client-portal.it.edenred.io Open in urlscan Pro
107.162.194.202 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://portaleclienti.edenred.it/
Effective URL:
https://client-portal.it.edenred.io/v1/dxl/dmn-authentication-service/connect/authorize?client_id=diu12yd8&response_type=code&state=...
Submission: On April 29 via manual (April 29th 2024, 9:27:44 am UTC) from IN — Scanned from IT

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 20 HTTP transactions. The main IP is 107.162.194.202, located in United States and belongs to DEFENSE-NET, US. The main domain is client-portal.it.edenred.io.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on September 22nd 2023. Valid for: a year.

This is the only time client-portal.it.edenred.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	107.162.174.20 107.162.174.20	55002 (DEFENSE-NET) (DEFENSE-NET)
4	20.150.42.225 20.150.42.225	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	142.250.185.138 142.250.185.138	15169 (GOOGLE) (GOOGLE)
1	13.107.213.45 13.107.213.45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	216.58.212.138 216.58.212.138	15169 (GOOGLE) (GOOGLE)
2	107.162.194.202 107.162.194.202	55002 (DEFENSE-NET) (DEFENSE-NET)
1	216.58.212.163 216.58.212.163	15169 (GOOGLE) (GOOGLE)
1	216.58.212.150 216.58.212.150	15169 (GOOGLE) (GOOGLE)
2	54.246.36.46 54.246.36.46	16509 (AMAZON-02) (AMAZON-02)
20	10

4 107.162.174.20 (United States)

ASN55002 (DEFENSE-NET, US)

portaleclienti.edenred.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.150.42.225 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

eitdxlcustomerpstorep.z6.web.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.213.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

eitdxlcustomerpstorep-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f10.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.162.194.202 (United States)

ASN55002 (DEFENSE-NET, US)

client-portal.it.edenred.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.150 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f150.1e100.net

play-lh.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.246.36.46 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-36-46.eu-west-1.compute.amazonaws.com

bf36808mmh.bf.dynatrace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33 maps.googleapis.com — Cisco Umbrella Rank: 362	82 KB
4	windows.net eitdxlcustomerpstorep.z6.web.core.windows.net	4 MB
4	edenred.it portaleclienti.edenred.it	110 KB
2	edenred.io client-portal.it.edenred.io	389 KB
2	dynatrace.com js-cdn.dynatrace.com Failed bf36808mmh.bf.dynatrace.com	971 B
1	googleusercontent.com play-lh.googleusercontent.com — Cisco Umbrella Rank: 579	15 KB
1	gstatic.com fonts.gstatic.com	15 KB
1	azureedge.net eitdxlcustomerpstorep-cdn.azureedge.net	1 KB
20	8

	Domain	Requested by
4	eitdxlcustomerpstorep.z6.web.core.windows.net	portaleclienti.edenred.it
4	portaleclienti.edenred.it	portaleclienti.edenred.it
2	bf36808mmh.bf.dynatrace.com	client-portal.it.edenred.io
2	client-portal.it.edenred.io	eitdxlcustomerpstorep.z6.web.core.windows.net client-portal.it.edenred.io
2	maps.googleapis.com	eitdxlcustomerpstorep.z6.web.core.windows.net portaleclienti.edenred.it
2	fonts.googleapis.com	eitdxlcustomerpstorep.z6.web.core.windows.net client-portal.it.edenred.io
1	play-lh.googleusercontent.com
1	fonts.gstatic.com	fonts.googleapis.com
1	eitdxlcustomerpstorep-cdn.azureedge.net	portaleclienti.edenred.it
0	js-cdn.dynatrace.com Failed	eitdxlcustomerpstorep.z6.web.core.windows.net
20	10

This site contains no links.

Subject Issuer	Validity	Valid
portaleclienti.edenred.it GlobalSign RSA OV SSL CA 2018	`2024-03-22` - `2025-04-23`	a year	crt.sh
*.web.core.windows.net Microsoft RSA TLS CA 01	`2023-09-28` - `2024-09-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.azureedge.net Microsoft Azure RSA TLS Issuing CA 04	`2024-04-09` - `2025-04-04`	a year	crt.sh
*.it.edenred.io GlobalSign RSA OV SSL CA 2018	`2023-09-22` - `2024-10-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.bf.dynatrace.com Amazon RSA 2048 M03	`2023-12-20` - `2025-01-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://client-portal.it.edenred.io/v1/dxl/dmn-authentication-service/connect/authorize?client_id=diu12yd8&response_type=code&state=&code_challenge=rhfPpb33JiITkds12voFSoY0IF1wvvH-oLfG_yYeTmg&code_challenge_method=S256&redirect_uri=https://portaleclienti.edenred.it/&response_mode=web_message&nonce=3qio6v48moa&scope=openid%20offline_access&language=en
Frame ID: A518620DC7B983BDE412F66C50BCDFE2
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Edenred - Login

Page URL History Show full URLs

http://portaleclienti.edenred.it/ HTTP 307
https://portaleclienti.edenred.it/ Page URL
https://client-portal.it.edenred.io/v1/dxl/dmn-authentication-service/connect/authorize?client_id=diu12yd8&respo... Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Page Statistics

20
Requests

95 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

10
IPs

3
Countries

4460 kB
Transfer

38953 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://portaleclienti.edenred.it/ HTTP 307
https://portaleclienti.edenred.it/ Page URL
https://client-portal.it.edenred.io/v1/dxl/dmn-authentication-service/connect/authorize?client_id=diu12yd8&response_type=code&state=&code_challenge=rhfPpb33JiITkds12voFSoY0IF1wvvH-oLfG_yYeTmg&code_challenge_method=S256&redirect_uri=https://portaleclienti.edenred.it/&response_mode=web_message&nonce=3qio6v48moa&scope=openid%20offline_access&language=en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://portaleclienti.edenred.it/ HTTP 307
https://portaleclienti.edenred.it/

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
portaleclienti.edenred.it/
Redirect Chain

http://portaleclienti.edenred.it/
https://portaleclienti.edenred.it/

2 KB
3 KB

396ms
292ms

Document
text/html

107.162.174.20
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://portaleclienti.edenred.it/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.174.20 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

5aed7bb9b47f1eb0a2261f648d3093a129942ce13f63499dea044bf2cc25e433

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=7200
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1085
Content-Type: text/html; charset=UTF-8
Date: Mon, 29 Apr 2024 09:27:37 GMT
ETag: "0x8DC59892CF0D9B3:dtagent10287240325103108Y+Yi"
Keep-Alive: timeout=5, max=100
Last-Modified: Wed, 10 Apr 2024 18:08:06 GMT
Server-Timing: dtSInfo;desc="0", dtRpid;desc="704461074"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Accept-Encoding,Origin
Via: 1.1 fra1-bit13010
X-Cache: TCP_HIT
X-Content-Type-Options: nosniff
X-OneAgent-JS-Injection: true
X-XSS-Protection: 1; mode=block
X-ruxit-JS-Agent: true
x-azure-ref: 20240429T092737Z-1846fb9687457zxw7atv3mm6z8000000067000000001q0e6
x-fd-int-roxy-purgeid: 59490998
x-ms-request-id: 926a1a65-201e-0001-10df-963fe0000000
x-ms-version: 2018-03-28

Redirect headers

Location: https://portaleclienti.edenred.it/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK ruxitagentjs_ICA7NVfqrux_10287240325103108.js Show response
portaleclienti.edenred.it/ 213 KB
102 KB 124ms
122ms Script
text/javascript 107.162.174.20
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://portaleclienti.edenred.it/ruxitagentjs_ICA7NVfqrux_10287240325103108.js

Requested by

Host: portaleclienti.edenred.it
URL: https://portaleclienti.edenred.it/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.174.20 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

5588624aacaba6fc6a19a621e41cd8c19cc2b2035e29791b2a921183c7700de3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://portaleclienti.edenred.it/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 29 Apr 2024 09:27:37 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Wed, 03 Mar 2010 07:01:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 fra1-bit13010
Cache-Control: public, max-age=31536000, immutable
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 103067
X-XSS-Protection: 1; mode=block
Expires: Tue, 29 Apr 2025 09:27:37 GMT

GET
H/1.1 200
OK platform.js Show response
portaleclienti.edenred.it/assets/not-supported/js/ 717 B
2 KB 212ms
161ms Script
application/javascript 107.162.174.20
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://portaleclienti.edenred.it/assets/not-supported/js/platform.js

Requested by

Host: portaleclienti.edenred.it
URL: https://portaleclienti.edenred.it/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.174.20 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

e1d47dc1fa18bd1033a1d4368262785a921a2cd26f2f0b43f781e6e9e6f6fde1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://portaleclienti.edenred.it/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 29 Apr 2024 09:27:37 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Via: 1.1 fra1-bit13010
X-Cache: TCP_HIT
x-fd-int-roxy-purgeid: 59490998
Server-Timing: dtSInfo;desc="1"
Connection: Keep-Alive
Content-Length: 717
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 10 Apr 2024 18:08:08 GMT
ETag: "0x8DC59892D51621E"
Vary: Origin, Accept-Encoding
x-azure-ref: 20240429T092737Z-1846fb96874bl24xtvp3txnv7s00000002dg00000000s60s
Content-Type: application/javascript
x-ms-request-id: f27385ab-001e-0064-73d0-9691a4000000
Cache-Control: max-age=7200
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK styles.dc9ffa1630f77d9b.css
eitdxlcustomerpstorep.z6.web.core.windows.net/static/ 139 KB
140 KB 194ms
47ms Stylesheet
text/css 20.150.42.225
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://eitdxlcustomerpstorep.z6.web.core.windows.net/static/styles.dc9ffa1630f77d9b.css
Requested by: Host: portaleclienti.edenred.it
URL: https://portaleclienti.edenred.it/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.42.225 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bdb0703e3a9d441f411b81695011d0f471cfdd905e8128559bcd6fd9cf05d150

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://portaleclienti.edenred.it/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 29 Apr 2024 09:27:37 GMT
Last-Modified: Wed, 10 Apr 2024 18:08:08 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: N04Ls8itbXALFfMIdIlpaQ==
ETag: "0x8DC59892D700929"
Vary: Origin
Content-Type: text/css
x-ms-request-id: 2cfad374-501e-008d-2717-9a57ee000000
Cache-Control: max-age=7200
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 142485

GET
H/1.1 200
OK polyfills.js Show response
eitdxlcustomerpstorep.z6.web.core.windows.net/static/ 16 MB
2 MB 244ms
96ms Script
application/javascript 20.150.42.225
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://eitdxlcustomerpstorep.z6.web.core.windows.net/static/polyfills.js
Requested by: Host: portaleclienti.edenred.it
URL: https://portaleclienti.edenred.it/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.42.225 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 9f6757facc7e65b7b661080ff9739ed7b1ce0d1ef94f9de8a0c3772e09074da7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://portaleclienti.edenred.it/
Origin: https://portaleclienti.edenred.it
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 29 Apr 2024 09:27:37 GMT
Content-Encoding: gzip
Content-MD5: mnX0onNDW8tkj1YUJhEtAw==
Content-Length: 1674384
Last-Modified: Wed, 10 Apr 2024 18:08:15 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
ETag: "0x8DC5989315674EF"
Vary: Origin
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: https://portaleclienti.edenred.it
x-ms-request-id: 396a6bd7-c01e-00a0-6717-9ae49d000000
Access-Control-Expose-Headers: Accept-Ranges,Cache-Control,Content-Encoding,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK main.js Show response
eitdxlcustomerpstorep.z6.web.core.windows.net/static/ 21 MB
2 MB 263ms
107ms Script
application/javascript 20.150.42.225
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://eitdxlcustomerpstorep.z6.web.core.windows.net/static/main.js
Requested by: Host: portaleclienti.edenred.it
URL: https://portaleclienti.edenred.it/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.42.225 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 857b9a66036d7824e861722530f0fdc44018dcbf41558dc24c1a79b5e44097c8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://portaleclienti.edenred.it/
Origin: https://portaleclienti.edenred.it
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 29 Apr 2024 09:27:36 GMT
Content-Encoding: gzip
Content-MD5: Q/RsHvCdw398Bmp9rjfg4Q==
Content-Length: 2103654
Last-Modified: Wed, 10 Apr 2024 18:08:13 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
ETag: "0x8DC59893064E558"
Vary: Origin
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: https://portaleclienti.edenred.it
x-ms-request-id: 06a6f906-401e-0028-4317-9a0194000000
Access-Control-Expose-Headers: Accept-Ranges,Cache-Control,Content-Encoding,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 95ms
36ms Stylesheet
text/css 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;900&display=swap

Requested by

Host: eitdxlcustomerpstorep.z6.web.core.windows.net
URL: https://eitdxlcustomerpstorep.z6.web.core.windows.net/static/styles.dc9ffa1630f77d9b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

b170b718ab2bbd831dddfb24bb6716d671225f545ee10aaf0bbbc59754cfcada

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://eitdxlcustomerpstorep.z6.web.core.windows.net/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Apr 2024 09:27:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Apr 2024 09:10:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Apr 2024 09:27:37 GMT

GET
H/1.1 200
OK custom-themes.json
portaleclienti.edenred.it/assets/ 2 KB
3 KB 99ms
98ms Fetch
application/json 107.162.174.20
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://portaleclienti.edenred.it/assets/custom-themes.json

Requested by

Host: portaleclienti.edenred.it
URL: https://portaleclienti.edenred.it/ruxitagentjs_ICA7NVfqrux_10287240325103108.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.174.20 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://portaleclienti.edenred.it/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
x-dtpc: 21$182857726_17h8vKMLQKFAQFRIGJQFMTBFCMWSEFCTGMHVD-0e0

Response headers

Date: Mon, 29 Apr 2024 09:27:38 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Via: 1.1 fra1-bit13010
X-Cache: TCP_HIT
x-fd-int-roxy-purgeid: 59490998
Server-Timing: dtSInfo;desc="0", dtRpid;desc="382634879"
Connection: Keep-Alive
Content-Length: 2140
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 10 Apr 2024 18:08:06 GMT
ETag: "0x8DC59892CF593FA:dtagent10287240325103108Y+Yi"
Vary: Accept-Encoding,Origin
x-azure-ref: 20240429T092738Z-1846fb96874mh8dhgtvsac9xk800000005a0000000011rqv
Content-Type: application/json
x-ms-request-id: e9f1ea63-901e-0014-7b41-972853000000
Cache-Control: max-age=7200
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK favicon.ico
eitdxlcustomerpstorep.z6.web.core.windows.net/assets/ 15 KB
15 KB 40ms
40ms Other
image/vnd.microsoft.icon 20.150.42.225
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://eitdxlcustomerpstorep.z6.web.core.windows.net/assets/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.42.225 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://portaleclienti.edenred.it/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 29 Apr 2024 09:27:38 GMT
Last-Modified: Wed, 10 Apr 2024 18:08:07 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: +wt4fNxX5kwgQX7L/m/C3w==
ETag: "0x8DC59892CF37164"
Vary: Origin
Content-Type: image/vnd.microsoft.icon
x-ms-request-id: 2cfad7b6-501e-008d-2917-9a57ee000000
Cache-Control: max-age=7200
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 15086

GET
H2 200 ground-config.json
eitdxlcustomerpstorep-cdn.azureedge.net/assets/ 2 KB
1 KB 115ms
21ms Fetch
application/json 13.107.213.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://eitdxlcustomerpstorep-cdn.azureedge.net/assets/ground-config.json
Requested by: Host: portaleclienti.edenred.it
URL: https://portaleclienti.edenred.it/ruxitagentjs_ICA7NVfqrux_10287240325103108.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.213.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://portaleclienti.edenred.it/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 09:27:38 GMT
content-encoding: br
last-modified: Wed, 10 Apr 2024 18:08:07 GMT
etag: W/"0x8DC59892CF7DD8C"
vary: Accept-Encoding, Origin
x-azure-ref: 20240429T092738Z-164f567bc789dnmgusr4ey1uuc00000004xg00000000ddeu
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: d93a8299-d01e-0015-086c-95778f000000
access-control-expose-headers: Accept-Ranges,Cache-Control,Content-Length,Content-Range,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control: max-age=7200
access-control-allow-credentials: true
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 59490998
x-cache: TCP_HIT

GET
H2 200 js
maps.googleapis.com/maps/api/ 246 KB
80 KB 62ms
61ms Script
text/javascript 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBoLxLBurpz1Z_kb9BYjsKou-7qoOTJYyk&libraries=places,geometry&language=it&region=IT

Requested by

Host: eitdxlcustomerpstorep.z6.web.core.windows.net
URL: https://eitdxlcustomerpstorep.z6.web.core.windows.net/static/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://portaleclienti.edenred.it/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 09:27:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82046
x-xss-protection: 0

GET 356cb8e71193fcee_complete.js
js-cdn.dynatrace.com/jstag/148709fdc4b/bf36808mmh/ 0
0

GET
H3 200 gen_204
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 96ms
42ms XHR
application/json 216.58.212.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: portaleclienti.edenred.it
URL: https://portaleclienti.edenred.it/ruxitagentjs_ICA7NVfqrux_10287240325103108.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://portaleclienti.edenred.it/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 09:27:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://portaleclienti.edenred.it
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H/1.1 200
OK Primary Request authorize Show response
client-portal.it.edenred.io/v1/dxl/dmn-authentication-service/connect/ 319 KB
320 KB 561ms
463ms Document
text/html 107.162.194.202
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://client-portal.it.edenred.io/v1/dxl/dmn-authentication-service/connect/authorize?client_id=diu12yd8&response_type=code&state=&code_challenge=rhfPpb33JiITkds12voFSoY0IF1wvvH-oLfG_yYeTmg&code_challenge_method=S256&redirect_uri=https://portaleclienti.edenred.it/&response_mode=web_message&nonce=3qio6v48moa&scope=openid%20offline_access&language=en

Requested by

Host: eitdxlcustomerpstorep.z6.web.core.windows.net
URL: https://eitdxlcustomerpstorep.z6.web.core.windows.net/static/main.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.194.202 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

61e3b006db9d2e83f978d78d759e7d88f82591db567a2253b6c4accf6c80650b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://portaleclienti.edenred.it/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 29 Apr 2024 09:27:39 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Transfer-Encoding: chunked
Via: 1.1 fra1-bit12010
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
x-correlation-id: b8f30a70060a11ef86ce025c6df1160f

GET
H/1.1 200
OK ruxitagentjs_A7NVfqrux_10287240325103108.js Show response
client-portal.it.edenred.io/v1/dxl/dmn-authentication-service/ 179 KB
69 KB 183ms
146ms Script
text/javascript 107.162.194.202
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://client-portal.it.edenred.io/v1/dxl/dmn-authentication-service/ruxitagentjs_A7NVfqrux_10287240325103108.js

Requested by

Host: client-portal.it.edenred.io
URL: https://client-portal.it.edenred.io/v1/dxl/dmn-authentication-service/connect/authorize?client_id=diu12yd8&response_type=code&state=&code_challenge=rhfPpb33JiITkds12voFSoY0IF1wvvH-oLfG_yYeTmg&code_challenge_method=S256&redirect_uri=https://portaleclienti.edenred.it/&response_mode=web_message&nonce=3qio6v48moa&scope=openid%20offline_access&language=en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.194.202 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

0cc3239bc88028924194d7364b491812239240feb67f0fff8313a66d959bf7ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://client-portal.it.edenred.io/v1/dxl/dmn-authentication-service/connect/authorize?client_id=diu12yd8&response_type=code&state=&code_challenge=rhfPpb33JiITkds12voFSoY0IF1wvvH-oLfG_yYeTmg&code_challenge_method=S256&redirect_uri=https://portaleclienti.edenred.it/&response_mode=web_message&nonce=3qio6v48moa&scope=openid%20offline_access&language=en
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 29 Apr 2024 09:27:40 GMT
content-encoding: gzip
x-correlation-id: b9415180060a11ef8b9002ae4a9a37b5
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Via: 1.1 fra1-bit12010
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=UTF-8
Connection: keep-alive
Content-Length: 69636
X-XSS-Protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 2 KB
968 B 92ms
35ms Stylesheet
text/css 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

11f0f33f9711ca7551b10cdff821a5c9b8ab7d74055c1d84adf61708991774a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://client-portal.it.edenred.io/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Apr 2024 09:27:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Apr 2024 08:14:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Apr 2024 09:27:39 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ 15 KB
15 KB 87ms
26ms Font
font/woff2 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f3.1e100.net

Software

sffe /

Resource Hash

4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://client-portal.it.edenred.io
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 11:56:46 GMT
x-content-type-options: nosniff
age: 423054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14940
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:46:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Apr 2025 11:56:46 GMT

GET
H2 200 nJtZxnJgEfzESHUQZo4Wgp0Y5RrdhZ08l3sXrKOUBloEH2Oy2igkE4wQQcmUqy6STmw
play-lh.googleusercontent.com/ 15 KB
15 KB 165ms
28ms Other
image/png 216.58.212.150
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play-lh.googleusercontent.com/nJtZxnJgEfzESHUQZo4Wgp0Y5RrdhZ08l3sXrKOUBloEH2Oy2igkE4wQQcmUqy6STmw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.150 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f150.1e100.net

Software

fife /

Resource Hash

4989e400a48b4ea0bca8044674fc516d6f8ab03a291b0e8451efbf7afc93640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://client-portal.it.edenred.io/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:18:42 GMT
x-content-type-options: nosniff
age: 7738
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15174
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 30 Apr 2024 07:18:42 GMT

POST
H2 200 bf Show response
bf36808mmh.bf.dynatrace.com/ 205 B
486 B 165ms
52ms Fetch
text/plain 54.246.36.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bf36808mmh.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_-2D24_sn_LKJ9QI034EHUPD0BJMC2FB6NMLNHHLCQ&svrid=-24&flavor=cors&vi=GCMNAPHLHKEUPKSAHKKDMMVWUALRRJHC-0&modifiedSince=1713377900363&rf=https%3A%2F%2Fclient-portal.it.edenred.io%2Fv1%2Fdxl%2Fdmn-authentication-service%2Fconnect%2Fauthorize%3Fclient_id%3Ddiu12yd8%26response_type%3Dcode%26state%3D%26code_challenge%3DrhfPpb33JiITkds12voFSoY0IF1wvvH-oLfG_yYeTmg%26code_challenge_method%3DS256%26redirect_uri%3Dhttps%3A%2F%2Fportaleclienti.edenred.it%2F%26response_mode%3Dweb_message%26nonce%3D3qio6v48moa%26scope%3Dopenid%2520offline_access%26language%3Den&bp=3&app=b55752ed05ff63f1&crc=1612074561&en=tk1difg2&end=1
Requested by: Host: client-portal.it.edenred.io
URL: https://client-portal.it.edenred.io/v1/dxl/dmn-authentication-service/ruxitagentjs_A7NVfqrux_10287240325103108.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.36.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-36-46.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 15b4af8e2ac06103ee966125998576e676e1279d01ec58651da595fe8311f5dc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://client-portal.it.edenred.io/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://client-portal.it.edenred.io
x-oneagent-js-injection: true
date: Mon, 29 Apr 2024 09:27:41 GMT
cache-control: no-cache
content-length: 205
content-type: text/plain;charset=utf-8

POST
H2 200 bf Show response
bf36808mmh.bf.dynatrace.com/ 205 B
485 B 52ms
51ms Fetch
text/plain 54.246.36.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bf36808mmh.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_19_sn_LKJ9QI034EHUPD0BJMC2FB6NMLNHHLCQ_app-3Ab55752ed05ff63f1_1_ol_0_perc_100000_mul_1&svrid=19&flavor=cors&vi=GCMNAPHLHKEUPKSAHKKDMMVWUALRRJHC-0&modifiedSince=1713377900363&rf=https%3A%2F%2Fclient-portal.it.edenred.io%2Fv1%2Fdxl%2Fdmn-authentication-service%2Fconnect%2Fauthorize%3Fclient_id%3Ddiu12yd8%26response_type%3Dcode%26state%3D%26code_challenge%3DrhfPpb33JiITkds12voFSoY0IF1wvvH-oLfG_yYeTmg%26code_challenge_method%3DS256%26redirect_uri%3Dhttps%3A%2F%2Fportaleclienti.edenred.it%2F%26response_mode%3Dweb_message%26nonce%3D3qio6v48moa%26scope%3Dopenid%2520offline_access%26language%3Den&bp=3&app=b55752ed05ff63f1&crc=4226204034&en=tk1difg2&end=1
Requested by: Host: client-portal.it.edenred.io
URL: https://client-portal.it.edenred.io/v1/dxl/dmn-authentication-service/ruxitagentjs_A7NVfqrux_10287240325103108.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.36.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-36-46.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 15b4af8e2ac06103ee966125998576e676e1279d01ec58651da595fe8311f5dc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://client-portal.it.edenred.io/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://client-portal.it.edenred.io
x-oneagent-js-injection: true
date: Mon, 29 Apr 2024 09:27:43 GMT
cache-control: no-cache
content-length: 205
content-type: text/plain;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/148709fdc4b/bf36808mmh/356cb8e71193fcee_complete.js

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.edenred.it/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_21_sn_A9085CA1FAC9D448814922A3FBFAE895_perc_100000_ol_0_mul_1_app-3A1db9e5275acf2ca3_0
portaleclienti.edenred.it/	1969-12-31 23:59:59	Name: BIGipServer~P009~P009-eit-portclnt-prod-PL Value: !yOdoIRbRK4t8kqLQJiu4IU2l98lZyNzFWt35KyaOwVBvTH9AFGVUcXmMy258l2j60Xg4XVtpC9tx1Vghq6Xj274ngXzeaANffVwJJoT5f2U=
.edenred.it/	1969-12-31 23:59:59	Name: TS017fe4b3 Value: 015b3bbaa3eef1e00ceb4128c5d737d6c94b9d325c4b54e3f19cf5131a2ffe947c4b8eb344cea6cb548e3c57adeef44298c6f992dd
portaleclienti.edenred.it/	1969-12-31 23:59:59	Name: TS0182d1e7 Value: 01534397ab7129ed9f565a876344227f4fb93d1acf30aa024a5653b982efcd97de8da1d9b104dd9ee33936ab0623d67cc57de5c58d
.edenred.it/	1969-12-31 23:59:59	Name: TS01fe1619 Value: 01534397ab7129ed9f565a876344227f4fb93d1acf30aa024a5653b982efcd97de8da1d9b104dd9ee33936ab0623d67cc57de5c58d
portaleclienti.edenred.it/	1969-12-31 23:59:59	Name: TS0103234d Value: 015b3bbaa382844da334578d93226fb521bd3cb2419a645e963f94f02524b5502576ef0254e0b0b1e26e08d0d2a9717e92004a6965
portaleclienti.edenred.it/	1969-12-31 23:59:59	Name: TS0f3a5bf2027 Value: 080ff14bc2ab2000f4fd0bf952b58ecabbecee8d9659e5be31c0f360e3366f59cfc243ea2037bc8308a2d977cc113000dbf4a2a58aa6c86157e82787deceb12549d418d9e601f68d6e44b525b9792e1da7655a543e6855abde5e33425e2e133a
.edenred.io/	1969-12-31 23:59:59	Name: rxVisitor Value: 17143828598712I4U37VN2EI784AA82AFU590US18DU0V
client-portal.it.edenred.io/	1969-12-31 23:59:59	Name: TS04041e90027 Value: 08e18e4351ab20004db97259d557e57e26ef3b677873a4875dab4be93e2c56db3f6d7324981dea3308398c43a81130005ff44c4c1570196b68bbe6714b0abbe853281fb44da9573684a9bbf2b5002038b07981d3ee977c0b2f7caf98888e94ae
.edenred.io/	1969-12-31 23:59:59	Name: dtSa Value: -
.edenred.io/	1969-12-31 23:59:59	Name: rxvt Value: 1714384660111\|1714382859872
.edenred.io/	1969-12-31 23:59:59	Name: dtPC Value: -24$182859869_658h-vGCMNAPHLHKEUPKSAHKKDMMVWUALRRJHC-0e0
.edenred.io/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_19_sn_LKJ9QI034EHUPD0BJMC2FB6NMLNHHLCQ_app-3Ab55752ed05ff63f1_1_ol_0_perc_100000_mul_1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://client-portal.it.edenred.io/v1/dxl/dmn-authentication-service/connect/authorize?client_id=diu12yd8&response_type=code&state=&code_challenge=rhfPpb33JiITkds12voFSoY0IF1wvvH-oLfG_yYeTmg&code_challenge_method=S256&redirect_uri=https://portaleclienti.edenred.it/&response_mode=web_message&nonce=3qio6v48moa&scope=openid%20offline_access&language=en Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bf36808mmh.bf.dynatrace.com
client-portal.it.edenred.io
eitdxlcustomerpstorep-cdn.azureedge.net
eitdxlcustomerpstorep.z6.web.core.windows.net
fonts.googleapis.com
fonts.gstatic.com
js-cdn.dynatrace.com
maps.googleapis.com
play-lh.googleusercontent.com
portaleclienti.edenred.it
js-cdn.dynatrace.com
107.162.174.20
107.162.194.202
13.107.213.45
142.250.185.138
20.150.42.225
216.58.212.138
216.58.212.150
216.58.212.163
54.246.36.46
0cc3239bc88028924194d7364b491812239240feb67f0fff8313a66d959bf7ea
11f0f33f9711ca7551b10cdff821a5c9b8ab7d74055c1d84adf61708991774a4
15b4af8e2ac06103ee966125998576e676e1279d01ec58651da595fe8311f5dc
4989e400a48b4ea0bca8044674fc516d6f8ab03a291b0e8451efbf7afc93640d
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
5588624aacaba6fc6a19a621e41cd8c19cc2b2035e29791b2a921183c7700de3
5aed7bb9b47f1eb0a2261f648d3093a129942ce13f63499dea044bf2cc25e433
61e3b006db9d2e83f978d78d759e7d88f82591db567a2253b6c4accf6c80650b
857b9a66036d7824e861722530f0fdc44018dcbf41558dc24c1a79b5e44097c8
9f6757facc7e65b7b661080ff9739ed7b1ce0d1ef94f9de8a0c3772e09074da7
b170b718ab2bbd831dddfb24bb6716d671225f545ee10aaf0bbbc59754cfcada
bdb0703e3a9d441f411b81695011d0f471cfdd905e8128559bcd6fd9cf05d150
e1d47dc1fa18bd1033a1d4368262785a921a2cd26f2f0b43f781e6e9e6f6fde1

client-portal.it.edenred.io Open in urlscan Pro 107.162.194.202 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

95 %HTTPS

0 %IPv6

8 Domains

10 Subdomains

10 IPs

3 Countries

4460 kBTransfer

38953 kBSize

13 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

13 Cookies

1 Console Messages

Security Headers

Indicators

client-portal.it.edenred.io Open in urlscan Pro
107.162.194.202 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

95 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

10
IPs

3
Countries

4460 kB
Transfer

38953 kB
Size

13
Cookies

20 HTTP transactions
0 data transactions