URL: https://support.wfirma.pl/
Submission: On August 18 via automatic, source certstream-suspicious

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 46.248.189.163, located in Gdansk, Poland and belongs to IQPL-AS, PL. The main domain is support.wfirma.pl.
TLS certificate: Issued by R3 on August 18th 2021. Valid for: 3 months.
This is the only time support.wfirma.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 46.248.189.163 47544 (IQPL-AS)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
14 4
Apex Domain
Subdomains
Transfer
8 wfirma.pl
support.wfirma.pl
429 KB
5 google.com
apis.google.com
accounts.google.com
69 KB
1 gstatic.com
ssl.gstatic.com
40 KB
14 3
Domain Requested by
8 support.wfirma.pl support.wfirma.pl
3 apis.google.com support.wfirma.pl
apis.google.com
2 accounts.google.com apis.google.com
ssl.gstatic.com
1 ssl.gstatic.com accounts.google.com
14 4

This site contains links to these domains. Also see Links.

Domain
wfirma.pl
pomoc.wfirma.pl
forum.wfirma.pl
Subject Issuer Validity Valid
support.wfirma.pl
R3
2021-08-18 -
2021-11-16
3 months crt.sh
*.google.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
accounts.google.com
GTS CA 1O1
2021-07-12 -
2021-10-04
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh

This page contains 2 frames:

Primary Page: https://support.wfirma.pl/
Frame ID: 8BFAA0E331704F3BCD1E0C738648C712
Requests: 11 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 8499A4400E96FE75C85AB94C4608E46D
Requests: 3 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/tiny_?mce(?:\.min)?\.js/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /apis\.google\.com\/js\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

14
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

538 kB
Transfer

1585 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
support.wfirma.pl/
3 KB
2 KB
Document
General
Full URL
https://support.wfirma.pl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.248.189.163 Gdansk, Poland, ASN47544 (IQPL-AS, PL),
Reverse DNS
iprev46-248-189-163.wins.pl
Software
Apache /
Resource Hash
f2738e9afcac5d009b79a7daf8ebcf83a94b60e705bad3596a2baf6e531066ac
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
support.wfirma.pl
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 01:22:38 GMT
Server
Apache
Set-Cookie
PIECEOFCAKEPHP_SUPPORT=71604cf6d39ad61fdc482dc437f4606d; path=/; domain=.support.wfirma.pl; HttpOnly PIECEOFCAKEPHP_SUPPORT=25df795553bfcff3966de58cf3fe890e; path=/; domain=.support.wfirma.pl; HttpOnly
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate, no-store
Pragma
no-cache
Last-Modified
Wed, 18 Aug 2021 01:22:38 GMT
X-UA-Compatible
IE=edge
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1129
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=utf-8
app.css
support.wfirma.pl/
253 KB
43 KB
Stylesheet
General
Full URL
https://support.wfirma.pl/app.css?1513683981
Requested by
Host: support.wfirma.pl
URL: https://support.wfirma.pl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.248.189.163 Gdansk, Poland, ASN47544 (IQPL-AS, PL),
Reverse DNS
iprev46-248-189-163.wins.pl
Software
Apache /
Resource Hash
5b337321c055aa6579105e9e7306092a857de0e59c0f9cd6145adc0e76760e7a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
support.wfirma.pl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://support.wfirma.pl/
Cookie
PIECEOFCAKEPHP_SUPPORT=25df795553bfcff3966de58cf3fe890e
Connection
keep-alive
Referer
https://support.wfirma.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 01:22:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Dec 2017 11:46:21 GMT
Server
Apache
ETag
"3f2e6-560b00407c732-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
43314
app.js
support.wfirma.pl/
539 KB
152 KB
Script
General
Full URL
https://support.wfirma.pl/app.js?1513683987
Requested by
Host: support.wfirma.pl
URL: https://support.wfirma.pl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.248.189.163 Gdansk, Poland, ASN47544 (IQPL-AS, PL),
Reverse DNS
iprev46-248-189-163.wins.pl
Software
Apache /
Resource Hash
e66e206e404b4060985c06d88ef8ba572534e952124dd65a1a10b439e7afef89

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
support.wfirma.pl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://support.wfirma.pl/
Cookie
PIECEOFCAKEPHP_SUPPORT=25df795553bfcff3966de58cf3fe890e
Connection
keep-alive
Referer
https://support.wfirma.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 01:22:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Dec 2017 11:46:27 GMT
Server
Apache
ETag
"86a0f-560b004624b95-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
tinymce.min.js
support.wfirma.pl/assets/3rd_party/tinymce/
376 KB
127 KB
Script
General
Full URL
https://support.wfirma.pl/assets/3rd_party/tinymce/tinymce.min.js
Requested by
Host: support.wfirma.pl
URL: https://support.wfirma.pl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.248.189.163 Gdansk, Poland, ASN47544 (IQPL-AS, PL),
Reverse DNS
iprev46-248-189-163.wins.pl
Software
Apache /
Resource Hash
02e49d109a4e1853eca8f64a65fdcb7a8d042ae08ec802026357f0a7c8e2c307

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
support.wfirma.pl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://support.wfirma.pl/
Cookie
PIECEOFCAKEPHP_SUPPORT=25df795553bfcff3966de58cf3fe890e
Connection
keep-alive
Referer
https://support.wfirma.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 01:22:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 May 2017 01:29:33 GMT
Server
Apache
ETag
"5e039-54f0d49b0c553-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
jquery.tinymce.min.js
support.wfirma.pl/assets/3rd_party/tinymce/
4 KB
2 KB
Script
General
Full URL
https://support.wfirma.pl/assets/3rd_party/tinymce/jquery.tinymce.min.js
Requested by
Host: support.wfirma.pl
URL: https://support.wfirma.pl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.248.189.163 Gdansk, Poland, ASN47544 (IQPL-AS, PL),
Reverse DNS
iprev46-248-189-163.wins.pl
Software
Apache /
Resource Hash
25a8e75933731c9705a552a125e18cd6815c282ba16a00fe8bf064e5d1a57068

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
support.wfirma.pl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://support.wfirma.pl/
Cookie
PIECEOFCAKEPHP_SUPPORT=25df795553bfcff3966de58cf3fe890e
Connection
keep-alive
Referer
https://support.wfirma.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 01:22:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 May 2017 01:29:33 GMT
Server
Apache
ETag
"e07-54f0d49b057f2-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1568
platform.js
apis.google.com/js/
54 KB
21 KB
Script
General
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: support.wfirma.pl
URL: https://support.wfirma.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7c0d08933537eec00050d60f0955e4088385a35bcb115e7d9d8fe9016cb17b2c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tUrHfDscW5HJgrVl260GJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://support.wfirma.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 01:22:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"30d1d2919676634bf2aebe648f84c2ce"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-tUrHfDscW5HJgrVl260GJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Wed, 18 Aug 2021 01:22:38 GMT
fontawesome-webfont.woff2
support.wfirma.pl/assets/font-awesome/fonts/
70 KB
71 KB
Font
General
Full URL
https://support.wfirma.pl/assets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: support.wfirma.pl
URL: https://support.wfirma.pl/app.css?1513683981
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.248.189.163 Gdansk, Poland, ASN47544 (IQPL-AS, PL),
Reverse DNS
iprev46-248-189-163.wins.pl
Software
Apache /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://support.wfirma.pl
Accept-Encoding
gzip, deflate, br
Host
support.wfirma.pl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://support.wfirma.pl/app.css?1513683981
Cookie
PIECEOFCAKEPHP_SUPPORT=25df795553bfcff3966de58cf3fe890e
Connection
keep-alive
Origin
https://support.wfirma.pl
Referer
https://support.wfirma.pl/app.css?1513683981
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 01:22:38 GMT
Last-Modified
Tue, 09 May 2017 01:29:33 GMT
Server
Apache
ETag
"118d8-54f0d49b12313"
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
71896
Expires
Thu, 18 Aug 2022 01:22:38 GMT
OpenSans-Regular-webfont.woff
support.wfirma.pl/wf/fonts/
16 KB
16 KB
Font
General
Full URL
https://support.wfirma.pl/wf/fonts/OpenSans-Regular-webfont.woff
Requested by
Host: support.wfirma.pl
URL: https://support.wfirma.pl/app.css?1513683981
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.248.189.163 Gdansk, Poland, ASN47544 (IQPL-AS, PL),
Reverse DNS
iprev46-248-189-163.wins.pl
Software
Apache /
Resource Hash
1b3e5eb82d5d57bd3011689278f7d5f098e2da45f036080124c26e63d4aa9e38

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://support.wfirma.pl
Accept-Encoding
gzip, deflate, br
Host
support.wfirma.pl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://support.wfirma.pl/app.css?1513683981
Cookie
PIECEOFCAKEPHP_SUPPORT=25df795553bfcff3966de58cf3fe890e
Connection
keep-alive
Origin
https://support.wfirma.pl
Referer
https://support.wfirma.pl/app.css?1513683981
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 01:22:38 GMT
Last-Modified
Tue, 09 May 2017 01:29:33 GMT
Server
Apache
ETag
"4070-54f0d49b1afb4"
Content-Type
application/font-woff
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
16496
Expires
Thu, 18 Aug 2022 01:22:38 GMT
OpenSans-Semibold-webfont.woff
support.wfirma.pl/wf/fonts/
16 KB
17 KB
Font
General
Full URL
https://support.wfirma.pl/wf/fonts/OpenSans-Semibold-webfont.woff
Requested by
Host: support.wfirma.pl
URL: https://support.wfirma.pl/app.css?1513683981
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.248.189.163 Gdansk, Poland, ASN47544 (IQPL-AS, PL),
Reverse DNS
iprev46-248-189-163.wins.pl
Software
Apache /
Resource Hash
3b564abd54197cc8b36a10ff839cd53c9e5000602bd6eac1430b727ddbb54fdf

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://support.wfirma.pl
Accept-Encoding
gzip, deflate, br
Host
support.wfirma.pl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://support.wfirma.pl/app.css?1513683981
Cookie
PIECEOFCAKEPHP_SUPPORT=25df795553bfcff3966de58cf3fe890e
Connection
keep-alive
Origin
https://support.wfirma.pl
Referer
https://support.wfirma.pl/app.css?1513683981
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 01:22:38 GMT
Last-Modified
Tue, 09 May 2017 01:29:33 GMT
Server
Apache
ETag
"4118-54f0d49b1bf54"
Content-Type
application/font-woff
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
16664
Expires
Thu, 18 Aug 2022 01:22:38 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/
103 KB
34 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_0?le=ili,ipu
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a8dbc111ec4272a34fae97aa7a2dcd6f99cfb9b3067dcac29abc892912b6ab9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://support.wfirma.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 20:44:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
189510
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35063
x-xss-protection
0
last-modified
Wed, 07 Jul 2021 13:43:54 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 Aug 2022 20:44:08 GMT
iframe
accounts.google.com/o/oauth2/ Frame 8499
513 B
923 B
Document
General
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_0?le=ili,ipu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2b51f6bc32abd3c737491eed580e89b2ca107b7c116998bec28975c5203e8782
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kOPEufdWm7OhT9dJhBJ4gA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://support.wfirma.pl/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=221=G6AdOuQKOhXpXdc1e8Mop2OoJSnLa14xwYQJ1-aty8mss6DfCIdw8ZUN0possNEBVWA4s73-w4nBSkOh4_-0M8RKBGJH95l5jvHGaGSIrrex79ShMX8xF3QlkbQ0f8xaMw2fuklutzEjPDvFLpGLT-zIxOAvccX9bpSxtae02XY
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://support.wfirma.pl/

Response headers

content-type
text/html; charset=utf-8
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 18 Aug 2021 01:22:38 GMT
content-language
en-US
content-security-policy
script-src 'report-sample' 'nonce-kOPEufdWm7OhT9dJhBJ4gA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=signin2/exm=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/
35 KB
12 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=signin2/exm=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_1?le=ili,ipu
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
573199cc0464f4543df43a3ee467ad8d9d31010ac4054d11817b6f8c98ea88bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://support.wfirma.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 16:15:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
551217
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12643
x-xss-protection
0
last-modified
Wed, 07 Jul 2021 13:43:54 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 11 Aug 2022 16:15:41 GMT
1510909502-idpiframe.js
ssl.gstatic.com/accounts/o/ Frame 8499
116 KB
40 KB
Script
General
Full URL
https://ssl.gstatic.com/accounts/o/1510909502-idpiframe.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5abcddb702dd8ad37ea713c701a8f2fca352c6c82d5ddd021f84e7826e51f54e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 21:06:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101760
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40511
x-xss-protection
0
last-modified
Fri, 13 Aug 2021 02:24:41 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 Aug 2022 21:06:38 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame 8499
14 B
58 B
XHR
General
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fsupport.wfirma.pl&client_id=881518597344-780k9ptt0k7i0m11vg55pf7m7o0ssag3.apps.googleusercontent.com
Requested by
Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/1510909502-idpiframe.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With
XmlHttpRequest

Response headers

date
Wed, 18 Aug 2021 01:22:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Wed, 18 Aug 2021 02:22:38 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| _typeof function| $ function| jQuery function| _alert function| countersReload number| mce-data-1fdbdkpav object| tinyMCE object| tinymce object| gapi object| ___jsl object| osapi

3 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 221=G6AdOuQKOhXpXdc1e8Mop2OoJSnLa14xwYQJ1-aty8mss6DfCIdw8ZUN0possNEBVWA4s73-w4nBSkOh4_-0M8RKBGJH95l5jvHGaGSIrrex79ShMX8xF3QlkbQ0f8xaMw2fuklutzEjPDvFLpGLT-zIxOAvccX9bpSxtae02XY
.support.wfirma.pl/ Name: G_ENABLED_IDPS
Value: google
.support.wfirma.pl/ Name: PIECEOFCAKEPHP_SUPPORT
Value: 25df795553bfcff3966de58cf3fe890e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN