urlscan.io logo urlscan.io
SecurityTrails logo

login.mybenefit.pl Open in urlscan Pro
18.66.147.47  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://shell.active.mybenefit.pl/
Effective URL: https://login.mybenefit.pl/auth/realms/cafeteria_system/protocol/openid-connect/auth?scope=openid&state=769455d7794af92db59...
Submission: On September 11 via manual from PL — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 22 HTTP transactions. The main IP is 18.66.147.47, located in United States and belongs to AMAZON-02, US. The main domain is login.mybenefit.pl.
TLS certificate: Issued by Amazon RSA 2048 M03 on August 18th 2023. Valid for: a year.
This is the only time login.mybenefit.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 34.250.130.214 16509 (AMAZON-02)
4 18.66.147.47 16509 (AMAZON-02)
3 142.250.186.68 15169 (GOOGLE)
3 13.32.99.123 16509 (AMAZON-02)
1 142.250.184.234 15169 (GOOGLE)
1 142.250.186.168 15169 (GOOGLE)
4 142.250.181.227 15169 (GOOGLE)
5 142.250.185.227 15169 (GOOGLE)
1 109.232.242.151 60968 (BENEFIT-S...)
22 8
2    34.250.130.214 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-130-214.eu-west-1.compute.amazonaws.com
shell.active.mybenefit.pl
4    18.66.147.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-47.fra60.r.cloudfront.net
login.mybenefit.pl
3    142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net
www.google.com
3    13.32.99.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-123.fra60.r.cloudfront.net
sdk.privacy-center.org
1    142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net
fonts.googleapis.com
1    142.250.186.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net
www.googletagmanager.com
4    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
www.gstatic.com
5    142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net
fonts.gstatic.com
1    109.232.242.151 (Warsaw, Poland)

ASN60968 (BENEFIT-SYSTEM, PL)
www.benefitsystems.pl
Apex Domain
Subdomains		 Transfer
9 gstatic.com
www.gstatic.com
fonts.gstatic.com
486 KB
6 mybenefit.pl
shell.active.mybenefit.pl
login.mybenefit.pl
223 KB
3 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 6359
144 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
30 KB
1 benefitsystems.pl
www.benefitsystems.pl
54 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
79 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 58
1 KB
22 7
Domain Requested by
5 fonts.gstatic.com fonts.googleapis.com
www.google.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 login.mybenefit.pl login.mybenefit.pl
3 sdk.privacy-center.org login.mybenefit.pl
sdk.privacy-center.org
3 www.google.com login.mybenefit.pl
www.gstatic.com
www.google.com
2 shell.active.mybenefit.pl 2 redirects
1 www.benefitsystems.pl login.mybenefit.pl
1 www.googletagmanager.com login.mybenefit.pl
1 fonts.googleapis.com login.mybenefit.pl
22 9

This site contains links to these domains. Also see Links.

Domain
www.benefitsystems.pl
kafeteria.mybenefit.pl
Subject Issuer Validity Valid
login.mybenefit.pl
Amazon RSA 2048 M03		 2023-08-18 -
2024-09-15		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.privacy-center.org
Amazon RSA 2048 M02		 2023-03-25 -
2024-04-22		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.benefitsystems.pl
Certyfikat SSL		 2023-07-24 -
2024-07-21		 a year crt.sh

This page contains 2 frames:

Primary Page: https://login.mybenefit.pl/auth/realms/cafeteria_system/protocol/openid-connect/auth?scope=openid&state=769455d7794af92db59bc5704ada4550&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2Fshell.active.mybenefit.pl%2Fkeycloak%2Fconnect%2Fcheck&client_id=myb_active
Frame ID: 18ADF4D54FFE295BEBC174EF118739D8
Requests: 14 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc4MJInAAAAAGsQUmOlI9VbMfSdWBn6scFU4Ruc&co=aHR0cHM6Ly9sb2dpbi5teWJlbmVmaXQucGw6NDQz&hl=pl&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=726gf1nx9ozs
Frame ID: 7AC0064C22D1ABA943E9CD2B03DA05E3
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Zaloguj siÄ™ do Mybenefit

Page URL History Show full URLs

  1. https://shell.active.mybenefit.pl/ HTTP 302
    https://shell.active.mybenefit.pl/keycloak/connect HTTP 302
    https://login.mybenefit.pl/auth/realms/cafeteria_system/protocol/openid-connect/auth?scope=openid&state... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

22
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

8
IPs

3
Countries

1016 kB
Transfer

2772 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://shell.active.mybenefit.pl/ HTTP 302
    https://shell.active.mybenefit.pl/keycloak/connect HTTP 302
    https://login.mybenefit.pl/auth/realms/cafeteria_system/protocol/openid-connect/auth?scope=openid&state=769455d7794af92db59bc5704ada4550&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2Fshell.active.mybenefit.pl%2Fkeycloak%2Fconnect%2Fcheck&client_id=myb_active Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request auth
login.mybenefit.pl/auth/realms/cafeteria_system/protocol/openid-connect/
Redirect Chain
  • https://shell.active.mybenefit.pl/
  • https://shell.active.mybenefit.pl/keycloak/connect
  • https://login.mybenefit.pl/auth/realms/cafeteria_system/protocol/openid-connect/auth?scope=openid&state=769455d7794af92db59bc5704ada4550&response_type=code&approval_prompt=auto&redirect_uri=https%3...
9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.mybenefit.pl/auth/realms/cafeteria_system/protocol/openid-connect/auth?scope=openid&state=769455d7794af92db59bc5704ada4550&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2Fshell.active.mybenefit.pl%2Fkeycloak%2Fconnect%2Fcheck&client_id=myb_active
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-47.fra60.r.cloudfront.net
Software
/
Resource Hash
ef6def22a27c5eaddf3b9c92275ed97da630c88aa2ffc2cc255d84b947cd295b
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https://www.google.com; frame-ancestors 'self' https://*.mybenefit.pl; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://www.google.com
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

cache-control
no-store, must-revalidate, max-age=0
content-language
pl
content-security-policy
frame-src 'self' https://www.google.com; frame-ancestors 'self' https://*.mybenefit.pl; object-src 'none';
content-type
text/html;charset=utf-8
date
Mon, 11 Sep 2023 08:41:40 GMT
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
x-amz-cf-id
crCC-jYvhPiBDT6ZBlMyRrZKh7-sEfE2Pk0D8c8MfgQYpv-1NWxpMQ==
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
ALLOW-FROM https://www.google.com
x-robots-tag
none
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
max-age=0, must-revalidate, private
Connection
keep-alive
Content-Length
1442
Content-Type
text/html; charset=UTF-8
Date
Mon, 11 Sep 2023 08:41:40 GMT
Expires
Mon, 11 Sep 2023 08:41:40 GMT
Location
https://login.mybenefit.pl/auth/realms/cafeteria_system/protocol/openid-connect/auth?scope=openid&state=769455d7794af92db59bc5704ada4550&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2Fshell.active.mybenefit.pl%2Fkeycloak%2Fconnect%2Fcheck&client_id=myb_active
X-Powered-By
PHP/7.4.30
login.css
login.mybenefit.pl/auth/resources/xtp8n/login/mybenefit/65e4858a/ 		38 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.mybenefit.pl/auth/resources/xtp8n/login/mybenefit/65e4858a/login.css
Requested by
Host: login.mybenefit.pl
URL: https://login.mybenefit.pl/auth/realms/cafeteria_system/protocol/openid-connect/auth?scope=openid&state=769455d7794af92db59bc5704ada4550&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2Fshell.active.mybenefit.pl%2Fkeycloak%2Fconnect%2Fcheck&client_id=myb_active
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-47.fra60.r.cloudfront.net
Software
/
Resource Hash
11a410e6ae8df5ac14f49bf7a49c78415702ab9c2bd683b99a2d7d55fd10c588
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 08:41:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/css;charset=UTF-8
cache-control
max-age=2592000
x-amz-cf-id
OUyineHIThnU4ls-NusxBc5OXQq250v309H10-wQUE5fwnT_tmGYUQ==
x-xss-protection
1; mode=block
login.js
login.mybenefit.pl/auth/resources/xtp8n/login/mybenefit/65e4858a/ 		685 KB
200 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.mybenefit.pl/auth/resources/xtp8n/login/mybenefit/65e4858a/login.js
Requested by
Host: login.mybenefit.pl
URL: https://login.mybenefit.pl/auth/realms/cafeteria_system/protocol/openid-connect/auth?scope=openid&state=769455d7794af92db59bc5704ada4550&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2Fshell.active.mybenefit.pl%2Fkeycloak%2Fconnect%2Fcheck&client_id=myb_active
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-47.fra60.r.cloudfront.net
Software
/
Resource Hash
37a94fc8a82ad14985a42efbfd5cc2da74a417b1abbab9ad53feebcaa8393eb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 08:41:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
max-age=2592000
x-amz-cf-id
zKNeIVmQaBCPxh95sCKqmUSBeXjhpzihmnq_dNLNGPDamXbheBwPIg==
x-xss-protection
1; mode=block
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=pl&render=6Lc4MJInAAAAAGsQUmOlI9VbMfSdWBn6scFU4Ruc
Requested by
Host: login.mybenefit.pl
URL: https://login.mybenefit.pl/auth/realms/cafeteria_system/protocol/openid-connect/auth?scope=openid&state=769455d7794af92db59bc5704ada4550&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2Fshell.active.mybenefit.pl%2Fkeycloak%2Fconnect%2Fcheck&client_id=myb_active
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
e784b12189796746b4f1a6e108de0b3e5ad2622a80d9e078c46ec7f12f204a7c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 08:41:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
862
x-xss-protection
1; mode=block
expires
Mon, 11 Sep 2023 08:41:41 GMT
loader.js
sdk.privacy-center.org/bf226e0f-8b65-4a01-bdb1-0e0c29c4bf20/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/bf226e0f-8b65-4a01-bdb1-0e0c29c4bf20/loader.js?target=login.mybenefit.pl
Requested by
Host: login.mybenefit.pl
URL: https://login.mybenefit.pl/auth/realms/cafeteria_system/protocol/openid-connect/auth?scope=openid&state=769455d7794af92db59bc5704ada4550&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2Fshell.active.mybenefit.pl%2Fkeycloak%2Fconnect%2Fcheck&client_id=myb_active
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-123.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
49ab1d0a41de646f36a2355826d7aad3206143ba7babf156cbc9f39cd6031453

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 06:54:02 GMT
content-encoding
gzip
x-didomi-remote-config-metadata
multiReg:true;legacyGlobalGdpr:true
x-didomi-remote-config-source
Lambda
via
1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P3
age
6459
etag
"193962791cd865f3c9d5c001bf5a27b7"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200, public
content-length
5277
x-amz-cf-id
jcyF43EF7xYvAuuXSXBXlRAe0luXU6PatQMAOjPQ1w9j9wp1ZxbFSw==
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Mulish:wght@400;700;800;900&display=swap
Requested by
Host: login.mybenefit.pl
URL: https://login.mybenefit.pl/auth/resources/xtp8n/login/mybenefit/65e4858a/login.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
053a12701ca13497533f408b8dc4c234cbdd02169cc7b763ad04fede35af541a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 11 Sep 2023 08:41:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 08:38:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Sep 2023 08:41:41 GMT
gtm.js
www.googletagmanager.com/ 		264 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MQTT37N
Requested by
Host: login.mybenefit.pl
URL: https://login.mybenefit.pl/auth/realms/cafeteria_system/protocol/openid-connect/auth?scope=openid&state=769455d7794af92db59bc5704ada4550&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2Fshell.active.mybenefit.pl%2Fkeycloak%2Fconnect%2Fcheck&client_id=myb_active
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
65b20392e63953cbcdbaa5d0616cbaf308cf35973ef0505564234355ceedbd56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 08:41:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80936
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 11 Sep 2023 08:41:41 GMT
recaptcha__pl.js
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ 		455 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__pl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=pl&render=6Lc4MJInAAAAAGsQUmOlI9VbMfSdWBn6scFU4Ruc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
ea7b83cc244ed6f83881cd02ee4e79eff8b24adfd5da9791e412d52303d5193c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://login.mybenefit.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 05:47:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
356031
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
186741
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Sep 2024 05:47:50 GMT
sdk.a55f6b821dd824b653f96b71c35c0f5c3394b0bf.js
sdk.privacy-center.org/sdk/a55f6b821dd824b653f96b71c35c0f5c3394b0bf/modern/ 		336 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/a55f6b821dd824b653f96b71c35c0f5c3394b0bf/modern/sdk.a55f6b821dd824b653f96b71c35c0f5c3394b0bf.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/bf226e0f-8b65-4a01-bdb1-0e0c29c4bf20/loader.js?target=login.mybenefit.pl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-123.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99fbefd2c923ba2cf7377704879e5b7128c88cd1fcc9fe01e695de7cfc142527

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:51:30 GMT
content-encoding
gzip
via
1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
last-modified
Thu, 07 Sep 2023 04:51:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
359412
etag
W/"68045cd1adb71eaf29049023e3069304-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
k6RRzruim32y3Asmrv25TbeQjSuK76o9qsA5qWuhIOjimuQtV_n-Sw==
ui-gdpr-en-web.a55f6b821dd824b653f96b71c35c0f5c3394b0bf.js
sdk.privacy-center.org/sdk/a55f6b821dd824b653f96b71c35c0f5c3394b0bf/modern/ 		249 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/a55f6b821dd824b653f96b71c35c0f5c3394b0bf/modern/ui-gdpr-en-web.a55f6b821dd824b653f96b71c35c0f5c3394b0bf.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/a55f6b821dd824b653f96b71c35c0f5c3394b0bf/modern/sdk.a55f6b821dd824b653f96b71c35c0f5c3394b0bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-123.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
499d00967a2dc7070b8dc210bc75f188d73e90f95c691b7f0bcf8b8b844a6d1a

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:52:13 GMT
content-encoding
gzip
via
1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
last-modified
Thu, 07 Sep 2023 04:51:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
359369
etag
W/"4f930f77b00ed1c46bc2a8052f028c0b-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
4Kt1bHEB-AWcrmjo5Yuj4TvVFLDbd6TvLS5bF3SC6jI4mAhJeZ9ASA==
anchor
www.google.com/recaptcha/api2/ Frame 7AC0 		51 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc4MJInAAAAAGsQUmOlI9VbMfSdWBn6scFU4Ruc&co=aHR0cHM6Ly9sb2dpbi5teWJlbmVmaXQucGw6NDQz&hl=pl&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=726gf1nx9ozs
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__pl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
e8c8e4e09eaf95e3f04db9fe880c1f8145940fb9de99d8b59658f884d8e0d1f8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GVY83E_-2yhArwNNIYuAbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
28698
content-security-policy
script-src 'report-sample' 'nonce-GVY83E_-2yhArwNNIYuAbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 08:41:42 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mulish:wght@400;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://login.mybenefit.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 08:42:10 GMT
x-content-type-options
nosniff
age
172772
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27428
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Sep 2024 08:42:10 GMT
Benefit_Systems_logo_przezroczyste.png
www.benefitsystems.pl/fileadmin/benefitsystems/logotypy/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.benefitsystems.pl/fileadmin/benefitsystems/logotypy/Benefit_Systems_logo_przezroczyste.png
Requested by
Host: login.mybenefit.pl
URL: https://login.mybenefit.pl/auth/realms/cafeteria_system/protocol/openid-connect/auth?scope=openid&state=769455d7794af92db59bc5704ada4550&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2Fshell.active.mybenefit.pl%2Fkeycloak%2Fconnect%2Fcheck&client_id=myb_active
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.232.242.151 Warsaw, Poland, ASN60968 (BENEFIT-SYSTEM, PL),
Reverse DNS
Software
/
Resource Hash
8797feb858f3c098b4456f7e53ccc1a26b69e82647f6dc754bb8dbe9a1978467
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://bs-dev--dev.lightning.force.com/ https://bs-dev--dev--c.visualforce.com/ https://bs-dev--qa2.lightning.force.com/ https://bs-dev--qa2--c.visualforce.com/ https://bs-qa--test.lightning.force.com/ https://bs-qa--test--c.visualforce.com/ https://benefitsystems-crm--uat.lightning.force.com/ https://benefitsystems-crm--uat--c.visualforce.com/ https://benefitsystems-crm--preprod.lightning.force.com/ https://benefitsystems-crm--preprod--c.visualforce.com/ https://benefitsystems-crm.lightning.force.com/ https://benefitsystems-crm--c.visualforce.com/;
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Mon, 11 Sep 2023 08:41:42 GMT
Content-Security-Policy
frame-ancestors 'self' https://bs-dev--dev.lightning.force.com/ https://bs-dev--dev--c.visualforce.com/ https://bs-dev--qa2.lightning.force.com/ https://bs-dev--qa2--c.visualforce.com/ https://bs-qa--test.lightning.force.com/ https://bs-qa--test--c.visualforce.com/ https://benefitsystems-crm--uat.lightning.force.com/ https://benefitsystems-crm--uat--c.visualforce.com/ https://benefitsystems-crm--preprod.lightning.force.com/ https://benefitsystems-crm--preprod--c.visualforce.com/ https://benefitsystems-crm.lightning.force.com/ https://benefitsystems-crm--c.visualforce.com/;
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=16070400; includeSubDomains
Last-Modified
Tue, 06 Dec 2022 09:08:31 GMT
ETag
"638f068f-d53f"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
54591
X-XSS-Protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 7AC0 		55 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc4MJInAAAAAGsQUmOlI9VbMfSdWBn6scFU4Ruc&co=aHR0cHM6Ly9sb2dpbi5teWJlbmVmaXQucGw6NDQz&hl=pl&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=726gf1nx9ozs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 23:26:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33304
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 09 Sep 2024 23:26:38 GMT
recaptcha__pl.js
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 7AC0 		455 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__pl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc4MJInAAAAAGsQUmOlI9VbMfSdWBn6scFU4Ruc&co=aHR0cHM6Ly9sb2dpbi5teWJlbmVmaXQucGw6NDQz&hl=pl&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=726gf1nx9ozs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
ea7b83cc244ed6f83881cd02ee4e79eff8b24adfd5da9791e412d52303d5193c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 05:47:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
356032
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
186741
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Sep 2024 05:47:50 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7AC0 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 07:44:15 GMT
x-content-type-options
nosniff
age
3447
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 18 Sep 2023 07:44:15 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7AC0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc4MJInAAAAAGsQUmOlI9VbMfSdWBn6scFU4Ruc&co=aHR0cHM6Ly9sb2dpbi5teWJlbmVmaXQucGw6NDQz&hl=pl&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=726gf1nx9ozs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 08:35:58 GMT
x-content-type-options
nosniff
age
173144
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Sep 2024 08:35:58 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7AC0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc4MJInAAAAAGsQUmOlI9VbMfSdWBn6scFU4Ruc&co=aHR0cHM6Ly9sb2dpbi5teWJlbmVmaXQucGw6NDQz&hl=pl&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=726gf1nx9ozs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 17:41:40 GMT
x-content-type-options
nosniff
age
486002
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Sep 2024 17:41:40 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7AC0 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc4MJInAAAAAGsQUmOlI9VbMfSdWBn6scFU4Ruc&co=aHR0cHM6Ly9sb2dpbi5teWJlbmVmaXQucGw6NDQz&hl=pl&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=726gf1nx9ozs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:13:13 GMT
x-content-type-options
nosniff
age
469709
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11936
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Sep 2024 22:13:13 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 7AC0 		102 B
204 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=pl&v=0hCdE87LyjzAkFO5Ff-v7Hj1
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc4MJInAAAAAGsQUmOlI9VbMfSdWBn6scFU4Ruc&co=aHR0cHM6Ly9sb2dpbi5teWJlbmVmaXQucGw6NDQz&hl=pl&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=726gf1nx9ozs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
2a681ff8698b3684971fdf1bdfb88c98967c88fb14aca07523eb862c2950e43c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc4MJInAAAAAGsQUmOlI9VbMfSdWBn6scFU4Ruc&co=aHR0cHM6Ly9sb2dpbi5teWJlbmVmaXQucGw6NDQz&hl=pl&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=726gf1nx9ozs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 08:41:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 11 Sep 2023 08:41:42 GMT
logo.svg
login.mybenefit.pl/auth/resources/xtp8n/login/mybenefit/65e4858a/assets/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.mybenefit.pl/auth/resources/xtp8n/login/mybenefit/65e4858a/assets/logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-47.fra60.r.cloudfront.net
Software
/
Resource Hash
72fe9dfea4ea363bdc4057010438efb1cbdf32089ab54bee31912008f9035d5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 08:41:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
max-age=2592000
content-length
2691
x-xss-protection
1; mode=block
x-amz-cf-id
A_XgWykJjafJB8PNgC_0ZBqwK9uT4O972IIOSiEivhSV9zWYhkTgaQ==
1Ptvg83HX_SGhgqk0QotcqA.woff2
fonts.gstatic.com/s/mulish/v12/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk0QotcqA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mulish:wght@400;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
2bde8ca32e52ee96dc3d6ddd52240b115f3a2ca527c7697899aa21ed9cba3a5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://login.mybenefit.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 19:22:32 GMT
x-content-type-options
nosniff
age
220751
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24316
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:02:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Sep 2024 19:22:32 GMT

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture boolean| gdprAppliesGlobally function| __tcfapi string| KCResourcesPath object| bootstrap object| dataLayer function| _ object| mybkc object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| didomiRemoteConfig string| didomiCountry object| didomiGeoRegulations object| google_tag_manager object| google_tag_data object| webpackChunkDidomi object| Didomi object| didomiOnReady object| didomiEventListeners object| didomiState object| DidomiSanitizing object| recaptcha object| closure_lm_990842

5 Cookies

Domain/Path Name / Value
login.mybenefit.pl/auth/realms/cafeteria_system/ Name: AUTH_SESSION_ID
Value: 4d11089c-301b-411f-956a-6e1d0e87bb0a.pr1-keycloak-1-44663
login.mybenefit.pl/auth/realms/cafeteria_system/ Name: AUTH_SESSION_ID_LEGACY
Value: 4d11089c-301b-411f-956a-6e1d0e87bb0a.pr1-keycloak-1-44663
login.mybenefit.pl/auth/realms/cafeteria_system/ Name: KC_RESTART
Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJkNGRlMmQyMi0xMzI4LTRjZjItYTk2NS01MGZmNjU3MzE0MzkifQ.eyJjaWQiOiJteWJfYWN0aXZlIiwicHR5Ijoib3BlbmlkLWNvbm5lY3QiLCJydXJpIjoiaHR0cHM6Ly9zaGVsbC5hY3RpdmUubXliZW5lZml0LnBsL2tleWNsb2FrL2Nvbm5lY3QvY2hlY2siLCJhY3QiOiJBVVRIRU5USUNBVEUiLCJub3RlcyI6eyJzY29wZSI6Im9wZW5pZCIsImlzcyI6Imh0dHBzOi8vbG9naW4ubXliZW5lZml0LnBsL2F1dGgvcmVhbG1zL2NhZmV0ZXJpYV9zeXN0ZW0iLCJyZXNwb25zZV90eXBlIjoiY29kZSIsImNsaWVudF9yZXF1ZXN0X3BhcmFtX2FwcHJvdmFsX3Byb21wdCI6ImF1dG8iLCJyZWRpcmVjdF91cmkiOiJodHRwczovL3NoZWxsLmFjdGl2ZS5teWJlbmVmaXQucGwva2V5Y2xvYWsvY29ubmVjdC9jaGVjayIsInN0YXRlIjoiNzY5NDU1ZDc3OTRhZjkyZGI1OWJjNTcwNGFkYTQ1NTAifX0.loNOV8ufqiE9AaeKiSAzljEZmGT0l2LmH6zbdZevIis
.active.mybenefit.pl/ Name: mbactive
Value: qmg8607d8h092l9je21tdv76ge
.mybenefit.pl/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMThhODM2NzUtNTViNi02MmI2LWJmMTQtMGY5M2U1NDgwMDI0IiwiY3JlYXRlZCI6IjIwMjMtMDktMTFUMDg6NDE6NDIuMDExWiIsInVwZGF0ZWQiOiIyMDIzLTA5LTExVDA4OjQxOjQyLjAxMVoiLCJ2ZXJzaW9uIjpudWxsfQ==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-src 'self' https://www.google.com; frame-ancestors 'self' https://*.mybenefit.pl; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://www.google.com
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
login.mybenefit.pl
sdk.privacy-center.org
shell.active.mybenefit.pl
www.benefitsystems.pl
www.google.com
www.googletagmanager.com
www.gstatic.com
109.232.242.151
13.32.99.123
142.250.181.227
142.250.184.234
142.250.185.227
142.250.186.168
142.250.186.68
18.66.147.47
34.250.130.214
053a12701ca13497533f408b8dc4c234cbdd02169cc7b763ad04fede35af541a
11a410e6ae8df5ac14f49bf7a49c78415702ab9c2bd683b99a2d7d55fd10c588
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2a681ff8698b3684971fdf1bdfb88c98967c88fb14aca07523eb862c2950e43c
2bde8ca32e52ee96dc3d6ddd52240b115f3a2ca527c7697899aa21ed9cba3a5b
37a94fc8a82ad14985a42efbfd5cc2da74a417b1abbab9ad53feebcaa8393eb8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
499d00967a2dc7070b8dc210bc75f188d73e90f95c691b7f0bcf8b8b844a6d1a
49ab1d0a41de646f36a2355826d7aad3206143ba7babf156cbc9f39cd6031453
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
65b20392e63953cbcdbaa5d0616cbaf308cf35973ef0505564234355ceedbd56
72fe9dfea4ea363bdc4057010438efb1cbdf32089ab54bee31912008f9035d5f
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
8797feb858f3c098b4456f7e53ccc1a26b69e82647f6dc754bb8dbe9a1978467
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
99fbefd2c923ba2cf7377704879e5b7128c88cd1fcc9fe01e695de7cfc142527
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
e784b12189796746b4f1a6e108de0b3e5ad2622a80d9e078c46ec7f12f204a7c
e8c8e4e09eaf95e3f04db9fe880c1f8145940fb9de99d8b59658f884d8e0d1f8
ea7b83cc244ed6f83881cd02ee4e79eff8b24adfd5da9791e412d52303d5193c
ef6def22a27c5eaddf3b9c92275ed97da630c88aa2ffc2cc255d84b947cd295b