urlscan.io logo urlscan.io
SecurityTrails logo

www.myedenred.fi Open in urlscan Pro
204.103.47.243  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.myedenred.fi/__
Submission: On December 16 via api from GB — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 2 countries across 11 domains to perform 54 HTTP transactions. The main IP is 204.103.47.243, located in United States and belongs to HP-EUROPE-AS-TRADE, GB. The main domain is www.myedenred.fi.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on April 6th 2023. Valid for: a year.
This is the only time www.myedenred.fi was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 204.103.47.243 2129 (HP-EUROPE...)
5 18.245.60.47 16509 (AMAZON-02)
2 142.250.186.42 15169 (GOOGLE)
1 151.101.1.26 54113 (FASTLY)
4 172.217.16.202 15169 (GOOGLE)
1 172.217.18.104 15169 (GOOGLE)
18 104.18.130.236 13335 (CLOUDFLAR...)
2 216.239.34.36 15169 (GOOGLE)
1 172.64.155.119 13335 (CLOUDFLAR...)
3 13.248.197.49 16509 (AMAZON-02)
3 142.250.185.195 15169 (GOOGLE)
4 142.250.186.132 15169 (GOOGLE)
2 204.103.47.237 2129 (HP-EUROPE...)
4 142.250.186.35 15169 (GOOGLE)
54 15
3    204.103.47.243 (United States)

ASN2129 (HP-EUROPE-AS-TRADE, GB)
www.myedenred.fi
5    18.245.60.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-47.fra60.r.cloudfront.net
static.aim.front.ai
2    142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net
fonts.googleapis.com
1    151.101.1.26 (United States)

ASN54113 (FASTLY, US)
polyfill.io
4    172.217.16.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f10.1e100.net
maps.googleapis.com
1    172.217.18.104 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f104.1e100.net
www.googletagmanager.com
18    104.18.130.236 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
2    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    172.64.155.119 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
3    13.248.197.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad08383350435e492.awsglobalaccelerator.com
edenred321.boost.ai
3    142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net
fonts.gstatic.com
4    142.250.186.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net
www.google.com
2    204.103.47.237 (United States)

ASN2129 (HP-EUROPE-AS-TRADE, GB)
api.myedenred.fi
4    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
www.gstatic.com
Apex Domain
Subdomains		 Transfer
18 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 324
241 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
496 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
maps.googleapis.com — Cisco Umbrella Rank: 357
175 KB
5 front.ai
static.aim.front.ai
35 KB
5 myedenred.fi
www.myedenred.fi
api.myedenred.fi
4 MB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
34 KB
3 boost.ai
edenred321.boost.ai
217 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
300 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 548
311 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
85 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1345
618 B
54 11
Domain Requested by
18 cdn.cookielaw.org www.myedenred.fi
cdn.cookielaw.org
5 static.aim.front.ai www.myedenred.fi
static.aim.front.ai
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com www.myedenred.fi
www.gstatic.com
www.google.com
4 maps.googleapis.com www.myedenred.fi
maps.googleapis.com
3 fonts.gstatic.com fonts.googleapis.com
www.google.com
3 edenred321.boost.ai static.aim.front.ai
edenred321.boost.ai
3 www.myedenred.fi www.myedenred.fi
2 api.myedenred.fi www.myedenred.fi
2 region1.google-analytics.com www.googletagmanager.com
2 fonts.googleapis.com www.myedenred.fi
1 geolocation.onetrust.com cdn.cookielaw.org
1 www.googletagmanager.com www.myedenred.fi
1 polyfill.io www.myedenred.fi
54 14

This site contains links to these domains. Also see Links.

Domain
cookiepedia.co.uk
www.onetrust.com
Subject Issuer Validity Valid
www.myedenred.fi
GlobalSign RSA OV SSL CA 2018		 2023-04-06 -
2024-05-07		 a year crt.sh
*.aim.front.ai
Amazon RSA 2048 M02		 2023-09-05 -
2024-10-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
polyfill.io
Certainly Intermediate R1		 2023-12-02 -
2024-01-01		 a month crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh
*.boost.ai
Amazon RSA 2048 M01		 2023-09-07 -
2024-10-04		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.myedenred.fi/__
Frame ID: ED030D43808FCE76A7928AB3BB71F500
Requests: 44 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzYZ0UAAAAAJvN-yBx1wErzEmQPh2Z9stjFBN1&co=aHR0cHM6Ly93d3cubXllZGVucmVkLmZpOjQ0Mw..&hl=fi&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=cj6zfaxklu47
Frame ID: C08A29A8D2A29470A9729AADD1A9F47C
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MyEdenredBack ButtonFilter Button

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

54
Requests

98 %
HTTPS

0 %
IPv6

11
Domains

14
Subdomains

15
IPs

2
Countries

5575 kB
Transfer

8154 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request __
www.myedenred.fi/ 		6 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.myedenred.fi/__
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.103.47.243 , United States, ASN2129 (HP-EUROPE-AS-TRADE, GB),
Reverse DNS
Software
/
Resource Hash
b0363df16a0781eb3ef397dda72c459ad05d916afda3cfc5d056c8fa29289d02
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://api.myedenred.fi https://search.edenred.fi https://www.googletagmanager.com https://maps.googleapis.com https://wallet.eu.edenred.io https://sso.edenred.io https://stats.g.doubleclick.net https://static.aim.front.ai https://edenred321.boost.ai https://cdn.cookielaw.org; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.aim.front.ai; img-src 'self' https://www.myedenred.fi https://edenred.fi https://efi-images-cdn-p.azureedge.net https://www.google.fi https://www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com https://www.googletagmanager.com https://maps.gstatic.com https://www.gstatic.com https://maps.googleapis.com https://stats.g.doubleclick.net https://static.aim.front.ai https://boost-files-general-eu-west-1-prod.s3-eu-west-1.amazonaws.com https://i.ytimg.com https://flagcdn.com https://cdn.cookielaw.org data:; script-src 'self' 'unsafe-inline' https://polyfill.io/v3/polyfill.min.js *. googletagmanager.com https://www.googletagmanager.com https://www.google.fi https://www.google.com https://maps.googleapis.com https://www.gstatic.com https://static.aim.front.ai https://edenred321.boost.ai https://cdn.cookielaw.org; connect-src 'self' https://myedenred.fi https://www.myedenred.fi https://api.myedenred.fi https://search.edenred.fi https://sso.edenred.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com https://www.googletagmanager.com https://maps.googleapis.com https://stats.g.doubleclick.net https://static.aim.front.ai https://edenred321.boost.ai https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://geolocation.onetrust.com; frame-src 'self' https://wallet.eu.edenred.io https://sso.edenred.io https://sso.eu.edenred.io https://www.google.com https://recaptcha.google.com https://www.youtube.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache
Content-Encoding
gzip
Content-Length
2377
Content-Security-Policy
default-src 'self' https://api.myedenred.fi https://search.edenred.fi https://www.googletagmanager.com https://maps.googleapis.com https://wallet.eu.edenred.io https://sso.edenred.io https://stats.g.doubleclick.net https://static.aim.front.ai https://edenred321.boost.ai https://cdn.cookielaw.org; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.aim.front.ai; img-src 'self' https://www.myedenred.fi https://edenred.fi https://efi-images-cdn-p.azureedge.net https://www.google.fi https://www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com https://www.googletagmanager.com https://maps.gstatic.com https://www.gstatic.com https://maps.googleapis.com https://stats.g.doubleclick.net https://static.aim.front.ai https://boost-files-general-eu-west-1-prod.s3-eu-west-1.amazonaws.com https://i.ytimg.com https://flagcdn.com https://cdn.cookielaw.org data:; script-src 'self' 'unsafe-inline' https://polyfill.io/v3/polyfill.min.js *. googletagmanager.com https://www.googletagmanager.com https://www.google.fi https://www.google.com https://maps.googleapis.com https://www.gstatic.com https://static.aim.front.ai https://edenred321.boost.ai https://cdn.cookielaw.org; connect-src 'self' https://myedenred.fi https://www.myedenred.fi https://api.myedenred.fi https://search.edenred.fi https://sso.edenred.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com https://www.googletagmanager.com https://maps.googleapis.com https://stats.g.doubleclick.net https://static.aim.front.ai https://edenred321.boost.ai https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://geolocation.onetrust.com; frame-src 'self' https://wallet.eu.edenred.io https://sso.edenred.io https://sso.eu.edenred.io https://www.google.com https://recaptcha.google.com https://www.youtube.com;
Content-Type
text/html
Date
Sat, 16 Dec 2023 10:18:06 GMT
ETag
"0fc3eebe26da1:0"
Last-Modified
Wed, 25 Oct 2023 01:31:04 GMT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Cnection
close
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
main.js
www.myedenred.fi/ 		4 MB
4 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.myedenred.fi/main.js
Requested by
Host: www.myedenred.fi
URL: https://www.myedenred.fi/__
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.103.47.243 , United States, ASN2129 (HP-EUROPE-AS-TRADE, GB),
Reverse DNS
Software
/
Resource Hash
85aeeed574b9b79a0962fc947bd4f85c96e054121eb1f70886f3c0527b75d74c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://api.myedenred.fi https://search.edenred.fi https://www.googletagmanager.com https://maps.googleapis.com https://wallet.eu.edenred.io https://sso.edenred.io https://stats.g.doubleclick.net https://static.aim.front.ai https://edenred321.boost.ai https://cdn.cookielaw.org; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.aim.front.ai; img-src 'self' https://www.myedenred.fi https://edenred.fi https://efi-images-cdn-p.azureedge.net https://www.google.fi https://www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com https://www.googletagmanager.com https://maps.gstatic.com https://www.gstatic.com https://maps.googleapis.com https://stats.g.doubleclick.net https://static.aim.front.ai https://boost-files-general-eu-west-1-prod.s3-eu-west-1.amazonaws.com https://i.ytimg.com https://flagcdn.com https://cdn.cookielaw.org data:; script-src 'self' 'unsafe-inline' https://polyfill.io/v3/polyfill.min.js *. googletagmanager.com https://www.googletagmanager.com https://www.google.fi https://www.google.com https://maps.googleapis.com https://www.gstatic.com https://static.aim.front.ai https://edenred321.boost.ai https://cdn.cookielaw.org; connect-src 'self' https://myedenred.fi https://www.myedenred.fi https://api.myedenred.fi https://search.edenred.fi https://sso.edenred.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com https://www.googletagmanager.com https://maps.googleapis.com https://stats.g.doubleclick.net https://static.aim.front.ai https://edenred321.boost.ai https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://geolocation.onetrust.com; frame-src 'self' https://wallet.eu.edenred.io https://sso.edenred.io https://sso.eu.edenred.io https://www.google.com https://recaptcha.google.com https://www.youtube.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self' https://api.myedenred.fi https://search.edenred.fi https://www.googletagmanager.com https://maps.googleapis.com https://wallet.eu.edenred.io https://sso.edenred.io https://stats.g.doubleclick.net https://static.aim.front.ai https://edenred321.boost.ai https://cdn.cookielaw.org; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.aim.front.ai; img-src 'self' https://www.myedenred.fi https://edenred.fi https://efi-images-cdn-p.azureedge.net https://www.google.fi https://www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com https://www.googletagmanager.com https://maps.gstatic.com https://www.gstatic.com https://maps.googleapis.com https://stats.g.doubleclick.net https://static.aim.front.ai https://boost-files-general-eu-west-1-prod.s3-eu-west-1.amazonaws.com https://i.ytimg.com https://flagcdn.com https://cdn.cookielaw.org data:; script-src 'self' 'unsafe-inline' https://polyfill.io/v3/polyfill.min.js *. googletagmanager.com https://www.googletagmanager.com https://www.google.fi https://www.google.com https://maps.googleapis.com https://www.gstatic.com https://static.aim.front.ai https://edenred321.boost.ai https://cdn.cookielaw.org; connect-src 'self' https://myedenred.fi https://www.myedenred.fi https://api.myedenred.fi https://search.edenred.fi https://sso.edenred.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com https://www.googletagmanager.com https://maps.googleapis.com https://stats.g.doubleclick.net https://static.aim.front.ai https://edenred321.boost.ai https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://geolocation.onetrust.com; frame-src 'self' https://wallet.eu.edenred.io https://sso.edenred.io https://sso.eu.edenred.io https://www.google.com https://recaptcha.google.com https://www.youtube.com;
Date
Sat, 16 Dec 2023 10:18:05 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 25 Oct 2023 01:30:31 GMT
ETag
"8b36dcd7e26da1:0"
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
no-cache
X-Cnection
close
Accept-Ranges
bytes
Content-Length
3817117
X-XSS-Protection
1; mode=block
main.a84f3c79.css
www.myedenred.fi/ 		552 KB
555 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.myedenred.fi/main.a84f3c79.css
Requested by
Host: www.myedenred.fi
URL: https://www.myedenred.fi/__
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.103.47.243 , United States, ASN2129 (HP-EUROPE-AS-TRADE, GB),
Reverse DNS
Software
/
Resource Hash
310fd1f29f758b0038f122d9a4a61180b286a265ffb45cd5861f7c48ebd997e6
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://api.myedenred.fi https://search.edenred.fi https://www.googletagmanager.com https://maps.googleapis.com https://wallet.eu.edenred.io https://sso.edenred.io https://stats.g.doubleclick.net https://static.aim.front.ai https://edenred321.boost.ai https://cdn.cookielaw.org; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.aim.front.ai; img-src 'self' https://www.myedenred.fi https://edenred.fi https://efi-images-cdn-p.azureedge.net https://www.google.fi https://www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com https://www.googletagmanager.com https://maps.gstatic.com https://www.gstatic.com https://maps.googleapis.com https://stats.g.doubleclick.net https://static.aim.front.ai https://boost-files-general-eu-west-1-prod.s3-eu-west-1.amazonaws.com https://i.ytimg.com https://flagcdn.com https://cdn.cookielaw.org data:; script-src 'self' 'unsafe-inline' https://polyfill.io/v3/polyfill.min.js *. googletagmanager.com https://www.googletagmanager.com https://www.google.fi https://www.google.com https://maps.googleapis.com https://www.gstatic.com https://static.aim.front.ai https://edenred321.boost.ai https://cdn.cookielaw.org; connect-src 'self' https://myedenred.fi https://www.myedenred.fi https://api.myedenred.fi https://search.edenred.fi https://sso.edenred.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com https://www.googletagmanager.com https://maps.googleapis.com https://stats.g.doubleclick.net https://static.aim.front.ai https://edenred321.boost.ai https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://geolocation.onetrust.com; frame-src 'self' https://wallet.eu.edenred.io https://sso.edenred.io https://sso.eu.edenred.io https://www.google.com https://recaptcha.google.com https://www.youtube.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self' https://api.myedenred.fi https://search.edenred.fi https://www.googletagmanager.com https://maps.googleapis.com https://wallet.eu.edenred.io https://sso.edenred.io https://stats.g.doubleclick.net https://static.aim.front.ai https://edenred321.boost.ai https://cdn.cookielaw.org; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.aim.front.ai; img-src 'self' https://www.myedenred.fi https://edenred.fi https://efi-images-cdn-p.azureedge.net https://www.google.fi https://www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com https://www.googletagmanager.com https://maps.gstatic.com https://www.gstatic.com https://maps.googleapis.com https://stats.g.doubleclick.net https://static.aim.front.ai https://boost-files-general-eu-west-1-prod.s3-eu-west-1.amazonaws.com https://i.ytimg.com https://flagcdn.com https://cdn.cookielaw.org data:; script-src 'self' 'unsafe-inline' https://polyfill.io/v3/polyfill.min.js *. googletagmanager.com https://www.googletagmanager.com https://www.google.fi https://www.google.com https://maps.googleapis.com https://www.gstatic.com https://static.aim.front.ai https://edenred321.boost.ai https://cdn.cookielaw.org; connect-src 'self' https://myedenred.fi https://www.myedenred.fi https://api.myedenred.fi https://search.edenred.fi https://sso.edenred.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com https://www.googletagmanager.com https://maps.googleapis.com https://stats.g.doubleclick.net https://static.aim.front.ai https://edenred321.boost.ai https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://geolocation.onetrust.com; frame-src 'self' https://wallet.eu.edenred.io https://sso.edenred.io https://sso.eu.edenred.io https://www.google.com https://recaptcha.google.com https://www.youtube.com;
Date
Sat, 16 Dec 2023 10:18:06 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 25 Oct 2023 01:31:02 GMT
ETag
"a426aeae26da1:0"
X-Frame-Options
DENY
Content-Type
text/css
Cache-Control
no-cache
X-Cnection
close
Accept-Ranges
bytes
Content-Length
565303
X-XSS-Protection
1; mode=block
chat-formation.js
static.aim.front.ai/prod-common/ 		149 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.aim.front.ai/prod-common/chat-formation.js
Requested by
Host: www.myedenred.fi
URL: https://www.myedenred.fi/__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-47.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4c8f4cef27ae7606d4e8e2b8af5d76bd35e94872278b7211efb97df468bb4dd

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
qj9uwH9gemBw3pHUDQta.WtB60.DFGta
content-encoding
gzip
via
1.1 79a075303cab256e952b4b0679e1182c.cloudfront.net (CloudFront)
date
Sat, 16 Dec 2023 05:14:08 GMT
last-modified
Tue, 17 Oct 2023 10:01:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
18247
x-amz-server-side-encryption
AES256
etag
W/"e2ef0e7bf299b14a237b557b0ac2cfcb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
MYpiBedoR8mkhBRktXmxK_lTvUUFQQrynGmhmCWJ-WjEt2ce5LEiPw==
css2
fonts.googleapis.com/ 		25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800;900&family=Roboto:wght@400;500;700&family=Ubuntu:wght@400;500;700&display=swap
Requested by
Host: www.myedenred.fi
URL: https://www.myedenred.fi/__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
83e58ffeeaf89305effbc68e91502aea46484f4746a14248c4d4ddfa0c0a6e1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 16 Dec 2023 10:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 16 Dec 2023 10:13:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 16 Dec 2023 10:18:07 GMT
polyfill.min.js
polyfill.io/v3/ 		104 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=Symbol
Requested by
Host: www.myedenred.fi
URL: https://www.myedenred.fi/__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.26 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 16 Dec 2023 10:18:07 GMT
age
0
detected-user-agent
Chrome/120.0.6099
server-timing
MISS-CLUSTER, fastly;desc="Edge time";dur=6
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
121
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/120.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
js
maps.googleapis.com/maps/api/ 		180 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyBvVx-YKtE3VAvClOHgh3Ge3RmAbjGS9Hk&v=weekly&libraries=geometry&client=gme-edenredsas&channel=myedenred
Requested by
Host: www.myedenred.fi
URL: https://www.myedenred.fi/__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
dec96ac203a5465567f12a950ea57d931ad5c51257264cd0b0afcff92df7d085
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 10:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63069
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		244 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YL7PM2X13Q
Requested by
Host: www.myedenred.fi
URL: https://www.myedenred.fi/__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f104.1e100.net
Software
Google Tag Manager /
Resource Hash
c37228182a6b3a87566f5b38d629fb0c7ba46b2db19aaef440a91ac2ea45b42b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 10:18:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86203
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 16 Dec 2023 10:18:07 GMT
OtAutoBlock.js
cdn.cookielaw.org/consent/91f98815-befd-4c7e-8878-ee51b5e51d1e/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/91f98815-befd-4c7e-8878-ee51b5e51d1e/OtAutoBlock.js
Requested by
Host: www.myedenred.fi
URL: https://www.myedenred.fi/__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5792d173348a72a8c7ff989d487bada46c032332a5c480d00cea6392b16066da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Dec 2023 10:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
84658
content-md5
2WN/4WPe1KLsWK05B6d13g==
content-length
1761
x-ms-lease-status
unlocked
last-modified
Fri, 05 Aug 2022 08:24:10 GMT
server
cloudflare
etag
0x8DA76BBDF3A40E0
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
2a0e0331-001e-005d-426f-0c3307000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83662e327f1ad957-HEL
expires
Sun, 17 Dec 2023 10:18:07 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.myedenred.fi
URL: https://www.myedenred.fi/__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d72fa0f78c80b1874d3ee4aadf43d973edc442a65fef83d37e684ac559893b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Dec 2023 10:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
vZrXoJWU2kJda+KcVQis1w==
age
84715
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6841
x-ms-lease-status
unlocked
last-modified
Thu, 14 Dec 2023 20:51:43 GMT
server
cloudflare
etag
0x8DBFCE67AACAD60
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e45cb448-401e-003e-6603-2faefc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83662e327f1ed957-HEL
91f98815-befd-4c7e-8878-ee51b5e51d1e.json
cdn.cookielaw.org/consent/91f98815-befd-4c7e-8878-ee51b5e51d1e/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/91f98815-befd-4c7e-8878-ee51b5e51d1e/91f98815-befd-4c7e-8878-ee51b5e51d1e.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa401a87c0c06cd52ff41bacff5d549a464a4b432c17d6d1a724acdc012351e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Dec 2023 10:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
84659
content-md5
UwK5fT7La3qyfqI1jNG9wg==
content-length
1385
x-ms-lease-status
unlocked
last-modified
Fri, 05 Aug 2022 08:24:09 GMT
server
cloudflare
etag
0x8DA76BBDEE3E28A
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
fd251097-201e-004a-3474-149a0c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83662e3a494e4e12-HEL
expires
Sun, 17 Dec 2023 10:18:08 GMT
collect
region1.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YL7PM2X13Q&gtm=45je3bt0v871941655&_p=1702721886444&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=954544353.1702721888&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702721887&sct=1&seg=0&dl=https%3A%2F%2Fwww.myedenred.fi%2F__&dt=MyEdenred&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1964
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YL7PM2X13Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 10:18:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.myedenred.fi
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ 		9 KB
862 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
Requested by
Host: www.myedenred.fi
URL: https://www.myedenred.fi/main.a84f3c79.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 16 Dec 2023 10:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 16 Dec 2023 08:29:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 16 Dec 2023 10:18:08 GMT
config.json
static.aim.front.ai/prod-common-edenred-myedenred/ 		862 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.aim.front.ai/prod-common-edenred-myedenred/config.json
Requested by
Host: static.aim.front.ai
URL: https://static.aim.front.ai/prod-common/chat-formation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-47.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
af4478ef65a3c5d5ed49a649a79181c0c87f6636ca3afdc25468af43d104059b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 20:27:49 GMT
x-amz-version-id
gur08uVPzCHxtd5339jOM1HIwggmDUPG
via
1.1 ce0a6880f9416cb3a7b5da0d937e47be.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
age
49820
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
862
last-modified
Fri, 01 Dec 2023 07:40:46 GMT
server
AmazonS3
etag
"4fd0f6c20129de3c0dbc079c32c0a2a1"
access-control-max-age
1000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
e7EXQtrN4pW1k2PAABVroUKb5zjklBo4SuPqOwNs5OFSAqramr67RA==
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBvVx-YKtE3VAvClOHgh3Ge3RmAbjGS9Hk&v=weekly&libraries=geometry&client=gme-edenredsas&channel=myedenred
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 10:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.myedenred.fi
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		72 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.155.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
202494941ff2104e5a84771aaa51023cdecf39ef25d281dea084f94287deb17f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.myedenred.fi/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 10:18:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
83662e3e69625f13-ARN
access-control-allow-headers
Content-Type
style.css
static.aim.front.ai/prod-common-edenred-myedenred/ 		1 KB
911 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.aim.front.ai/prod-common-edenred-myedenred/style.css
Requested by
Host: static.aim.front.ai
URL: https://static.aim.front.ai/prod-common/chat-formation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-47.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
83f4435d3730a24c641790af727cfaedcf9c5ece316fac68bfe67471c91dd94e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
ipnMguEJ49KIax.jGYu2BahKUJUyY3fT
content-encoding
gzip
via
1.1 79a075303cab256e952b4b0679e1182c.cloudfront.net (CloudFront)
date
Sat, 16 Dec 2023 10:13:44 GMT
last-modified
Fri, 18 Nov 2022 09:27:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
49379
etag
W/"4e7afbcf8a3a3d50a8d1cb9429b787d3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
8UoKcsnQTIDBKQIwhdLpDO1Z9VRITiWHoSWhQsPIawSwzUo3IBDSKw==
base-fonts.css
static.aim.front.ai/assets/fonts/ 		173 B
575 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.aim.front.ai/assets/fonts/base-fonts.css
Requested by
Host: static.aim.front.ai
URL: https://static.aim.front.ai/prod-common/chat-formation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-47.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11aec4656006124bdb0b1b1ea470755555673ab858b2bc22f86a4b44b1161751

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
blkow0KKlqGm9GzZzIq6iWBPmi5J.kvU
date
Sat, 16 Dec 2023 06:25:54 GMT
via
1.1 79a075303cab256e952b4b0679e1182c.cloudfront.net (CloudFront)
last-modified
Fri, 14 Apr 2023 07:26:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
13934
x-amz-server-side-encryption
AES256
etag
"fe47775905c93f127d85d9ac646bbd57"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
173
x-amz-cf-id
45r1_6wLGnvx5rWck_CBtQeLX4jxLP36baAG9cnKgUqeaOVeQYz9iA==
chatPanel.js
edenred321.boost.ai/chatPanel/ 		901 KB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edenred321.boost.ai/chatPanel/chatPanel.js
Requested by
Host: static.aim.front.ai
URL: https://static.aim.front.ai/prod-common/chat-formation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.197.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad08383350435e492.awsglobalaccelerator.com
Software
envoy /
Resource Hash
ee4fc2852c9e9991561780372c97bf860e1022c733dfa7718cb85753c20e0fcf
Security Headers
Name Value
Strict-Transport-Security max-age=94608000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 10:18:09 GMT
strict-transport-security
max-age=94608000; includeSubDomains
content-encoding
gzip
last-modified
Tue, 05 Dec 2023 22:05:02 GMT
server
envoy
etag
W/"656f9e8e-e12ba"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
x-envoy-upstream-service-time
10
x-robots-tag
noindex
lato-normal-400.ttf
static.aim.front.ai/assets/fonts/ 		0
0
ella-icon.png
static.aim.front.ai/dev-common-edenred/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.aim.front.ai/dev-common-edenred/ella-icon.png
Requested by
Host: static.aim.front.ai
URL: https://static.aim.front.ai/prod-common-edenred-myedenred/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-47.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
79d83b50c01e986a97eebf0a82d34093d1fea79b336df3851fa8933eba9654d0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://static.aim.front.ai/prod-common-edenred-myedenred/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
iBvvQnUd8Uc_DW8SbmtAns5bU_Ar.2yk
date
Sat, 16 Dec 2023 04:36:27 GMT
via
1.1 79a075303cab256e952b4b0679e1182c.cloudfront.net (CloudFront)
last-modified
Wed, 04 Aug 2021 12:00:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
20502
etag
"bcd9fc63cf6f1b09d9d8e7f471d07238"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
8244
x-amz-cf-id
QS-iUHZJjR-joVa8aAAEuk1WRt4fqW3Oc5LKYelsne6OQc5KRiZM4Q==
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.39.0/ 		372 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Dec 2023 10:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Zp/CcrZmK7hQ2S6c/t9Tpw==
age
84716
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
90454
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:31:04 GMT
server
cloudflare
etag
0x8DA87805EB35DE2
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7531ee9b-301e-0079-330a-15c5a7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83662e3f4a2cd957-HEL
v2
edenred321.boost.ai/api/chat_panel/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://edenred321.boost.ai/api/chat_panel/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.197.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad08383350435e492.awsglobalaccelerator.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=94608000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.myedenred.fi
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, X-Requested-With, Accept, Origin, Access-Control-Request-Method, Access-Control-Request-Headers, X-CSRF-TOKEN, X-XSRF-TOKEN, X-XHR-Logon, x-ms-client-application-name, x-ms-client-request-id, x-ms-client-session-id, x-ms-effective-locale, Authorization
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.myedenred.fi
access-control-max-age
600
date
Sat, 16 Dec 2023 10:18:09 GMT
server
envoy
strict-transport-security
max-age=94608000; includeSubDomains
vary
Origin
x-envoy-upstream-service-time
3
x-frame-options
SAMEORIGIN
x-robots-tag
noindex
v2
edenred321.boost.ai/api/chat_panel/ 		26 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edenred321.boost.ai/api/chat_panel/v2
Requested by
Host: edenred321.boost.ai
URL: https://edenred321.boost.ai/chatPanel/chatPanel.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.197.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad08383350435e492.awsglobalaccelerator.com
Software
envoy /
Resource Hash
4e2258ce01430e783c420f7396a87a30284affaae96afb386c114a17f7e924d0
Security Headers
Name Value
Strict-Transport-Security max-age=94608000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.myedenred.fi/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 16 Dec 2023 10:18:09 GMT
strict-transport-security
max-age=94608000; includeSubDomains
server
envoy
x-frame-options
SAMEORIGIN
vary
Origin
content-type
text/json; charset=utf-8
access-control-allow-origin
https://www.myedenred.fi
cache-control
no-cache, max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
11
x-robots-tag
noindex
content-length
26695
x-process-time-seconds
0.004766484955325723
en.json
cdn.cookielaw.org/consent/91f98815-befd-4c7e-8878-ee51b5e51d1e/a614b96f-16ae-43c4-ac7e-f9a91d84b221/ 		31 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/91f98815-befd-4c7e-8878-ee51b5e51d1e/a614b96f-16ae-43c4-ac7e-f9a91d84b221/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c04214ee543db3593b4652bcc799cae0adcfd245e227a1db8e0d1f616d6f20b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Dec 2023 10:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
84609
content-md5
9SofbMkgu6DahoK8dFAicw==
content-length
9632
x-ms-lease-status
unlocked
last-modified
Fri, 05 Aug 2022 08:24:12 GMT
server
cloudflare
etag
0x8DA76BBE0784233
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5809ba37-d01e-0095-0b91-13d136000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83662e41cca64e12-HEL
expires
Sun, 17 Dec 2023 10:18:09 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Dec 2023 10:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Xx897lTVYGjMQiwuGCrzDA==
age
84660
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3007
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:30:55 GMT
server
cloudflare
etag
0x8DA87805972EF22
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
63523da9-b01e-0093-3ed7-1ce289000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83662e427f1e4e12-HEL
otPcTab.json
cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/ 		63 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cc5068304cfb22bbddb5a9800f7c59d843824381ad7183f89291ae41a6d09b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Dec 2023 10:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
PpYet/3D+UMQBHrd1SR49w==
age
84660
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
13981
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:30:58 GMT
server
cloudflare
etag
0x8DA87805B3CBC97
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
68316abb-001e-004d-6ed7-1cf66f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83662e427f224e12-HEL
otCookieSettingsButton.json
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCookieSettingsButton.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Dec 2023 10:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ssl6Phwu9+sah2W05EtyUQ==
age
84660
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1767
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:30:57 GMT
server
cloudflare
etag
0x8DA87805A8DD1F0
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
1f932896-101e-0041-246f-0c6167000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83662e42afc44e12-HEL
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 		22 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Dec 2023 10:18:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
B55i3ZY9miZIaUrwjufy0w==
age
84660
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:31:09 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
83b5432d-901e-005f-2bc9-128dbf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
83662e42afc74e12-HEL
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800;900&family=Roboto:wght@400;500;700&family=Ubuntu:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.myedenred.fi
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 17:34:04 GMT
x-content-type-options
nosniff
age
405846
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Dec 2024 17:34:04 GMT
fi.json
cdn.cookielaw.org/consent/91f98815-befd-4c7e-8878-ee51b5e51d1e/a614b96f-16ae-43c4-ac7e-f9a91d84b221/ 		32 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/91f98815-befd-4c7e-8878-ee51b5e51d1e/a614b96f-16ae-43c4-ac7e-f9a91d84b221/fi.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e5be149c2210d12fca4341c4f9b431670c8329ec3dbf9ab5e161377bc8663d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Dec 2023 10:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
84660
content-md5
QLDB/Ss2/9RRsn3BQgFm8w==
content-length
10081
x-ms-lease-status
unlocked
last-modified
Fri, 05 Aug 2022 08:24:13 GMT
server
cloudflare
etag
0x8DA76BBE12FD44B
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
dfe8060c-c01e-0030-1e5c-0d874c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83662e436a844e12-HEL
expires
Sun, 17 Dec 2023 10:18:09 GMT
1121px-Edenred_Logo_(depuis_2017).png
cdn.cookielaw.org/logos/3eee82c0-9eb6-4614-b723-8d597fdcce8d/ff07687d-a261-433b-a82f-5a77fc001b09/faee6f50-360f-4785-b910-70bd629d6a78/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/3eee82c0-9eb6-4614-b723-8d597fdcce8d/ff07687d-a261-433b-a82f-5a77fc001b09/faee6f50-360f-4785-b910-70bd629d6a78/1121px-Edenred_Logo_(depuis_2017).png
Requested by
Host: www.myedenred.fi
URL: https://www.myedenred.fi/__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20acb8c69d90efc467c4ae2e6c3f10c1e28cac849463d461700623bac3396f7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Dec 2023 10:18:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Gqa1WZRvl5+sNEhfuWrxZA==
age
84717
content-length
37749
x-ms-lease-status
unlocked
last-modified
Thu, 17 Dec 2020 09:50:49 GMT
server
cloudflare
etag
0x8D8A2713BEB97F5
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
7fdf3949-d01e-005e-3ae8-11d263000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83662e437a48d957-HEL
poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
Requested by
Host: www.myedenred.fi
URL: https://www.myedenred.fi/__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Dec 2023 10:18:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
LpuayL42jB78xRllx0vkOw==
age
84717
x-ms-lease-status
unlocked
last-modified
Thu, 14 Dec 2023 20:51:49 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
70087508-b01e-0005-0321-2feb58000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
83662e437a49d957-HEL
otFlat.json
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Dec 2023 10:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Xx897lTVYGjMQiwuGCrzDA==
age
84660
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3007
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:30:55 GMT
server
cloudflare
etag
0x8DA87805972EF22
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
63523da9-b01e-0093-3ed7-1ce289000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83662e441c404e12-HEL
en.json
cdn.cookielaw.org/consent/91f98815-befd-4c7e-8878-ee51b5e51d1e/a614b96f-16ae-43c4-ac7e-f9a91d84b221/ 		31 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/91f98815-befd-4c7e-8878-ee51b5e51d1e/a614b96f-16ae-43c4-ac7e-f9a91d84b221/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c04214ee543db3593b4652bcc799cae0adcfd245e227a1db8e0d1f616d6f20b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Dec 2023 10:18:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
84612
content-md5
9SofbMkgu6DahoK8dFAicw==
content-length
9632
x-ms-lease-status
unlocked
last-modified
Fri, 05 Aug 2022 08:24:12 GMT
server
cloudflare
etag
0x8DA76BBE0784233
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5809ba37-d01e-0095-0b91-13d136000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83662e545c254e12-HEL
expires
Sun, 17 Dec 2023 10:18:12 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LfzYZ0UAAAAAJvN-yBx1wErzEmQPh2Z9stjFBN1
Requested by
Host: www.myedenred.fi
URL: https://www.myedenred.fi/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
GSE /
Resource Hash
91d2d71a3944bffd0d3aeb9a44d1e584392a175a0f069c6679b275116c3414f6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 10:18:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 16 Dec 2023 10:18:13 GMT
news-feed-notification
api.myedenred.fi/ 		23 B
997 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.myedenred.fi/news-feed-notification?locale=en
Requested by
Host: www.myedenred.fi
URL: https://www.myedenred.fi/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.103.47.237 , United States, ASN2129 (HP-EUROPE-AS-TRADE, GB),
Reverse DNS
Software
/
Resource Hash
cda4608055c40f2a8e44763b44ba808a1bf534fcd50709a0b64d1db19f675d03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.myedenred.fi/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Sat, 16 Dec 2023 10:18:12 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Vary
Origin
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.myedenred.fi
Cache-Control
no-store
Access-Control-Allow-Credentials
true
X-Frame-Options
DENY
Access-Control-Allow-Headers
Content-Type
X-API-Info
4f577e61-1d80-4d0d-84b8-c65fe9188554:c0c11a3efd8592f4e593f28d1d599dbe
Content-Length
23
X-XSS-Protection
1; mode=block
news-feed-notification
api.myedenred.fi/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.myedenred.fi/news-feed-notification?locale=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.103.47.237 , United States, ASN2129 (HP-EUROPE-AS-TRADE, GB),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.myedenred.fi
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type Content-Type
Access-Control-Allow-Methods
GET GET, POST, PATCH, PUT, DELETE
Access-Control-Allow-Origin
https://www.myedenred.fi
Cache-Control
no-store
Date
Sat, 16 Dec 2023 10:18:11 GMT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000
Vary
Origin
X-API-Info
4f577e61-1d80-4d0d-84b8-c65fe9188554:c0c11a3efd8592f4e593f28d1d599dbe
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
ot_persistent_cookie.png
cdn.cookielaw.org/logos/static/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_persistent_cookie.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee92bed1936adf15aa49a4f42386c4a136cd2805815b049fe92167282d1a0179
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Dec 2023 10:18:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Pls8jLpIDufJkjP3ms5dvg==
age
84716
content-length
4968
x-ms-lease-status
unlocked
last-modified
Thu, 14 Dec 2023 20:51:49 GMT
server
cloudflare
etag
0x8DBFCE67E9C183F
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
beea4ea2-d01e-005e-601e-2fd263000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83662e550e7fd957-HEL
otFlat.json
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Dec 2023 10:18:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Xx897lTVYGjMQiwuGCrzDA==
age
84663
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3007
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:30:55 GMT
server
cloudflare
etag
0x8DA87805972EF22
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
63523da9-b01e-0093-3ed7-1ce289000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83662e551dfa4e12-HEL
1121px-Edenred_Logo_(depuis_2017).png
cdn.cookielaw.org/logos/3eee82c0-9eb6-4614-b723-8d597fdcce8d/ff07687d-a261-433b-a82f-5a77fc001b09/faee6f50-360f-4785-b910-70bd629d6a78/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/3eee82c0-9eb6-4614-b723-8d597fdcce8d/ff07687d-a261-433b-a82f-5a77fc001b09/faee6f50-360f-4785-b910-70bd629d6a78/1121px-Edenred_Logo_(depuis_2017).png
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/91f98815-befd-4c7e-8878-ee51b5e51d1e/OtAutoBlock.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20acb8c69d90efc467c4ae2e6c3f10c1e28cac849463d461700623bac3396f7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Dec 2023 10:18:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Gqa1WZRvl5+sNEhfuWrxZA==
age
84720
content-length
37749
x-ms-lease-status
unlocked
last-modified
Thu, 17 Dec 2020 09:50:49 GMT
server
cloudflare
etag
0x8D8A2713BEB97F5
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
7fdf3949-d01e-005e-3ae8-11d263000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83662e55eff9d957-HEL
poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 16 Dec 2023 10:18:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
LpuayL42jB78xRllx0vkOw==
age
84720
x-ms-lease-status
unlocked
last-modified
Thu, 14 Dec 2023 20:51:49 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
70087508-b01e-0005-0321-2feb58000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
83662e55effbd957-HEL
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YL7PM2X13Q&gtm=45je3bt0v871941655&_p=1702721886444&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=954544353.1702721888&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1702721887&sct=1&seg=0&dl=https%3A%2F%2Fwww.myedenred.fi%2F__&dt=MyEdenred&en=scroll&epn.percent_scrolled=90&_et=4&tfd=6971
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YL7PM2X13Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 10:18:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.myedenred.fi
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
recaptcha__fi.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 		505 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__fi.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfzYZ0UAAAAAJvN-yBx1wErzEmQPh2Z9stjFBN1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
e8079d05dbcdb9bec2d10db248422335342d7da684b01446c60b7c088a68b21c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myedenred.fi/
Origin
https://www.myedenred.fi
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 08:07:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
180627
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207289
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Dec 2024 08:07:46 GMT
common.js
maps.googleapis.com/maps-api-v3/api/js/55/4/intl/fi_ALL/ 		256 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/55/4/intl/fi_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBvVx-YKtE3VAvClOHgh3Ge3RmAbjGS9Hk&v=weekly&libraries=geometry&client=gme-edenredsas&channel=myedenred
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f10.1e100.net
Software
sffe /
Resource Hash
392f9fe3315faaebf087cb92eb23f0f19c56c334648c25cc41e2c65b63cc432f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 20:11:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
396407
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57592
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 22:55:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Dec 2024 20:11:26 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/55/4/intl/fi_ALL/ 		174 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/55/4/intl/fi_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBvVx-YKtE3VAvClOHgh3Ge3RmAbjGS9Hk&v=weekly&libraries=geometry&client=gme-edenredsas&channel=myedenred
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f10.1e100.net
Software
sffe /
Resource Hash
9cbb582874e066b7557bc40bc02028895f3391f7039ecc88e45ead676488321f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.myedenred.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:21:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
352614
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55255
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 22:55:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 08:21:19 GMT
anchor
www.google.com/recaptcha/api2/ Frame C08A 		41 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzYZ0UAAAAAJvN-yBx1wErzEmQPh2Z9stjFBN1&co=aHR0cHM6Ly93d3cubXllZGVucmVkLmZpOjQ0Mw..&hl=fi&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=cj6zfaxklu47
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__fi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
GSE /
Resource Hash
f4a92afc4fcc3a76827494ddcdf6444c938375cb5ab67b5367d45ada798bc3d1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Qnd7qLeh_umnpUbQY3OjaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.myedenred.fi/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Qnd7qLeh_umnpUbQY3OjaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 16 Dec 2023 10:18:14 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame C08A 		55 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzYZ0UAAAAAJvN-yBx1wErzEmQPh2Z9stjFBN1&co=aHR0cHM6Ly93d3cubXllZGVucmVkLmZpOjQ0Mw..&hl=fi&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=cj6zfaxklu47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 09:44:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2004
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Dec 2024 09:44:50 GMT
recaptcha__fi.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame C08A 		505 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__fi.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzYZ0UAAAAAJvN-yBx1wErzEmQPh2Z9stjFBN1&co=aHR0cHM6Ly93d3cubXllZGVucmVkLmZpOjQ0Mw..&hl=fi&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=cj6zfaxklu47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
e8079d05dbcdb9bec2d10db248422335342d7da684b01446c60b7c088a68b21c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 08:07:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
180628
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207289
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Dec 2024 08:07:46 GMT
mL2Y2df9MP72hJspIKkaS_u6JtFhauYVKQ-w1rT0CAw.js
www.google.com/js/bg/ Frame C08A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/mL2Y2df9MP72hJspIKkaS_u6JtFhauYVKQ-w1rT0CAw.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__fi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
sffe /
Resource Hash
98bd98d9d7fd30fef6849b2920a91a4bfbba26d1616ae615290fb0d6b4f4080c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzYZ0UAAAAAJvN-yBx1wErzEmQPh2Z9stjFBN1&co=aHR0cHM6Ly93d3cubXllZGVucmVkLmZpOjQ0Mw..&hl=fi&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=cj6zfaxklu47
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 02:33:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
114264
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6828
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Dec 2024 02:33:51 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame C08A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 19:56:54 GMT
x-content-type-options
nosniff
age
397281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 18 Dec 2023 19:56:54 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C08A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzYZ0UAAAAAJvN-yBx1wErzEmQPh2Z9stjFBN1&co=aHR0cHM6Ly93d3cubXllZGVucmVkLmZpOjQ0Mw..&hl=fi&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=cj6zfaxklu47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 23:26:56 GMT
x-content-type-options
nosniff
age
125479
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:26:56 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C08A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzYZ0UAAAAAJvN-yBx1wErzEmQPh2Z9stjFBN1&co=aHR0cHM6Ly93d3cubXllZGVucmVkLmZpOjQ0Mw..&hl=fi&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=cj6zfaxklu47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 21:01:27 GMT
x-content-type-options
nosniff
age
220608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Dec 2024 21:01:27 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame C08A 		102 B
209 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=fi&v=u-xcq3POCWFlCr3x8_IPxgPu
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzYZ0UAAAAAJvN-yBx1wErzEmQPh2Z9stjFBN1&co=aHR0cHM6Ly93d3cubXllZGVucmVkLmZpOjQ0Mw..&hl=fi&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=cj6zfaxklu47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
GSE /
Resource Hash
5e4b575e1f4a0b91d5fe6deaf3954bc8090df41f02ebdcbfa88d99e0fc308160
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzYZ0UAAAAAJvN-yBx1wErzEmQPh2Z9stjFBN1&co=aHR0cHM6Ly93d3cubXllZGVucmVkLmZpOjQ0Mw..&hl=fi&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=cj6zfaxklu47
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 10:18:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 16 Dec 2023 10:18:15 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.aim.front.ai
URL
https://static.aim.front.ai/assets/fonts/lato-normal-400.ttf

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| envVariables function| gtag object| dataLayer function| OptanonWrapper object| OneTrustStub object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| FrontCFmobileCheck function| FrontCFreadCookie function| FrontCFcreateCookie function| FrontCFdeleteCookie function| FrontCFreadSS function| FrontCFsetSS function| FrontCFremoveSS function| FrontCFreturnHostname function| FrontCFremoveProtocol function| chatFormation function| docReady function| initializeElla function| openElla object| google object| module$exports$mapsapi$geometry$spherical object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| module$exports$mapsapi$geometry$polyGeometry object| module$exports$mapsapi$poly$polylineCodec string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData function| boostChatPanel function| boostInit string| FrontCGLangValue object| chatPanel object| Optanon object| OneTrust function| webpackHotUpdateedenred number| 2f1acc6c3a606b082e5eef5e54414ffb function| flatpickr function| _ object| regeneratorRuntime object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_584289

6 Cookies

Domain/Path Name / Value
.www.myedenred.fi/ Name: TS016b7cf5
Value: 015b3bbaa3d34ccc56a0bdb3bea05780bc973fe3c54eb21e67c4100984a74f63661270bdcb3b9e730d4041b6a292f107f4a60c066d
.myedenred.fi/ Name: _ga
Value: GA1.1.954544353.1702721888
.myedenred.fi/ Name: _ga_YL7PM2X13Q
Value: GS1.1.1702721887.1.0.1702721887.0.0.0
.myedenred.fi/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Sat+Dec+16+2023+12%3A18%3A09+GMT%2B0200+(Eastern+European+Standard+Time)&version=6.39.0&hosts=&consentId=a3fd8b5c-bb62-44b4-9de7-00768497343b&interactionCount=0&landingPath=https%3A%2F%2Fwww.myedenred.fi%2F__&groups=C0001%3A1%2CC0002%3A0
api.myedenred.fi/ Name: BIGipServer~P009~P009-fi-exb-api-prd_pool-PL
Value: !pQ4KXGmVwje12W0qsTbBLnAEm1RMh5E8Ew40fwU1dogP60jYGOz7XhWhO3mkMiXv89w3MQ1kzJNj5lsvO4qzbUZf/IbTuqC5qK+JNvBJdgE=
.api.myedenred.fi/ Name: TS0166fadb
Value: 015b3bbaa360dc04866cc5cc3d4fbe2d835105b97dea4bfbd49c2d0695a223a03c24f07c81c70f55414ed4aa1996e37d8fd90b8561

17 Console Messages

Source Level URL
Text
security error URL: https://www.myedenred.fi/__
Message:
The source list for the Content Security Policy directive 'script-src' contains an invalid source: '*.'. It will be ignored.
security error URL: https://www.myedenred.fi/__
Message:
Refused to load the font 'https://static.aim.front.ai/assets/fonts/lato-normal-400.ttf' because it violates the following Content Security Policy directive: "font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data:".
security error URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js(Line 6)
Message:
The source list for the Content Security Policy directive 'script-src' contains an invalid source: '*.'. It will be ignored.
security error URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js(Line 6)
Message:
The source list for the Content Security Policy directive 'script-src' contains an invalid source: '*.'. It will be ignored.
security error URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js(Line 6)
Message:
The source list for the Content Security Policy directive 'script-src' contains an invalid source: '*.'. It will be ignored.
security error URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js(Line 6)
Message:
The source list for the Content Security Policy directive 'script-src' contains an invalid source: '*.'. It will be ignored.
security error URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js(Line 6)
Message:
The source list for the Content Security Policy directive 'script-src' contains an invalid source: '*.'. It will be ignored.
security error URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js(Line 6)
Message:
The source list for the Content Security Policy directive 'script-src' contains an invalid source: '*.'. It will be ignored.
security error URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js(Line 6)
Message:
The source list for the Content Security Policy directive 'script-src' contains an invalid source: '*.'. It will be ignored.
security error URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js(Line 6)
Message:
The source list for the Content Security Policy directive 'script-src' contains an invalid source: '*.'. It will be ignored.
security error URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js(Line 6)
Message:
The source list for the Content Security Policy directive 'script-src' contains an invalid source: '*.'. It will be ignored.
security error URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js(Line 6)
Message:
The source list for the Content Security Policy directive 'script-src' contains an invalid source: '*.'. It will be ignored.
security error URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js(Line 6)
Message:
The source list for the Content Security Policy directive 'script-src' contains an invalid source: '*.'. It will be ignored.
security error URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js(Line 6)
Message:
The source list for the Content Security Policy directive 'script-src' contains an invalid source: '*.'. It will be ignored.
security error URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__fi.js(Line 541)
Message:
The source list for the Content Security Policy directive 'script-src' contains an invalid source: '*.'. It will be ignored.
security error URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__fi.js(Line 345)
Message:
The source list for the Content Security Policy directive 'script-src' contains an invalid source: '*.'. It will be ignored.
security error URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__fi.js(Line 345)
Message:
The source list for the Content Security Policy directive 'script-src' contains an invalid source: '*.'. It will be ignored.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://api.myedenred.fi https://search.edenred.fi https://www.googletagmanager.com https://maps.googleapis.com https://wallet.eu.edenred.io https://sso.edenred.io https://stats.g.doubleclick.net https://static.aim.front.ai https://edenred321.boost.ai https://cdn.cookielaw.org; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.aim.front.ai; img-src 'self' https://www.myedenred.fi https://edenred.fi https://efi-images-cdn-p.azureedge.net https://www.google.fi https://www.google.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com https://www.googletagmanager.com https://maps.gstatic.com https://www.gstatic.com https://maps.googleapis.com https://stats.g.doubleclick.net https://static.aim.front.ai https://boost-files-general-eu-west-1-prod.s3-eu-west-1.amazonaws.com https://i.ytimg.com https://flagcdn.com https://cdn.cookielaw.org data:; script-src 'self' 'unsafe-inline' https://polyfill.io/v3/polyfill.min.js *. googletagmanager.com https://www.googletagmanager.com https://www.google.fi https://www.google.com https://maps.googleapis.com https://www.gstatic.com https://static.aim.front.ai https://edenred321.boost.ai https://cdn.cookielaw.org; connect-src 'self' https://myedenred.fi https://www.myedenred.fi https://api.myedenred.fi https://search.edenred.fi https://sso.edenred.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com https://www.googletagmanager.com https://maps.googleapis.com https://stats.g.doubleclick.net https://static.aim.front.ai https://edenred321.boost.ai https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://geolocation.onetrust.com; frame-src 'self' https://wallet.eu.edenred.io https://sso.edenred.io https://sso.eu.edenred.io https://www.google.com https://recaptcha.google.com https://www.youtube.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.myedenred.fi
cdn.cookielaw.org
edenred321.boost.ai
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
maps.googleapis.com
polyfill.io
region1.google-analytics.com
static.aim.front.ai
www.google.com
www.googletagmanager.com
www.gstatic.com
www.myedenred.fi
static.aim.front.ai
104.18.130.236
13.248.197.49
142.250.185.195
142.250.186.132
142.250.186.35
142.250.186.42
151.101.1.26
172.217.16.202
172.217.18.104
172.64.155.119
18.245.60.47
204.103.47.237
204.103.47.243
216.239.34.36
0cc5068304cfb22bbddb5a9800f7c59d843824381ad7183f89291ae41a6d09b8
11aec4656006124bdb0b1b1ea470755555673ab858b2bc22f86a4b44b1161751
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
202494941ff2104e5a84771aaa51023cdecf39ef25d281dea084f94287deb17f
20acb8c69d90efc467c4ae2e6c3f10c1e28cac849463d461700623bac3396f7d
2e5be149c2210d12fca4341c4f9b431670c8329ec3dbf9ab5e161377bc8663d7
310fd1f29f758b0038f122d9a4a61180b286a265ffb45cd5861f7c48ebd997e6
392f9fe3315faaebf087cb92eb23f0f19c56c334648c25cc41e2c65b63cc432f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4e2258ce01430e783c420f7396a87a30284affaae96afb386c114a17f7e924d0
5792d173348a72a8c7ff989d487bada46c032332a5c480d00cea6392b16066da
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e4b575e1f4a0b91d5fe6deaf3954bc8090df41f02ebdcbfa88d99e0fc308160
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2
6d72fa0f78c80b1874d3ee4aadf43d973edc442a65fef83d37e684ac559893b7
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
79d83b50c01e986a97eebf0a82d34093d1fea79b336df3851fa8933eba9654d0
83e58ffeeaf89305effbc68e91502aea46484f4746a14248c4d4ddfa0c0a6e1b
83f4435d3730a24c641790af727cfaedcf9c5ece316fac68bfe67471c91dd94e
85aeeed574b9b79a0962fc947bd4f85c96e054121eb1f70886f3c0527b75d74c
886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd
91d2d71a3944bffd0d3aeb9a44d1e584392a175a0f069c6679b275116c3414f6
98bd98d9d7fd30fef6849b2920a91a4bfbba26d1616ae615290fb0d6b4f4080c
9cbb582874e066b7557bc40bc02028895f3391f7039ecc88e45ead676488321f
a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f
a4c8f4cef27ae7606d4e8e2b8af5d76bd35e94872278b7211efb97df468bb4dd
af4478ef65a3c5d5ed49a649a79181c0c87f6636ca3afdc25468af43d104059b
b0363df16a0781eb3ef397dda72c459ad05d916afda3cfc5d056c8fa29289d02
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c04214ee543db3593b4652bcc799cae0adcfd245e227a1db8e0d1f616d6f20b8
c37228182a6b3a87566f5b38d629fb0c7ba46b2db19aaef440a91ac2ea45b42b
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cda4608055c40f2a8e44763b44ba808a1bf534fcd50709a0b64d1db19f675d03
dec96ac203a5465567f12a950ea57d931ad5c51257264cd0b0afcff92df7d085
e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8079d05dbcdb9bec2d10db248422335342d7da684b01446c60b7c088a68b21c
ee4fc2852c9e9991561780372c97bf860e1022c733dfa7718cb85753c20e0fcf
ee92bed1936adf15aa49a4f42386c4a136cd2805815b049fe92167282d1a0179
f4a92afc4fcc3a76827494ddcdf6444c938375cb5ab67b5367d45ada798bc3d1
fa401a87c0c06cd52ff41bacff5d549a464a4b432c17d6d1a724acdc012351e4
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4