urlscan.io logo urlscan.io
SecurityTrails logo

grittigroupspa.welfare.it Open in urlscan Pro
13.33.187.36  Public Scan

Go To Rescan Add Verdict Report
URL: https://grittigroupspa.welfare.it/
Submission: On June 07 via api from US — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 5 domains to perform 26 HTTP transactions. The main IP is 13.33.187.36, located in United States and belongs to AMAZON-02, US. The main domain is grittigroupspa.welfare.it.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on November 27th 2023. Valid for: a year.
This is the only time grittigroupspa.welfare.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 13.33.187.36 16509 (AMAZON-02)
1 13.35.58.83 16509 (AMAZON-02)
6 52.31.184.103 16509 (AMAZON-02)
1 142.250.186.74 15169 (GOOGLE)
2 18.245.86.107 16509 (AMAZON-02)
5 18.245.86.85 16509 (AMAZON-02)
3 3.33.223.163 16509 (AMAZON-02)
3 216.58.212.132 15169 (GOOGLE)
1 142.250.185.195 15169 (GOOGLE)
1 142.250.186.99 15169 (GOOGLE)
26 10
3    13.33.187.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-36.fra60.r.cloudfront.net
grittigroupspa.welfare.it
1    13.35.58.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-83.fra60.r.cloudfront.net
amazon-cognito-assets.eu-west-1.amazoncognito.com
6    52.31.184.103 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-184-103.eu-west-1.compute.amazonaws.com
api-v2.opened.welfare.it
1    142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net
fonts.googleapis.com
2    18.245.86.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-107.fra60.r.cloudfront.net
awscdnng.welfare.it
5    18.245.86.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-85.fra60.r.cloudfront.net
images.welfare.it
3    3.33.223.163 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae84c2615039837a7.awsglobalaccelerator.com
analytics.welfare.it
3    216.58.212.132 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f4.1e100.net
www.google.com
1    142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net
fonts.gstatic.com
1    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
www.gstatic.com
Domain Requested by
6 api-v2.opened.welfare.it grittigroupspa.welfare.it
5 images.welfare.it
3 www.google.com grittigroupspa.welfare.it
www.gstatic.com
3 analytics.welfare.it grittigroupspa.welfare.it
analytics.welfare.it
3 grittigroupspa.welfare.it grittigroupspa.welfare.it
2 awscdnng.welfare.it grittigroupspa.welfare.it
1 www.gstatic.com www.google.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com grittigroupspa.welfare.it
1 amazon-cognito-assets.eu-west-1.amazoncognito.com grittigroupspa.welfare.it
26 10

This site contains no links.

Subject Issuer Validity Valid
*.welfare.it
GeoTrust TLS RSA CA G1		 2023-11-27 -
2024-12-11		 a year crt.sh
*.eu-west-1.amazoncognito.com
Amazon RSA 2048 M03		 2024-05-09 -
2025-06-06		 a year crt.sh
*.opened.welfare.it
Amazon RSA 2048 M02		 2024-01-08 -
2025-02-05		 a year crt.sh
upload.video.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
www.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://grittigroupspa.welfare.it/
Frame ID: 91EFBF1C9ACA78966BC21D55B9C66B36
Requests: 21 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf2srsaAAAAAAOBhMSk2mJBB7VY-ta978RINxk5&co=aHR0cHM6Ly9ncml0dGlncm91cHNwYS53ZWxmYXJlLml0OjQ0Mw..&hl=it&type=image&v=9pvHvq7kSOTqqZusUzJ6ewaF&theme=light&size=normal&badge=bottomright&cb=iyz3lxaxh84s
Frame ID: 288A1AB65EED9639FF6DC1CF587995B5
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=it&v=9pvHvq7kSOTqqZusUzJ6ewaF&k=6Lf2srsaAAAAAAOBhMSk2mJBB7VY-ta978RINxk5
Frame ID: C11D77CE359D6F4D896466FC6D1D330A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GRITTIGSPA

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

26
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

10
Subdomains

10
IPs

2
Countries

1227 kB
Transfer

2802 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
grittigroupspa.welfare.it/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://grittigroupspa.welfare.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-36.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8366806b27c2a089049a73593a685ec4923dab97ead7b4bdb4519a696e97ace5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.buonowelfare.it/ *.welfare.it/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' *.buonowelfare.it/ https://fonts.googleapis.com/ *.welfare.it; object-src 'none'; base-uri 'self'; connect-src 'self' *.welfare.it/ https://s3welfare-customer-images-and-documents.s3.eu-west-1.amazonaws.com/ https://cognito-identity.eu-west-1.amazonaws.com/ https://cognito-idp.eu-west-1.amazonaws.com/ *.buonowelfare.it/ *.welfare.it/ https://maps.googleapis.com/; font-src 'self' data: https://fonts.gstatic.com/ *.welfare.it/; frame-src 'self' https://s3welfare-product-images.s3.eu-west-1.amazonaws.com/ https://www.google.com/ https://images.welfare.it/ https://www.youtube.com/; img-src 'self' data: https://s3welfare-customer-images-and-documents.s3.eu-west-1.amazonaws.com/ *.buonowelfare.it *.welfare.it https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self' blob:; media-src 'self'; worker-src 'none'; script-src-elem 'self' 'unsafe-inline' *.welfare.it/ https://amazon-cognito-assets.eu-west-1.amazoncognito.com/ *.buonowelfare.it/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
14491
alt-svc
h3=":443"; ma=86400
content-encoding
gzip
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' *.buonowelfare.it/ *.welfare.it/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' *.buonowelfare.it/ https://fonts.googleapis.com/ *.welfare.it; object-src 'none'; base-uri 'self'; connect-src 'self' *.welfare.it/ https://s3welfare-customer-images-and-documents.s3.eu-west-1.amazonaws.com/ https://cognito-identity.eu-west-1.amazonaws.com/ https://cognito-idp.eu-west-1.amazonaws.com/ *.buonowelfare.it/ *.welfare.it/ https://maps.googleapis.com/; font-src 'self' data: https://fonts.gstatic.com/ *.welfare.it/; frame-src 'self' https://s3welfare-product-images.s3.eu-west-1.amazonaws.com/ https://www.google.com/ https://images.welfare.it/ https://www.youtube.com/; img-src 'self' data: https://s3welfare-customer-images-and-documents.s3.eu-west-1.amazonaws.com/ *.buonowelfare.it *.welfare.it https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self' blob:; media-src 'self'; worker-src 'none'; script-src-elem 'self' 'unsafe-inline' *.welfare.it/ https://amazon-cognito-assets.eu-west-1.amazoncognito.com/ *.buonowelfare.it/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;
content-type
text/html
date
Fri, 07 Jun 2024 08:36:27 GMT
etag
W/"95798e48f742c5d777271b195508198b"
last-modified
Mon, 03 Jun 2024 08:23:14 GMT
permissions-policy
geolocation=(self "https://manager.welfare.it" "https://customer.buonowelfare.it" "https://customerapi.buonowelfare.it")
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
via
1.1 45e3ccd889272a7e8732f0eda13e87ca.cloudfront.net (CloudFront)
x-amz-cf-id
dwAl59TT9rtrHli4TvAmGiuRdRYLjlAKIwXZRqhHKwFkPoxJ8Tevog==
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
amazon-cognito-advanced-security-data.min.js
amazon-cognito-assets.eu-west-1.amazoncognito.com/ 		262 KB
262 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amazon-cognito-assets.eu-west-1.amazoncognito.com/amazon-cognito-advanced-security-data.min.js
Requested by
Host: grittigroupspa.welfare.it
URL: https://grittigroupspa.welfare.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-83.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
76c8c8dd37624451353be94098f7f7594665abb6b9630049b5a30d9552c0c992

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://grittigroupspa.welfare.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
date
Fri, 07 Jun 2024 07:16:37 GMT
via
1.1 aa4673eb0527fb06f7940307fecfc1b6.cloudfront.net (CloudFront)
last-modified
Wed, 29 Nov 2017 21:35:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P10
age
18751
etag
"f114c0fc11a637cf5e7b845216b144d0"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
267861
x-amz-cf-id
kYTVwf73opXVh5AkYExgcD6PdVzFUrEQaU5DZ247WffeRXO8YfwcqQ==
index-w8MPVvuL.js
grittigroupspa.welfare.it/assets/ 		2 MB
553 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grittigroupspa.welfare.it/assets/index-w8MPVvuL.js
Requested by
Host: grittigroupspa.welfare.it
URL: https://grittigroupspa.welfare.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-36.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a04fc05a583da73a16a29d333c2e139753ce1c7fe8ab99c97d323328fec8b37
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.buonowelfare.it/ *.welfare.it/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' *.buonowelfare.it/ https://fonts.googleapis.com/ *.welfare.it; object-src 'none'; base-uri 'self'; connect-src 'self' *.welfare.it/ https://s3welfare-customer-images-and-documents.s3.eu-west-1.amazonaws.com/ https://cognito-identity.eu-west-1.amazonaws.com/ https://cognito-idp.eu-west-1.amazonaws.com/ *.buonowelfare.it/ *.welfare.it/ https://maps.googleapis.com/; font-src 'self' data: https://fonts.gstatic.com/ *.welfare.it/; frame-src 'self' https://s3welfare-product-images.s3.eu-west-1.amazonaws.com/ https://www.google.com/ https://images.welfare.it/ https://www.youtube.com/; img-src 'self' data: https://s3welfare-customer-images-and-documents.s3.eu-west-1.amazonaws.com/ *.buonowelfare.it *.welfare.it https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self' blob:; media-src 'self'; worker-src 'none'; script-src-elem 'self' 'unsafe-inline' *.welfare.it/ https://amazon-cognito-assets.eu-west-1.amazoncognito.com/ *.buonowelfare.it/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://grittigroupspa.welfare.it/
Origin
https://grittigroupspa.welfare.it
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:43:15 GMT
content-encoding
gzip
via
1.1 45e3ccd889272a7e8732f0eda13e87ca.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' *.buonowelfare.it/ *.welfare.it/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' *.buonowelfare.it/ https://fonts.googleapis.com/ *.welfare.it; object-src 'none'; base-uri 'self'; connect-src 'self' *.welfare.it/ https://s3welfare-customer-images-and-documents.s3.eu-west-1.amazonaws.com/ https://cognito-identity.eu-west-1.amazonaws.com/ https://cognito-idp.eu-west-1.amazonaws.com/ *.buonowelfare.it/ *.welfare.it/ https://maps.googleapis.com/; font-src 'self' data: https://fonts.gstatic.com/ *.welfare.it/; frame-src 'self' https://s3welfare-product-images.s3.eu-west-1.amazonaws.com/ https://www.google.com/ https://images.welfare.it/ https://www.youtube.com/; img-src 'self' data: https://s3welfare-customer-images-and-documents.s3.eu-west-1.amazonaws.com/ *.buonowelfare.it *.welfare.it https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self' blob:; media-src 'self'; worker-src 'none'; script-src-elem 'self' 'unsafe-inline' *.welfare.it/ https://amazon-cognito-assets.eu-west-1.amazoncognito.com/ *.buonowelfare.it/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
FRA60-P9
age
14473
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 03 Jun 2024 08:23:13 GMT
server
AmazonS3
etag
W/"2ba2d4177d0081fb5589e786445515c2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
permissions-policy
geolocation=(self "https://manager.welfare.it" "https://customer.buonowelfare.it" "https://customerapi.buonowelfare.it")
x-amz-cf-id
uURNy3oKmbRJa3k5arN3j4BouGXwF__fwempwa19ZGEQk0X4wrmT0A==
index-U2LhKzJE.css
grittigroupspa.welfare.it/assets/ 		24 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://grittigroupspa.welfare.it/assets/index-U2LhKzJE.css
Requested by
Host: grittigroupspa.welfare.it
URL: https://grittigroupspa.welfare.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-36.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
13fa66161227e220cf708e85971351a87dfb456f879c7f468ebb3dcec2913f1a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.buonowelfare.it/ *.welfare.it/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' *.buonowelfare.it/ https://fonts.googleapis.com/ *.welfare.it; object-src 'none'; base-uri 'self'; connect-src 'self' *.welfare.it/ https://s3welfare-customer-images-and-documents.s3.eu-west-1.amazonaws.com/ https://cognito-identity.eu-west-1.amazonaws.com/ https://cognito-idp.eu-west-1.amazonaws.com/ *.buonowelfare.it/ *.welfare.it/ https://maps.googleapis.com/; font-src 'self' data: https://fonts.gstatic.com/ *.welfare.it/; frame-src 'self' https://s3welfare-product-images.s3.eu-west-1.amazonaws.com/ https://www.google.com/ https://images.welfare.it/ https://www.youtube.com/; img-src 'self' data: https://s3welfare-customer-images-and-documents.s3.eu-west-1.amazonaws.com/ *.buonowelfare.it *.welfare.it https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self' blob:; media-src 'self'; worker-src 'none'; script-src-elem 'self' 'unsafe-inline' *.welfare.it/ https://amazon-cognito-assets.eu-west-1.amazoncognito.com/ *.buonowelfare.it/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://grittigroupspa.welfare.it/
Origin
https://grittigroupspa.welfare.it
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:43:15 GMT
content-encoding
gzip
via
1.1 45e3ccd889272a7e8732f0eda13e87ca.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' *.buonowelfare.it/ *.welfare.it/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' *.buonowelfare.it/ https://fonts.googleapis.com/ *.welfare.it; object-src 'none'; base-uri 'self'; connect-src 'self' *.welfare.it/ https://s3welfare-customer-images-and-documents.s3.eu-west-1.amazonaws.com/ https://cognito-identity.eu-west-1.amazonaws.com/ https://cognito-idp.eu-west-1.amazonaws.com/ *.buonowelfare.it/ *.welfare.it/ https://maps.googleapis.com/; font-src 'self' data: https://fonts.gstatic.com/ *.welfare.it/; frame-src 'self' https://s3welfare-product-images.s3.eu-west-1.amazonaws.com/ https://www.google.com/ https://images.welfare.it/ https://www.youtube.com/; img-src 'self' data: https://s3welfare-customer-images-and-documents.s3.eu-west-1.amazonaws.com/ *.buonowelfare.it *.welfare.it https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self' blob:; media-src 'self'; worker-src 'none'; script-src-elem 'self' 'unsafe-inline' *.welfare.it/ https://amazon-cognito-assets.eu-west-1.amazoncognito.com/ *.buonowelfare.it/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
FRA60-P9
age
14473
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 03 Jun 2024 08:23:13 GMT
server
AmazonS3
etag
W/"016ed1bbb325c37168b3ee8d272801f8"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
permissions-policy
geolocation=(self "https://manager.welfare.it" "https://customer.buonowelfare.it" "https://customerapi.buonowelfare.it")
x-amz-cf-id
2td7wc9Tvg5skUFQMdeQZqUBh4X6zygfQMOpx__xoqU0cDzbscAxgQ==
web
api-v2.opened.welfare.it/backend/stores/customization/ui_setup/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-v2.opened.welfare.it/backend/stores/customization/ui_setup/web
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.184.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-184-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https:; object-src 'none'; base-uri 'none'; require-trusted-types-for 'script'; img-src 'self' *.welfare.it/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
frontend-version
Access-Control-Request-Method
GET
Origin
https://grittigroupspa.welfare.it
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
frontend-version
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://grittigroupspa.welfare.it
access-control-expose-headers
request-id
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https:; object-src 'none'; base-uri 'none'; require-trusted-types-for 'script'; img-src 'self' *.welfare.it/;
date
Fri, 07 Jun 2024 12:27:28 GMT
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), unload=(), window-placement=(), vertical-scroll=()
referrer-policy
no-referrer, strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
https://grittigroupspa.welfare.it
vary
Origin, Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
web
api-v2.opened.welfare.it/backend/stores/customization/ui_setup/ 		1021 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-v2.opened.welfare.it/backend/stores/customization/ui_setup/web
Requested by
Host: grittigroupspa.welfare.it
URL: https://grittigroupspa.welfare.it/assets/index-w8MPVvuL.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.184.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-184-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
021e2481d289e9ff0013315da3c488abc434347902574b6ccf0be989d4a3e3c2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https:; object-src 'none'; base-uri 'none'; require-trusted-types-for 'script'; img-src 'self' *.welfare.it/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Frontend-Version
v1.30.2
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://grittigroupspa.welfare.it/
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 12:27:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https:; object-src 'none'; base-uri 'none'; require-trusted-types-for 'script'; img-src 'self' *.welfare.it/;
server-timing
middleware-HeadersCleaner;dur=0.00;desc="HeadersCleaner middleware",middleware-RequestId;dur=0.00;desc="RequestId middleware",middleware-CacheControl;dur=0.00;desc="CacheControl middleware",gateway-cache;dur=1.00;desc="Gateway Store Cache",gateway;dur=1.90;desc="Gateway"
request-id
19g611lx4nvxqr
content-length
1021
gateway-cached
yes
referrer-policy
no-referrer, strict-origin-when-cross-origin
vary
Origin, Referer, Accept-Language, User-Agent, Frontend-Version
x-ratelimit-remaining
299
content-type
application/json; charset=utf-8
access-control-allow-origin
https://grittigroupspa.welfare.it
gateway-cached-for
20933
access-control-expose-headers
request-id
cache-control
max-age=14400
gateway-cached-by
Store
x-ratelimit-reset
60
x-ratelimit-limit
300
gateway-cached-key
fv_v1.30.2-GET-https://grittigroupspa.welfare.it/backend/stores/customization/ui_setup/web-body-
timing-allow-origin
https://grittigroupspa.welfare.it
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), unload=(), window-placement=(), vertical-scroll=()
x-frame-options
SAMEORIGIN
css
fonts.googleapis.com/ 		717 B
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato
Requested by
Host: grittigroupspa.welfare.it
URL: https://grittigroupspa.welfare.it/assets/index-w8MPVvuL.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
ESF /
Resource Hash
77d9907ca853ab885fd7a35a29faaf4206b8fe47347cd9c12391d64451ad6f37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://grittigroupspa.welfare.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 07 Jun 2024 12:27:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 07 Jun 2024 11:20:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 07 Jun 2024 12:27:29 GMT
generic.js
awscdnng.welfare.it/web-components/generic/esm/ 		624 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awscdnng.welfare.it/web-components/generic/esm/generic.js
Requested by
Host: grittigroupspa.welfare.it
URL: https://grittigroupspa.welfare.it/assets/index-w8MPVvuL.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ffc50c03e5c2c81b743e44d71ef9cd863dfe01d0e91fa3e0eddd99b401924103
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'; base-uri 'self'; connect-src 'self'; font-src 'self' data:; frame-src 'self'; img-src 'self' data:; manifest-src 'self' blob:; media-src 'self'; worker-src 'none'; script-src-elem 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://grittigroupspa.welfare.it/
Origin
https://grittigroupspa.welfare.it
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 05:23:39 GMT
via
1.1 6d96f6742a3e24fad8577272b38c550a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'; base-uri 'self'; connect-src 'self'; font-src 'self' data:; frame-src 'self'; img-src 'self' data:; manifest-src 'self' blob:; media-src 'self'; worker-src 'none'; script-src-elem 'self';
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P6
age
28217
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
624
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 09 Mar 2023 15:44:44 GMT
server
AmazonS3
etag
"dd65c9fca405814da9c1333d71b097dd"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
application/javascript
access-control-allow-origin
https://grittigroupspa.welfare.it
permissions-policy
geolocation=(self "https://manager.welfare.it" "https://customer.buonowelfare.it" "https://customerapi.buonowelfare.it")
accept-ranges
bytes
x-amz-cf-id
BAOocOOVNmx3hD-Z8Cq6jebLC3pTiTylGN0DmBLNpN9FNCvrdsfi1Q==
favicon.png
images.welfare.it/cms/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://images.welfare.it/cms/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-85.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
676b89ef0769a99792194131e0a6fd668a90fd4f8610ca4b56c006b5c4fdb0be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://grittigroupspa.welfare.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:39:38 GMT
via
1.1 bc3ecf5f025b0be9b8c39c5dd2dace2e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P6
age
6699
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1103
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 27 Apr 2021 14:46:13 GMT
server
AmazonS3
etag
"6b434674661911d2e13cbc9ce431daa2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
x-amz-cf-id
2LUz7pcAzHKIkZXoTtqYqjzczBsNzyFbH91gzFsLRZTwNV1AWRziJQ==
enabled
api-v2.opened.welfare.it/backend/stores/properties/ 		16 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-v2.opened.welfare.it/backend/stores/properties/enabled
Requested by
Host: grittigroupspa.welfare.it
URL: https://grittigroupspa.welfare.it/assets/index-w8MPVvuL.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.184.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-184-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
26b3426b2593763c96d0890b4a77a0bbf66d13fc512b0c6b138a23c290f30a2a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https:; object-src 'none'; base-uri 'none'; require-trusted-types-for 'script'; img-src 'self' *.welfare.it/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Frontend-Version
v1.30.2
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://grittigroupspa.welfare.it/
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 12:27:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https:; object-src 'none'; base-uri 'none'; require-trusted-types-for 'script'; img-src 'self' *.welfare.it/;
proxied-cache-control
no-cache, private
proxied-x-ratelimit-limit
60
proxied-x-ratelimit-remaining
59
server-timing
middleware-HeadersCleaner;dur=0.00;desc="HeadersCleaner middleware",middleware-RequestId;dur=0.00;desc="RequestId middleware",middleware-CacheControl;dur=0.00;desc="CacheControl middleware",middleware-CacheByStore;dur=0.20;desc="CacheByStore middleware",microservice;dur=65.10;desc=Microservice,gateway;dur=66.80;desc="Gateway"
request-id
19g611lx4nvxxy
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
proxied-access-control-allow-origin
*
vary
Origin, Referer, Accept-Language, User-Agent, Frontend-Version
x-ratelimit-remaining
298
content-type
application/json
access-control-allow-origin
https://grittigroupspa.welfare.it
access-control-expose-headers
request-id
cache-control
max-age=300
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), unload=(), window-placement=(), vertical-scroll=()
x-ratelimit-reset
60
x-ratelimit-limit
300
timing-allow-origin
https://grittigroupspa.welfare.it
x-frame-options
SAMEORIGIN
enabled
api-v2.opened.welfare.it/backend/stores/properties/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-v2.opened.welfare.it/backend/stores/properties/enabled
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.184.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-184-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https:; object-src 'none'; base-uri 'none'; require-trusted-types-for 'script'; img-src 'self' *.welfare.it/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
frontend-version
Access-Control-Request-Method
GET
Origin
https://grittigroupspa.welfare.it
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
frontend-version
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://grittigroupspa.welfare.it
access-control-expose-headers
request-id
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https:; object-src 'none'; base-uri 'none'; require-trusted-types-for 'script'; img-src 'self' *.welfare.it/;
date
Fri, 07 Jun 2024 12:27:29 GMT
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), unload=(), window-placement=(), vertical-scroll=()
referrer-policy
no-referrer, strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
https://grittigroupspa.welfare.it
vary
Origin, Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
favicon.png
images.welfare.it/cms/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://images.welfare.it/cms/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-85.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
676b89ef0769a99792194131e0a6fd668a90fd4f8610ca4b56c006b5c4fdb0be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://grittigroupspa.welfare.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:39:38 GMT
via
1.1 bc3ecf5f025b0be9b8c39c5dd2dace2e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P6
age
6699
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1103
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 27 Apr 2021 14:46:13 GMT
server
AmazonS3
etag
"6b434674661911d2e13cbc9ce431daa2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
x-amz-cf-id
2LUz7pcAzHKIkZXoTtqYqjzczBsNzyFbH91gzFsLRZTwNV1AWRziJQ==
container_9HNlHyDk.js
analytics.welfare.it/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.welfare.it/js/container_9HNlHyDk.js
Requested by
Host: grittigroupspa.welfare.it
URL: https://grittigroupspa.welfare.it/assets/index-w8MPVvuL.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.223.163 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae84c2615039837a7.awsglobalaccelerator.com
Software
awselb/2.0 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://grittigroupspa.welfare.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 12:27:29 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
matomo.js
analytics.welfare.it/ 		64 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.welfare.it/matomo.js
Requested by
Host: grittigroupspa.welfare.it
URL: https://grittigroupspa.welfare.it/assets/index-w8MPVvuL.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.223.163 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae84c2615039837a7.awsglobalaccelerator.com
Software
nginx /
Resource Hash
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://grittigroupspa.welfare.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Fri, 07 Jun 2024 12:27:29 GMT
last-modified
Thu, 26 Jan 2023 07:55:01 GMT
server
nginx
etag
"63d231d5-10132"
content-type
application/javascript
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
65842
expires
Fri, 07 Jun 2024 13:27:29 GMT
web
api-v2.opened.welfare.it/backend/stores/customization/assets/ 		194 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-v2.opened.welfare.it/backend/stores/customization/assets/web
Requested by
Host: grittigroupspa.welfare.it
URL: https://grittigroupspa.welfare.it/assets/index-w8MPVvuL.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.184.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-184-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1961018fa4bcf6a1e4cbb4a251cba2569abc751fd1d19b39dc877246addd4883
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https:; object-src 'none'; base-uri 'none'; require-trusted-types-for 'script'; img-src 'self' *.welfare.it/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Frontend-Version
v1.30.2
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://grittigroupspa.welfare.it/
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 12:27:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https:; object-src 'none'; base-uri 'none'; require-trusted-types-for 'script'; img-src 'self' *.welfare.it/;
server-timing
middleware-HeadersCleaner;dur=0.00;desc="HeadersCleaner middleware",middleware-RequestId;dur=0.00;desc="RequestId middleware",middleware-CacheControl;dur=0.00;desc="CacheControl middleware",gateway-cache;dur=0.90;desc="Gateway Store Cache",gateway;dur=1.70;desc="Gateway"
request-id
19g611lx4nvydb
content-length
194
gateway-cached
yes
referrer-policy
no-referrer, strict-origin-when-cross-origin
vary
Origin, Referer, Accept-Language, User-Agent, Frontend-Version
x-ratelimit-remaining
297
content-type
application/json; charset=utf-8
access-control-allow-origin
https://grittigroupspa.welfare.it
gateway-cached-for
36916
access-control-expose-headers
request-id
cache-control
max-age=3600
gateway-cached-by
Store
x-ratelimit-reset
60
x-ratelimit-limit
300
gateway-cached-key
fv_v1.30.2-GET-https://grittigroupspa.welfare.it/backend/stores/customization/assets/web-body-
timing-allow-origin
https://grittigroupspa.welfare.it
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), unload=(), window-placement=(), vertical-scroll=()
x-frame-options
SAMEORIGIN
web
api-v2.opened.welfare.it/backend/stores/customization/assets/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-v2.opened.welfare.it/backend/stores/customization/assets/web
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.184.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-184-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https:; object-src 'none'; base-uri 'none'; require-trusted-types-for 'script'; img-src 'self' *.welfare.it/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
frontend-version
Access-Control-Request-Method
GET
Origin
https://grittigroupspa.welfare.it
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
frontend-version
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://grittigroupspa.welfare.it
access-control-expose-headers
request-id
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https:; object-src 'none'; base-uri 'none'; require-trusted-types-for 'script'; img-src 'self' *.welfare.it/;
date
Fri, 07 Jun 2024 12:27:29 GMT
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), unload=(), window-placement=(), vertical-scroll=()
referrer-policy
no-referrer, strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
https://grittigroupspa.welfare.it
vary
Origin, Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
favicon.png
images.welfare.it/cms/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://images.welfare.it/cms/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-85.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
676b89ef0769a99792194131e0a6fd668a90fd4f8610ca4b56c006b5c4fdb0be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://grittigroupspa.welfare.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:39:38 GMT
via
1.1 bc3ecf5f025b0be9b8c39c5dd2dace2e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P6
age
6699
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1103
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 27 Apr 2021 14:46:13 GMT
server
AmazonS3
etag
"6b434674661911d2e13cbc9ce431daa2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
x-amz-cf-id
2LUz7pcAzHKIkZXoTtqYqjzczBsNzyFbH91gzFsLRZTwNV1AWRziJQ==
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Requested by
Host: grittigroupspa.welfare.it
URL: https://grittigroupspa.welfare.it/assets/index-w8MPVvuL.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f4.1e100.net
Software
GSE /
Resource Hash
2f3c62353b33a84ea67b58dfc439eaf63ef371561ff7ed8b7b1e42ddb474849a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://grittigroupspa.welfare.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 12:27:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 07 Jun 2024 12:27:30 GMT
index-4e0c672e.js
awscdnng.welfare.it/web-components/generic/esm/ 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awscdnng.welfare.it/web-components/generic/esm/index-4e0c672e.js
Requested by
Host: grittigroupspa.welfare.it
URL: https://grittigroupspa.welfare.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b02f4653902973e70db1b70c120954f3a59e861bab69d302fb0c39cde5e39aa
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'; base-uri 'self'; connect-src 'self'; font-src 'self' data:; frame-src 'self'; img-src 'self' data:; manifest-src 'self' blob:; media-src 'self'; worker-src 'none'; script-src-elem 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://awscdnng.welfare.it/web-components/generic/esm/generic.js
Origin
https://grittigroupspa.welfare.it
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 05:13:59 GMT
content-encoding
br
via
1.1 6d96f6742a3e24fad8577272b38c550a.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'; base-uri 'self'; connect-src 'self'; font-src 'self' data:; frame-src 'self'; img-src 'self' data:; manifest-src 'self' blob:; media-src 'self'; worker-src 'none'; script-src-elem 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P6
age
26597
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 09 Mar 2023 15:44:44 GMT
server
AmazonS3
etag
W/"8ac2b20681808cd74c0f9821ea320136"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
application/javascript
access-control-allow-origin
https://grittigroupspa.welfare.it
permissions-policy
geolocation=(self "https://manager.welfare.it" "https://customer.buonowelfare.it" "https://customerapi.buonowelfare.it")
x-amz-cf-id
A_fzY9GAvVlN_EiC93oxfLnYT88PTIM5Ja_qSp29rPbKr1eqV1G33Q==
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://grittigroupspa.welfare.it
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 08:02:21 GMT
x-content-type-options
nosniff
age
275109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 08:02:21 GMT
main-logo.png
images.welfare.it/cms/store/662b80605034bf17100f4f02/assets/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.welfare.it/cms/store/662b80605034bf17100f4f02/assets/main-logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-85.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
131d6d95a4e7e6726a11cc2e6a951456f7352d27ec020e976f1fae621c418091
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://grittigroupspa.welfare.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 12:27:31 GMT
via
1.1 bc3ecf5f025b0be9b8c39c5dd2dace2e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
38247
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 26 Apr 2024 10:26:50 GMT
server
AmazonS3
etag
"d03677a7b807ab28145a646e2767f6eb"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
x-amz-cf-id
-wZupw31v2BHGKw8IgCHDcKztL20tto9gnaXDIJT6fuLks3roAF-lg==
login-background.jpg
images.welfare.it/cms/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.welfare.it/cms/login-background.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-85.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca3265ba17d79ad26a6b33ddc7eda16c9fc45abfaa9b064c163930d537093d85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://grittigroupspa.welfare.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 05:13:59 GMT
via
1.1 bc3ecf5f025b0be9b8c39c5dd2dace2e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P6
age
28217
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
47326
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 27 Apr 2021 13:34:29 GMT
server
AmazonS3
etag
"a8f231c9e8d8b953317251eb03244d08"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/jpeg
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
x-amz-cf-id
xSWozc-gb9cLDkLeREOvp0yO7WAu2V1k5yW0LpbbFgsIpTTp4FUQEw==
matomo.php
analytics.welfare.it/ 		0
188 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.welfare.it/matomo.php?action_name=grittigroupspa%2FGRITTIGSPA&idsite=4&rec=1&r=104847&h=14&m=27&s=30&url=https%3A%2F%2Fgrittigroupspa.welfare.it%2Fgrittigroupspa%2Flogin&_id=e2f631adfcb0c6b8&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=LAzMdj&pf_net=285&pf_srv=133&pf_tfr=1&pf_dm1=22&pf_dm2=1048&pf_onl=0&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22125.0.6422.141%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22125.0.6422.141%22%7D%2C%7B%22brand%22%3A%22Not.A%2FBrand%22%2C%22version%22%3A%2224.0.0.0%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D
Requested by
Host: analytics.welfare.it
URL: https://analytics.welfare.it/matomo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.223.163 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae84c2615039837a7.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://grittigroupspa.welfare.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://grittigroupspa.welfare.it
date
Fri, 07 Jun 2024 12:27:30 GMT
access-control-allow-credentials
true
referrer-policy
origin
server
nginx
x-content-type-options
nosniff
x-xss-protection
1; mode=block
recaptcha__it.js
www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/ 		514 KB
205 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/recaptcha__it.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
008634e5c1557e97501930471b18ca2c645c78156386f2dd13815b718defd445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://grittigroupspa.welfare.it/
Origin
https://grittigroupspa.welfare.it
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 09:31:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
208944
x-xss-protection
0
last-modified
Mon, 03 Jun 2024 04:00:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Jun 2025 09:31:22 GMT
anchor
www.google.com/recaptcha/api2/ Frame 288A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf2srsaAAAAAAOBhMSk2mJBB7VY-ta978RINxk5&co=aHR0cHM6Ly9ncml0dGlncm91cHNwYS53ZWxmYXJlLml0OjQ0Mw..&hl=it&type=image&v=9pvHvq7kSOTqqZusUzJ6ewaF&theme=light&size=normal&badge=bottomright&cb=iyz3lxaxh84s
Requested by
Host: grittigroupspa.welfare.it
URL: https://grittigroupspa.welfare.it/assets/index-w8MPVvuL.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jp7z7Otdz7nWjYeN3nMTQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://grittigroupspa.welfare.it/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-jp7z7Otdz7nWjYeN3nMTQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 07 Jun 2024 12:27:32 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bframe
www.google.com/recaptcha/api2/ Frame C11D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=it&v=9pvHvq7kSOTqqZusUzJ6ewaF&k=6Lf2srsaAAAAAAOBhMSk2mJBB7VY-ta978RINxk5
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/recaptcha__it.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3clAhz_oQNC_XJ0oxZii1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://grittigroupspa.welfare.it/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-3clAhz_oQNC_XJ0oxZii1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 07 Jun 2024 12:27:34 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| __fwcimLoaded object| AWSCognitoContextData object| _crypto function| setImmediate function| clearImmediate object| AmazonCognitoAdvancedSecurityData function| Zepto function| $ object| fwcim object| regeneratorRuntime object| _mtm object| _paq object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_310530

2 Cookies

Domain/Path Name / Value
grittigroupspa.welfare.it/ Name: _pk_id.4.857f
Value: e2f631adfcb0c6b8.1717763250.
grittigroupspa.welfare.it/ Name: _pk_ses.4.857f
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://analytics.welfare.it/js/container_9HNlHyDk.js
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' *.buonowelfare.it/ *.welfare.it/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' *.buonowelfare.it/ https://fonts.googleapis.com/ *.welfare.it; object-src 'none'; base-uri 'self'; connect-src 'self' *.welfare.it/ https://s3welfare-customer-images-and-documents.s3.eu-west-1.amazonaws.com/ https://cognito-identity.eu-west-1.amazonaws.com/ https://cognito-idp.eu-west-1.amazonaws.com/ *.buonowelfare.it/ *.welfare.it/ https://maps.googleapis.com/; font-src 'self' data: https://fonts.gstatic.com/ *.welfare.it/; frame-src 'self' https://s3welfare-product-images.s3.eu-west-1.amazonaws.com/ https://www.google.com/ https://images.welfare.it/ https://www.youtube.com/; img-src 'self' data: https://s3welfare-customer-images-and-documents.s3.eu-west-1.amazonaws.com/ *.buonowelfare.it *.welfare.it https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self' blob:; media-src 'self'; worker-src 'none'; script-src-elem 'self' 'unsafe-inline' *.welfare.it/ https://amazon-cognito-assets.eu-west-1.amazoncognito.com/ *.buonowelfare.it/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amazon-cognito-assets.eu-west-1.amazoncognito.com
analytics.welfare.it
api-v2.opened.welfare.it
awscdnng.welfare.it
fonts.googleapis.com
fonts.gstatic.com
grittigroupspa.welfare.it
images.welfare.it
www.google.com
www.gstatic.com
13.33.187.36
13.35.58.83
142.250.185.195
142.250.186.74
142.250.186.99
18.245.86.107
18.245.86.85
216.58.212.132
3.33.223.163
52.31.184.103
008634e5c1557e97501930471b18ca2c645c78156386f2dd13815b718defd445
021e2481d289e9ff0013315da3c488abc434347902574b6ccf0be989d4a3e3c2
131d6d95a4e7e6726a11cc2e6a951456f7352d27ec020e976f1fae621c418091
13fa66161227e220cf708e85971351a87dfb456f879c7f468ebb3dcec2913f1a
1961018fa4bcf6a1e4cbb4a251cba2569abc751fd1d19b39dc877246addd4883
26b3426b2593763c96d0890b4a77a0bbf66d13fc512b0c6b138a23c290f30a2a
2a04fc05a583da73a16a29d333c2e139753ce1c7fe8ab99c97d323328fec8b37
2f3c62353b33a84ea67b58dfc439eaf63ef371561ff7ed8b7b1e42ddb474849a
676b89ef0769a99792194131e0a6fd668a90fd4f8610ca4b56c006b5c4fdb0be
76c8c8dd37624451353be94098f7f7594665abb6b9630049b5a30d9552c0c992
77d9907ca853ab885fd7a35a29faaf4206b8fe47347cd9c12391d64451ad6f37
8366806b27c2a089049a73593a685ec4923dab97ead7b4bdb4519a696e97ace5
8b02f4653902973e70db1b70c120954f3a59e861bab69d302fb0c39cde5e39aa
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
ca3265ba17d79ad26a6b33ddc7eda16c9fc45abfaa9b064c163930d537093d85
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ffc50c03e5c2c81b743e44d71ef9cd863dfe01d0e91fa3e0eddd99b401924103