, Origin x-frame-options DENY content-type application/javascript access-control-allow-origin https://bellini.welfare.it permissions-policy geolocation=(self "https://manager.welfare.it" "https://customer.buonowelfare.it" "https://customerapi.buonowelfare.it") accept-ranges bytes x-amz-cf-id bob9hyryafRtki2JzVdLu3HOCWI6OwiYEW1q88gXUhTnoFLuAFSj9w==
GET H2	200	favicon.png images.welfare.it/cms/	1 KB 2 KB	222ms 70ms	Other image/png	108.157.4.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://images.welfare.it/cms/favicon.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.157.4.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-157-4-74.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash 676b89ef0769a99792194131e0a6fd668a90fd4f8610ca4b56c006b5c4fdb0be Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://bellini.welfare.it/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 04:32:23 GMT via 1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop DUS51-P2 age 31778 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 1103 referrer-policy strict-origin-when-cross-origin last-modified Tue, 27 Apr 2021 14:46:13 GMT server AmazonS3 etag "6b434674661911d2e13cbc9ce431daa2" vary Accept-Encoding x-frame-options DENY content-type image/png permissions-policy camera=(), microphone=(), geolocation=() accept-ranges bytes x-amz-cf-id z4NnOsjnr3gRllEQ8G9XXS6L1V21aF1EDz4cwGcqyJ24dYrWPVClYA==
GET H2	200	enabled Show response api-v2.opened.welfare.it/backend/stores/properties/	16 B 2 KB	137ms 137ms	XHR application/json	18.202.191.158 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api-v2.opened.welfare.it/backend/stores/properties/enabled Requested by Host: bellini.welfare.it URL: https://bellini.welfare.it/assets/index-PXBIcEg6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.202.191.158 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-202-191-158.eu-west-1.compute.amazonaws.com Software / Resource Hash 26b3426b2593763c96d0890b4a77a0bbf66d13fc512b0c6b138a23c290f30a2a Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https:; object-src 'none'; base-uri 'none'; require-trusted-types-for 'script'; img-src 'self' *.welfare.it/; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Frontend-Version v1.28.3 Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer https://bellini.welfare.it/ sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 13:22:00 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https:; object-src 'none'; base-uri 'none'; require-trusted-types-for 'script'; img-src 'self' *.welfare.it/; proxied-cache-control no-cache, private proxied-x-ratelimit-limit 60 proxied-x-ratelimit-remaining 59 server-timing middleware-HeadersCleaner;dur=0.00;desc="HeadersCleaner middleware",middleware-RequestId;dur=0.00;desc="RequestId middleware",middleware-CacheControl;dur=0.00;desc="CacheControl middleware",middleware-CacheByStore;dur=0.40;desc="CacheByStore middleware",microservice;dur=72.50;desc=Microservice,gateway;dur=73.70;desc="Gateway" request-id 19g611lv59tgqm x-xss-protection 1; mode=block referrer-policy no-referrer, strict-origin-when-cross-origin proxied-access-control-allow-origin * vary Origin, Referer, Accept-Language, User-Agent, Frontend-Version x-ratelimit-remaining 298 content-type application/json access-control-allow-origin https://bellini.welfare.it access-control-expose-headers request-id cache-control max-age=300 permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), unload=(), window-placement=(), vertical-scroll=() x-ratelimit-reset 60 x-ratelimit-limit 300 timing-allow-origin https://bellini.welfare.it x-frame-options SAMEORIGIN
OPTIONS H2	204	enabled api-v2.opened.welfare.it/backend/stores/properties/ Frame	0 0	66ms 66ms	Preflight	18.202.191.158 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api-v2.opened.welfare.it/backend/stores/properties/enabled Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.202.191.158 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-202-191-158.eu-west-1.compute.amazonaws.com Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https:; object-src 'none'; base-uri 'none'; require-trusted-types-for 'script'; img-src 'self' *.welfare.it/; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept */* Access-Control-Request-Headers frontend-version Access-Control-Request-Method GET Origin https://bellini.welfare.it Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers access-control-allow-headers frontend-version access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin https://bellini.welfare.it access-control-expose-headers request-id content-security-policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https:; object-src 'none'; base-uri 'none'; require-trusted-types-for 'script'; img-src 'self' *.welfare.it/; date Thu, 18 Apr 2024 13:22:00 GMT permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), unload=(), window-placement=(), vertical-scroll=() referrer-policy no-referrer, strict-origin-when-cross-origin strict-transport-security max-age=31536000; includeSubDomains timing-allow-origin https://bellini.welfare.it vary Origin, Access-Control-Request-Headers x-content-type-options nosniff x-frame-options SAMEORIGIN
GET H2	200	index-4e0c672e.js Show response awscdnng.welfare.it/web-components/generic/esm/	47 KB 13 KB	50ms 49ms	Script application/javascript	108.157.4.51 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://awscdnng.welfare.it/web-components/generic/esm/index-4e0c672e.js Requested by Host: bellini.welfare.it URL: https://bellini.welfare.it/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.157.4.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-157-4-51.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash 8b02f4653902973e70db1b70c120954f3a59e861bab69d302fb0c39cde5e39aa Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'; base-uri 'self'; connect-src 'self'; font-src 'self' data:; frame-src 'self'; img-src 'self' data:; manifest-src 'self' blob:; media-src 'self'; worker-src 'none'; script-src-elem 'self'; Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://awscdnng.welfare.it/web-components/generic/esm/generic.js Origin https://bellini.welfare.it Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 17 Apr 2024 21:21:04 GMT content-encoding gzip via 1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront) content-security-policy default-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'; base-uri 'self'; connect-src 'self'; font-src 'self' data:; frame-src 'self'; img-src 'self' data:; manifest-src 'self' blob:; media-src 'self'; worker-src 'none'; script-src-elem 'self'; x-content-type-options nosniff strict-transport-security max-age=31536000 x-amz-cf-pop DUS51-P2 age 57657 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 referrer-policy strict-origin-when-cross-origin last-modified Thu, 09 Mar 2023 15:44:44 GMT server AmazonS3 etag W/"8ac2b20681808cd74c0f9821ea320136" vary Accept-Encoding, Origin x-frame-options DENY content-type application/javascript access-control-allow-origin https://bellini.welfare.it permissions-policy geolocation=(self "https://manager.welfare.it" "https://customer.buonowelfare.it" "https://customerapi.buonowelfare.it") x-amz-cf-id 21ltcDzamdUhDjoFXollakpibf_5b8f00ACAxkO0GI-FjyhzIAPoTA==
GET H2	403	container_9HNlHyDk.js analytics.welfare.it/js/	0 0	713ms 81ms	Script text/plain	3.33.223.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://analytics.welfare.it/js/container_9HNlHyDk.js Requested by Host: bellini.welfare.it URL: https://bellini.welfare.it/assets/index-PXBIcEg6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.223.163 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ae84c2615039837a7.awsglobalaccelerator.com Software awselb/2.0 / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://bellini.welfare.it/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 13:22:01 GMT server awselb/2.0 content-length 0 content-type text/plain; charset=utf-8
GET H2	200	matomo.js Show response analytics.welfare.it/	64 KB 65 KB	745ms 115ms	Script application/javascript	3.33.223.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://analytics.welfare.it/matomo.js Requested by Host: bellini.welfare.it URL: https://bellini.welfare.it/assets/index-PXBIcEg6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.223.163 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ae84c2615039837a7.awsglobalaccelerator.com Software nginx / Resource Hash d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://bellini.welfare.it/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma public date Thu, 18 Apr 2024 13:22:01 GMT last-modified Thu, 26 Jan 2023 07:55:01 GMT server nginx etag "63d231d5-10132" content-type application/javascript cache-control max-age=3600, public accept-ranges bytes content-length 65842 expires Thu, 18 Apr 2024 14:22:01 GMT
GET H2	200	web Show response api-v2.opened.welfare.it/backend/stores/customization/assets/	194 B 2 KB	66ms 66ms	XHR application/json	18.202.191.158 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api-v2.opened.welfare.it/backend/stores/customization/assets/web Requested by Host: bellini.welfare.it URL: https://bellini.welfare.it/assets/index-PXBIcEg6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.202.191.158 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-202-191-158.eu-west-1.compute.amazonaws.com Software / Resource Hash 7cdeca09dd78afe467be848aa63b376dab47b1d7654269eedab42e4d099c6d3d Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https:; object-src 'none'; base-uri 'none'; require-trusted-types-for 'script'; img-src 'self' *.welfare.it/; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Frontend-Version v1.28.3 Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer https://bellini.welfare.it/ sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 13:22:01 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https:; object-src 'none'; base-uri 'none'; require-trusted-types-for 'script'; img-src 'self' *.welfare.it/; server-timing middleware-HeadersCleaner;dur=0.00;desc="HeadersCleaner middleware",middleware-RequestId;dur=0.00;desc="RequestId middleware",middleware-CacheControl;dur=0.00;desc="CacheControl middleware",gateway-cache;dur=0.80;desc="Gateway Store Cache",gateway;dur=1.80;desc="Gateway" request-id 19g611lv59th8q content-length 194 gateway-cached yes referrer-policy no-referrer, strict-origin-when-cross-origin vary Origin, Referer, Accept-Language, User-Agent, Frontend-Version x-ratelimit-remaining 297 content-type application/json; charset=utf-8 access-control-allow-origin https://bellini.welfare.it gateway-cached-for 36146 access-control-expose-headers request-id cache-control max-age=3600 gateway-cached-by Store x-ratelimit-reset 60 x-ratelimit-limit 300 gateway-cached-key fv_v1.28.3-GET-https://bellini.welfare.it/backend/stores/customization/assets/web-body- timing-allow-origin https://bellini.welfare.it permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), unload=(), window-placement=(), vertical-scroll=() x-frame-options SAMEORIGIN
OPTIONS H2	204	web api-v2.opened.welfare.it/backend/stores/customization/assets/ Frame	0 0	480ms 480ms	Preflight	18.202.191.158 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api-v2.opened.welfare.it/backend/stores/customization/assets/web Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.202.191.158 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-202-191-158.eu-west-1.compute.amazonaws.com Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https:; object-src 'none'; base-uri 'none'; require-trusted-types-for 'script'; img-src 'self' *.welfare.it/; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept */* Access-Control-Request-Headers frontend-version Access-Control-Request-Method GET Origin https://bellini.welfare.it Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers access-control-allow-headers frontend-version access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin https://bellini.welfare.it access-control-expose-headers request-id content-security-policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https:; object-src 'none'; base-uri 'none'; require-trusted-types-for 'script'; img-src 'self' *.welfare.it/; date Thu, 18 Apr 2024 13:22:00 GMT permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), unload=(), window-placement=(), vertical-scroll=() referrer-policy no-referrer, strict-origin-when-cross-origin strict-transport-security max-age=31536000; includeSubDomains timing-allow-origin https://bellini.welfare.it vary Origin, Access-Control-Request-Headers x-content-type-options nosniff x-frame-options SAMEORIGIN
GET H2	200	favicon.png images.welfare.it/cms/	1 KB 0	0ms 0ms	Other image/png	108.157.4.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://images.welfare.it/cms/favicon.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.157.4.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-157-4-74.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash 676b89ef0769a99792194131e0a6fd668a90fd4f8610ca4b56c006b5c4fdb0be Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://bellini.welfare.it/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 04:32:23 GMT via 1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront) x-content-type-options nosniff x-amz-cf-pop DUS51-P2 age 31778 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 1103 referrer-policy strict-origin-when-cross-origin last-modified Tue, 27 Apr 2021 14:46:13 GMT server AmazonS3 etag "6b434674661911d2e13cbc9ce431daa2" vary Accept-Encoding x-frame-options DENY content-type image/png permissions-policy camera=(), microphone=(), geolocation=() accept-ranges bytes x-amz-cf-id z4NnOsjnr3gRllEQ8G9XXS6L1V21aF1EDz4cwGcqyJ24dYrWPVClYA==
GET H2	200	api.js Show response www.google.com/recaptcha/	1 KB 1 KB	641ms 50ms	Script text/javascript	216.58.206.36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit Requested by Host: bellini.welfare.it URL: https://bellini.welfare.it/assets/index-PXBIcEg6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.36 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s07-in-f4.1e100.net Software GSE / Resource Hash 66ab72ea89b682bcfabdd35ce62ca9e700c7bd8f950c3fa1668583fc74740d6b Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://bellini.welfare.it/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 13:22:01 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Thu, 18 Apr 2024 13:22:01 GMT
GET H2	200	main-logo.png images.welfare.it/cms/store/661558b5bd90d8a49e002932/assets/	10 KB 11 KB	205ms 204ms	Image image/png	108.157.4.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images.welfare.it/cms/store/661558b5bd90d8a49e002932/assets/main-logo.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.157.4.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-157-4-74.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash 6a9a6b1da78cff2e7e31556432aa44da10a0950d3e26fc736409b3a04abb7bfa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://bellini.welfare.it/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 13:22:02 GMT via 1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop DUS51-P2 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 content-length 10669 referrer-policy strict-origin-when-cross-origin last-modified Tue, 09 Apr 2024 16:19:35 GMT server AmazonS3 etag "5ed6cbd9ef6711372c2bd2ef5cb41de4" x-frame-options DENY content-type image/png permissions-policy camera=(), microphone=(), geolocation=() accept-ranges bytes x-amz-cf-id e6slkTp_qLRLVnFgwA8h_ZdTARYLT7VrR8gHK8QG-B_oArKb-9Gn5Q==
GET H2	200	login-background.jpg images.welfare.it/cms/	46 KB 47 KB	71ms 71ms	Image image/jpeg	108.157.4.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images.welfare.it/cms/login-background.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.157.4.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-157-4-74.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash ca3265ba17d79ad26a6b33ddc7eda16c9fc45abfaa9b064c163930d537093d85 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://bellini.welfare.it/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 07:38:24 GMT via 1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop DUS51-P2 age 20618 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 47326 referrer-policy strict-origin-when-cross-origin last-modified Tue, 27 Apr 2021 13:34:29 GMT server AmazonS3 etag "a8f231c9e8d8b953317251eb03244d08" vary Accept-Encoding x-frame-options DENY content-type image/jpeg permissions-policy camera=(), microphone=(), geolocation=() accept-ranges bytes x-amz-cf-id kQy3M-re__NoAC6TzlOGNJQ8fPBcSLb1psxieWFddIZVXJzry3oTEg==
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v24/	23 KB 24 KB	435ms 30ms	Font font/woff2	142.250.181.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f3.1e100.net Software sffe / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://fonts.googleapis.com/ Origin https://bellini.welfare.it Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 02:38:45 GMT x-content-type-options nosniff age 211396 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23580 x-xss-protection 0 last-modified Tue, 02 May 2023 15:17:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 16 Apr 2025 02:38:45 GMT
GET H2	200	recaptcha__it.js Show response www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/	508 KB 203 KB	475ms 40ms	Script text/javascript	172.217.16.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__it.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s08-in-f3.1e100.net Software sffe / Resource Hash 577a10f492968d7f63e0b61ea6575998cc4aeddb1b3a8041f33724d163371cf7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://bellini.welfare.it/ Origin https://bellini.welfare.it Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 23:56:29 GMT content-encoding gzip x-content-type-options nosniff age 221132 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 207174 x-xss-protection 0 last-modified Mon, 15 Apr 2024 02:01:04 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 15 Apr 2025 23:56:29 GMT
POST H2	204	matomo.php analytics.welfare.it/	0 183 B	150ms 149ms	Ping text/plain	3.33.223.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://analytics.welfare.it/matomo.php?action_name=bellini%2FBELLINI&idsite=4&rec=1&r=375359&h=15&m=22&s=1&url=https%3A%2F%2Fbellini.welfare.it%2Fbellini%2Flogin&_id=3a90f22603d39499&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=9Gx10i&pf_net=163&pf_srv=66&pf_tfr=0&pf_dm1=29&pf_dm2=422&pf_onl=0&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22124.0.6367.60%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22124.0.6367.60%22%7D%2C%7B%22brand%22%3A%22Not-A.Brand%22%2C%22version%22%3A%2299.0.0.0%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D Requested by Host: analytics.welfare.it URL: https://analytics.welfare.it/matomo.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.223.163 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ae84c2615039837a7.awsglobalaccelerator.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://bellini.welfare.it/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers access-control-allow-origin https://bellini.welfare.it date Thu, 18 Apr 2024 13:22:01 GMT access-control-allow-credentials true referrer-policy origin server nginx x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	anchor www.google.com/recaptcha/api2/ Frame 7857	0 0	520ms 79ms	Document text/html	216.58.206.36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf2srsaAAAAAAOBhMSk2mJBB7VY-ta978RINxk5&co=aHR0cHM6Ly9iZWxsaW5pLndlbGZhcmUuaXQ6NDQz&hl=it&type=image&v=QoukH5jSO3sKFzVEA7Vc8VgC&theme=light&size=normal&badge=bottomright&cb=6ntm3pyq54tf Requested by Host: bellini.welfare.it URL: https://bellini.welfare.it/assets/index-PXBIcEg6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.36 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s07-in-f4.1e100.net Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-C_UixI41F_sKeHmsr262-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://bellini.welfare.it/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-C_UixI41F_sKeHmsr262-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 18 Apr 2024 13:22:02 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	bframe www.google.com/recaptcha/api2/ Frame F18E	0 0	53ms 53ms	Document text/html	216.58.206.36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=it&v=QoukH5jSO3sKFzVEA7Vc8VgC&k=6Lf2srsaAAAAAAOBhMSk2mJBB7VY-ta978RINxk5 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__it.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.36 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s07-in-f4.1e100.net Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-NfyXe_GIhdQMZEhVU8MNqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://bellini.welfare.it/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-NfyXe_GIhdQMZEhVU8MNqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 18 Apr 2024 13:22:03 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| __fwcimLoaded object| AWSCognitoContextData object| _crypto function| setImmediate function| clearImmediate object| AmazonCognitoAdvancedSecurityData function| Zepto function| $ object| fwcim object| regeneratorRuntime object| _mtm object| _paq object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| recaptcha object| closure_lm_649657

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			bellini.welfare.it/	1970-01-21 05:23:21	Name: _pk_id.4.039d Value: 3a90f22603d39499.1713446521.
			bellini.welfare.it/	1970-01-20 19:57:28	Name: _pk_ses.4.039d Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://analytics.welfare.it/js/container_9HNlHyDk.js Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' *.buonowelfare.it/ *.welfare.it/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' *.buonowelfare.it/ https://fonts.googleapis.com/ *.welfare.it; object-src 'none'; base-uri 'self'; connect-src 'self' *.welfare.it/ https://s3welfare-customer-images-and-documents.s3.eu-west-1.amazonaws.com/ https://cognito-identity.eu-west-1.amazonaws.com/ https://cognito-idp.eu-west-1.amazonaws.com/ *.buonowelfare.it/ *.welfare.it/ https://maps.googleapis.com/; font-src 'self' data: https://fonts.gstatic.com/ *.welfare.it/; frame-src 'self' https://s3welfare-product-images.s3.eu-west-1.amazonaws.com/ https://www.google.com/ https://www.youtube.com/; img-src 'self' data: https://s3welfare-customer-images-and-documents.s3.eu-west-1.amazonaws.com/ *.buonowelfare.it *.welfare.it https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self' blob:; media-src 'self'; worker-src 'none'; script-src-elem 'self' 'unsafe-inline' *.welfare.it/ https://amazon-cognito-assets.eu-west-1.amazoncognito.com/ *.buonowelfare.it/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amazon-cognito-assets.eu-west-1.amazoncognito.com
analytics.welfare.it
api-v2.opened.welfare.it
awscdnng.welfare.it
bellini.welfare.it
fonts.googleapis.com
fonts.gstatic.com
images.welfare.it
www.google.com
www.gstatic.com
108.157.4.51
108.157.4.64
108.157.4.74
142.250.181.227
172.217.16.195
172.217.18.10
18.173.233.29
18.202.191.158
216.58.206.36
3.33.223.163
13fa66161227e220cf708e85971351a87dfb456f879c7f468ebb3dcec2913f1a
26b3426b2593763c96d0890b4a77a0bbf66d13fc512b0c6b138a23c290f30a2a
577a10f492968d7f63e0b61ea6575998cc4aeddb1b3a8041f33724d163371cf7
66ab72ea89b682bcfabdd35ce62ca9e700c7bd8f950c3fa1668583fc74740d6b
676b89ef0769a99792194131e0a6fd668a90fd4f8610ca4b56c006b5c4fdb0be
6a9a6b1da78cff2e7e31556432aa44da10a0950d3e26fc736409b3a04abb7bfa
76c8c8dd37624451353be94098f7f7594665abb6b9630049b5a30d9552c0c992
77d9907ca853ab885fd7a35a29faaf4206b8fe47347cd9c12391d64451ad6f37
7cdeca09dd78afe467be848aa63b376dab47b1d7654269eedab42e4d099c6d3d
8b02f4653902973e70db1b70c120954f3a59e861bab69d302fb0c39cde5e39aa
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
c418ce03d3e43f41a6dfa3853ea162aacc438829367f134c5d0b08133c463f82
ca3265ba17d79ad26a6b33ddc7eda16c9fc45abfaa9b064c163930d537093d85
d72bba1931d9906aa07ecdea3ba148905f2c579275a142856a57c739661730cf
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e646a71760d51676d75f7371203bc827b7f347d4eba288866e6811b1953d3dac
ffc50c03e5c2c81b743e44d71ef9cd863dfe01d0e91fa3e0eddd99b401924103