urlscan.io logo urlscan.io
SecurityTrails logo

fm.mybenefit.pl Open in urlscan Pro
185.184.112.65  Public Scan

Go To Rescan Add Verdict Report
URL: https://fm.mybenefit.pl/r/h7r1db2z4t/7neq7vbiu7/
Submission: On November 02 via api from US — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 16 HTTP transactions. The main IP is 185.184.112.65, located in Poland and belongs to FRESHMAIL-, PL. The main domain is fm.mybenefit.pl.
TLS certificate: Issued by R3 on October 19th 2023. Valid for: 3 months.
This is the only time fm.mybenefit.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 185.184.112.65 206417 (FRESHMAIL-)
11 18.244.140.109 16509 (AMAZON-02)
1 142.250.186.164 15169 (GOOGLE)
1 142.250.181.227 15169 (GOOGLE)
1 151.101.66.137 54113 (FASTLY)
1 162.247.243.29 54113 (FASTLY)
16 6
1    185.184.112.65 (Poland)

ASN206417 (FRESHMAIL-, PL)
fm.mybenefit.pl
11    18.244.140.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-140-109.lhr50.r.cloudfront.net
d2651x052v6uoq.cloudfront.net
1    142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net
www.google.com
1    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
www.gstatic.com
1    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.243.29 (United States)

ASN54113 (FASTLY, US)
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
11 cloudfront.net
d2651x052v6uoq.cloudfront.net
391 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 225
405 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 562
16 KB
1 gstatic.com
www.gstatic.com
189 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 mybenefit.pl
fm.mybenefit.pl
684 KB
16 6
Domain Requested by
11 d2651x052v6uoq.cloudfront.net fm.mybenefit.pl
d2651x052v6uoq.cloudfront.net
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com fm.mybenefit.pl
1 www.gstatic.com www.google.com
1 www.google.com fm.mybenefit.pl
1 fm.mybenefit.pl
16 6

This site contains links to these domains. Also see Links.

Domain
app.freshmail.com
freshmail.pl
Subject Issuer Validity Valid
fm.mybenefit.pl
R3		 2023-10-19 -
2024-01-17		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://fm.mybenefit.pl/r/h7r1db2z4t/7neq7vbiu7/
Frame ID: 301CD1B8EB6A6A6FB12C099424914177
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Freshmailfm-msg-okfm-menu-addfm-user-blockfm-launchfm-blockedfm-close-badgefm-ok-badgefm-question-badgefm-questionfm-questionfm-user-questionfm-setup-topfm-setup-leftfm-helpfm-boxmodelfm-lock2fm-backgroundfm-codefm-pdffm-lock-historyfm-lock-refreshfm-play-fillfm-icon-pausefm-keysfm-msgfm-worldfm-markerfm-dashboardfm-clockfm-downloadfm-uploadfm-usersfm-paymentfm-hiddenfm-okfm-userfm-communicationfm-help2fm-closefm-alert-danger-infofm-visiblefm-settingsfm-domainfm-undofm-linkfm-raportsfm-filesfm-libraryfm-wizardfm-alertfm-mobilefm-boxfm-logofm-searchfm-clipfm-menufm-tilesfm-networkfm-editfm-blank-filesfm-folderfm-datafm-data2fm-schedulefm-starfm-smallerfm-heartfm-edit-blockedfm-happyfm-unhappyfm-big-dotfm-blankfm-playfm-play2fm-subscribersfm-arrowsfm-user-infofm-switchfm-lockfm-precentagefm-dotsfm-refreshfm-boardsfm-small-dotfm-statsfm-stats2fm-abfm-phonefm-shieldfm-cloud-lockfm-logo-badgefm-arrow-rightfm-arrow-leftfm-arrow-bottomfm-arrow-topfm-addfm-cloud-exchangefm-targetfm-all-okfm-folder-addfm-msg-infinitifm-users-infinitifm-msg-sendfm-msg-openfm-loaderfm-msg-inboxfm-msg-forwardfm-msg-blockfm-msg-ok2fm-msg-transparentfm-msg-listfm-msg-userfm-subscribers-okfm-payment-timefm-msg-refreshfm-msg-infiniti2fm-msg-paymentfm-monsterfm-msg-communicationfm-clickfm-spinnerfm-spinnerfm-calendarfm-day-timefm-add-listfm-existing-listfm-import-from-other-appfm-add-manualyfm-spam-testsfm-code-inspectorfm-on-given-datefm-fastest-as-possiblefm-inbox-testfm-goalfm-day-nighticon-fm-emptyicon-fm-switch-dottedicon-fm-csvicon-fm-xlsicon-fm-pdficon-fm-html-layouticon-fm-authotities-1icon-fm-authotities-2icon-fm-authotities-3icon-fm-authotities-4icon-fm-authotities-5icon-fm-authotities-6icon-fm-aimicon-fm-list-viewicon-fm-safariicon-fm-chromeicon-fm-ieicon-fm-edgeicon-fm-firefoxicon-fm-operaicon-fm-braveicon-fm-stickericon-fm-barcodeicon-fm-quarantine-listicon-fm-risky-listicon-fm-riskfm_icons_146icon-fm-unsubscribeicon-fm-unsubscribe1icon-fm-unsubscribe2icon-fm-unsubscribe4fm-table-fullmodefm-table-partmodeicon-fm-bookicon-fm-list-viewfm-small-tilesfm-tilesfm-dotsfm-transactionalfm-transactional-2fm-webinar-meetingfm-webinar-salefm-webinar-trainingfm-webinar-meetingfm-webinar-interfacefm-webinar-comunicationfm-webinar-functionfm-te-sumaryfm-te-logsfm-te-statsfm-te-configurationfm-warningfm-arrow-circle-upicon-fm-exclamationicon-fm-undo2icon-fm-redoicon-fm-visible2icon-fm-gridicon-fm-pictureicon-fm-fullscreenicon-fm-keyboardicon-fm-checkedfm-refetchfm-email-removefm-email-validicon-fm-notificationicon-fm-avataricon-fm-dropdown-paymenticon-fm-agreementicon-fm-dropdown-historyicon-fm-dropdown-settingsicon-fm-logouticon-fm-reloginicon-fm-dropdown-editicon-fm-arrow-left2icon-fm-arrow-right2icon-more-infoicon-plusicon-fm-line-rodoicon-fm-developer-rodoicon-fm-line-welcomeicon-fm-friends-welcomeicon-fm-migration-successicon-open-in-new-windowicon-fm-banner-envelopeicon-fm-banner-warningicon-fm-banner-infoicon-fm-small-arrow-upicon-fm-arrow-back-pageicon-fm-successicon-fm-erroricon-fm-popup-closeicon-fm-alert-closeicon-fm-binicon-fm-copyicon-fm-popup-infoicon-fm-smartphoneicon-fm-edit-newicon-fm-checkicon-fm-declinebill-iconmailer-lite-logoicon-fm-big-arrowfm-banner-integrateicon-fm-two-peopleicon-fm-check-2icon-migration-recipientsfm-photo-enterprise-plfm-photo-enterprise-enfm-icon-reloadfm-polish-flagfm-black-friday-photo

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

1282 kB
Transfer

1998 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
fm.mybenefit.pl/r/h7r1db2z4t/7neq7vbiu7/ 		684 KB
684 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fm.mybenefit.pl/r/h7r1db2z4t/7neq7vbiu7/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.184.112.65 , Poland, ASN206417 (FRESHMAIL-, PL),
Reverse DNS
Software
/
Resource Hash
826e9432b032054db45ef8970747f79940e8e07c98d3beb14b8033199c6dc985

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Thu, 02 Nov 2023 16:41:49 GMT
system_msg.css
d2651x052v6uoq.cloudfront.net/media/dist/css/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2651x052v6uoq.cloudfront.net/media/dist/css/system_msg.css?v=23.22.15.prod
Requested by
Host: fm.mybenefit.pl
URL: https://fm.mybenefit.pl/r/h7r1db2z4t/7neq7vbiu7/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.244.140.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-140-109.lhr50.r.cloudfront.net
Software
/
Resource Hash
e9a1c5ef502ad51fbb501679a4abfd411ddfcdb6ca70aa932ad9c76466a1647d

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://fm.mybenefit.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 06:11:37 GMT
Content-Encoding
gzip
Via
1.1 fe8ffcde643dbda86100370ce22ba26a.cloudfront.net (CloudFront)
Last-Modified
Tue, 31 Oct 2023 12:51:39 GMT
X-Amz-Cf-Pop
LHR50-P7
Age
37812
ETag
W/"35ff-609029d9a8cc0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Cache
Hit from cloudfront
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Id
mGEqmF7C7v4a3nGTuuN2tAXl-6Eq6Qil3RBLuM-PbkYO-Ax8PpPykQ==
jquery-3.3.1.min.js
d2651x052v6uoq.cloudfront.net/media/vendor/jquery/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2651x052v6uoq.cloudfront.net/media/vendor/jquery/jquery-3.3.1.min.js?v=23.22.15.prod
Requested by
Host: fm.mybenefit.pl
URL: https://fm.mybenefit.pl/r/h7r1db2z4t/7neq7vbiu7/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.244.140.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-140-109.lhr50.r.cloudfront.net
Software
/
Resource Hash
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://fm.mybenefit.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 09:39:02 GMT
Content-Encoding
gzip
Via
1.1 ff29478875e81c359f37e63f1a4370c0.cloudfront.net (CloudFront)
Last-Modified
Tue, 31 Oct 2023 12:41:16 GMT
X-Amz-Cf-Pop
LHR50-P7
Age
25367
ETag
W/"1538e-6090278785300"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
private
Connection
keep-alive
X-Amz-Cf-Id
v58mmnA3cho1uT9W5fKqkUkh6B_jJXMArZ3nCK4nDWj7wxuIdx_sbw==
bootstrap.2.3.2.min.js
d2651x052v6uoq.cloudfront.net/media/vendor/bootstrap/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2651x052v6uoq.cloudfront.net/media/vendor/bootstrap/bootstrap.2.3.2.min.js?v=23.22.15.prod
Requested by
Host: fm.mybenefit.pl
URL: https://fm.mybenefit.pl/r/h7r1db2z4t/7neq7vbiu7/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.244.140.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-140-109.lhr50.r.cloudfront.net
Software
/
Resource Hash
72c823657e4d2bd2385f6c8cd4704b19844c8e867b70948ca8c19edad99a7cd1

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://fm.mybenefit.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 06:11:37 GMT
Content-Encoding
gzip
Via
1.1 e0389dce33f3ab76770520feb1331814.cloudfront.net (CloudFront)
Last-Modified
Tue, 31 Oct 2023 12:41:15 GMT
X-Amz-Cf-Pop
LHR50-P7
Age
37812
ETag
W/"70de-60902786910c0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
private
Connection
keep-alive
X-Amz-Cf-Id
73g3O_55REY9xSKXur7P1i7-fRJd_hwh-qbFeGxdFFOxYWK2mnK2zw==
uniform.min.js
d2651x052v6uoq.cloudfront.net/media/freshmail/vendor/uniform/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2651x052v6uoq.cloudfront.net/media/freshmail/vendor/uniform/uniform.min.js?v=23.22.15.prod
Requested by
Host: fm.mybenefit.pl
URL: https://fm.mybenefit.pl/r/h7r1db2z4t/7neq7vbiu7/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.244.140.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-140-109.lhr50.r.cloudfront.net
Software
/
Resource Hash
4951d1cc1330c9e8bcfba1cc492b108587932e95b73be35399487975a0757322

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://fm.mybenefit.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 09:39:02 GMT
Content-Encoding
gzip
Via
1.1 3d8e500d44b557879a1086daf1dc3aaa.cloudfront.net (CloudFront)
Last-Modified
Tue, 31 Oct 2023 12:41:15 GMT
X-Amz-Cf-Pop
LHR50-P7
Age
25367
ETag
W/"2501-60902786910c0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
private
Connection
keep-alive
X-Amz-Cf-Id
y6NLo7rGSMe5gy6-GocHGFkY8qCV9AThKI1bhyXWtZMouqSbmUbjhw==
systemMsg.js
d2651x052v6uoq.cloudfront.net/media/freshmail/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2651x052v6uoq.cloudfront.net/media/freshmail/systemMsg.js?v=23.22.15.prod
Requested by
Host: fm.mybenefit.pl
URL: https://fm.mybenefit.pl/r/h7r1db2z4t/7neq7vbiu7/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.244.140.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-140-109.lhr50.r.cloudfront.net
Software
/
Resource Hash
866bef61580ee3e879bdd2c225e0e8b8b1972d620ad6f615b6c48da2c30a40b6

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://fm.mybenefit.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 06:11:37 GMT
Content-Encoding
gzip
Via
1.1 759d447e04dad48878f29ac5fabe9524.cloudfront.net (CloudFront)
Last-Modified
Tue, 31 Oct 2023 12:41:15 GMT
X-Amz-Cf-Pop
LHR50-P7
Age
37812
ETag
W/"699-60902786910c0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
private
Connection
keep-alive
X-Amz-Cf-Id
1vVwHykR0FhK3iQx9MaT7h7UZ7MmMikp4H8xvGcQm5x9XGkguB37SA==
uniform.css
d2651x052v6uoq.cloudfront.net/media/dist/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2651x052v6uoq.cloudfront.net/media/dist/css/uniform.css?v=23.22.15.prod
Requested by
Host: fm.mybenefit.pl
URL: https://fm.mybenefit.pl/r/h7r1db2z4t/7neq7vbiu7/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.244.140.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-140-109.lhr50.r.cloudfront.net
Software
/
Resource Hash
c7e376e4c2a3b88253e8818b95ec119d1e2c3a24cf39c7986d48f8c78aabd38b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://fm.mybenefit.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 06:11:37 GMT
Content-Encoding
gzip
Via
1.1 f64124e7852b3c2ecb7a2c8c2f2f678c.cloudfront.net (CloudFront)
Last-Modified
Tue, 31 Oct 2023 12:51:39 GMT
X-Amz-Cf-Pop
LHR50-P7
Age
37812
ETag
W/"195a-609029d9a8cc0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Cache
Hit from cloudfront
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Id
G8JorJyBG2NXU8F91lUkobcDzt7IVUfwGdKauUQsmnhNF-htw1CcDQ==
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: fm.mybenefit.pl
URL: https://fm.mybenefit.pl/r/h7r1db2z4t/7neq7vbiu7/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
e9ede2e8441ae47b876d9cf365896d12f14ff901b3efd0b8ec92f5b5530b0e7e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://fm.mybenefit.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 16:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 02 Nov 2023 16:41:49 GMT
doklejka_fm.png
d2651x052v6uoq.cloudfront.net/media/assets/img/doklejki/pl/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2651x052v6uoq.cloudfront.net/media/assets/img/doklejki/pl/doklejka_fm.png?v=23.22.15.prod
Requested by
Host: fm.mybenefit.pl
URL: https://fm.mybenefit.pl/r/h7r1db2z4t/7neq7vbiu7/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.244.140.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-140-109.lhr50.r.cloudfront.net
Software
/
Resource Hash
66538649d15f97474ffe0bfbe1c1c90aa8074a5591374babe293e9a3e9dd8579

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://fm.mybenefit.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 06:47:31 GMT
Via
1.1 f64124e7852b3c2ecb7a2c8c2f2f678c.cloudfront.net (CloudFront)
Last-Modified
Tue, 31 Oct 2023 12:41:14 GMT
X-Amz-Cf-Pop
LHR50-P7
Age
35658
ETag
"2067-609027859ce80"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
image/png
access-control-allow-origin
*
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8295
X-Amz-Cf-Id
xrcgTQ73kQdOk7YoWT4xmlI6lCeWIs3-nx8lN1HKVOuvfA875wPblQ==
recaptcha__pl.js
www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/ 		471 KB
189 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__pl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
373ba904d5e75ce20e2d0fdb52edbfdfe6f3426f4bb9729e8f25501f02378b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fm.mybenefit.pl/
Origin
https://fm.mybenefit.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 16:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
260434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
193232
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 02:02:02 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 29 Oct 2024 16:21:15 GMT
content_background.png
d2651x052v6uoq.cloudfront.net/media/assets/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2651x052v6uoq.cloudfront.net/media/assets/img/content_background.png
Requested by
Host: d2651x052v6uoq.cloudfront.net
URL: https://d2651x052v6uoq.cloudfront.net/media/dist/css/system_msg.css?v=23.22.15.prod
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.244.140.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-140-109.lhr50.r.cloudfront.net
Software
/
Resource Hash
4abdefa316b4e20df7236e92b1a1125b151ba7eb6197a9298136db5a7c6c5f0e

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://d2651x052v6uoq.cloudfront.net/media/dist/css/system_msg.css?v=23.22.15.prod
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 06:39:34 GMT
Via
1.1 ff29478875e81c359f37e63f1a4370c0.cloudfront.net (CloudFront)
Last-Modified
Tue, 31 Oct 2023 12:41:14 GMT
X-Amz-Cf-Pop
LHR50-P7
Age
36135
ETag
"7a7-609027859ce80"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
image/png
access-control-allow-origin
*
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1959
X-Amz-Cf-Id
nk_dYwyiGfBDuKSYoydNQ40RYAtaJYvoLoRgFwoJQkYPdS1-oeHBuw==
Inter-Regular.ttf
d2651x052v6uoq.cloudfront.net/media/assets/fonts/Inter/ 		303 KB
144 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2651x052v6uoq.cloudfront.net/media/assets/fonts/Inter/Inter-Regular.ttf
Requested by
Host: d2651x052v6uoq.cloudfront.net
URL: https://d2651x052v6uoq.cloudfront.net/media/dist/css/system_msg.css?v=23.22.15.prod
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.244.140.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-140-109.lhr50.r.cloudfront.net
Software
/
Resource Hash
41ab0f707a2bfab8133ccdfcdab52282f5f79e5751f43a264805451c7bb95fb8

Request headers

Referer
https://d2651x052v6uoq.cloudfront.net/media/dist/css/system_msg.css?v=23.22.15.prod
Origin
https://fm.mybenefit.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 16:41:50 GMT
Content-Encoding
gzip
Via
1.1 7f1ff02ff9f33e872e2d07dd88a77f78.cloudfront.net (CloudFront)
Last-Modified
Tue, 31 Oct 2023 12:41:14 GMT
X-Amz-Cf-Pop
LHR50-P7
ETag
W/"4ba44-609027859ce80"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/font-sfnt
access-control-allow-origin
*
X-Cache
Miss from cloudfront
Cache-Control
private
Connection
keep-alive
X-Amz-Cf-Id
kSAJvWpIqBS-ht6YYzaudx2wj9hAke5rUT4w_FUMmwcmIeCFj_H3KA==
Inter-Medium.ttf
d2651x052v6uoq.cloudfront.net/media/assets/fonts/Inter/ 		307 KB
154 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2651x052v6uoq.cloudfront.net/media/assets/fonts/Inter/Inter-Medium.ttf
Requested by
Host: d2651x052v6uoq.cloudfront.net
URL: https://d2651x052v6uoq.cloudfront.net/media/dist/css/system_msg.css?v=23.22.15.prod
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.244.140.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-140-109.lhr50.r.cloudfront.net
Software
/
Resource Hash
10d48331f5b3c7362ca357b00c17ac4863ad35199b13b0eceb0962c8c1ad7dc9

Request headers

Referer
https://d2651x052v6uoq.cloudfront.net/media/dist/css/system_msg.css?v=23.22.15.prod
Origin
https://fm.mybenefit.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 16:41:50 GMT
Content-Encoding
gzip
Via
1.1 643f3a19739b50ef1fffa170c9395e24.cloudfront.net (CloudFront)
Last-Modified
Tue, 31 Oct 2023 12:41:14 GMT
X-Amz-Cf-Pop
LHR50-P7
ETag
W/"4cd58-609027859ce80"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/font-sfnt
access-control-allow-origin
*
X-Cache
Miss from cloudfront
Cache-Control
private
Connection
keep-alive
X-Amz-Cf-Id
g44GgA63j9yJK-MlvJcWpF8iyXAscO1QNzKZP3J6G3EZBWve6QUFsA==
sprite.png
d2651x052v6uoq.cloudfront.net/media/assets/img/uniform/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2651x052v6uoq.cloudfront.net/media/assets/img/uniform/sprite.png
Requested by
Host: d2651x052v6uoq.cloudfront.net
URL: https://d2651x052v6uoq.cloudfront.net/media/dist/css/uniform.css?v=23.22.15.prod
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.244.140.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-140-109.lhr50.r.cloudfront.net
Software
/
Resource Hash
9b943ace547699f9900b7d19afaa1ae94775a7ca183c1ad77e54c1554e3442e3

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://d2651x052v6uoq.cloudfront.net/media/dist/css/uniform.css?v=23.22.15.prod
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 07:38:34 GMT
Via
1.1 f64124e7852b3c2ecb7a2c8c2f2f678c.cloudfront.net (CloudFront)
Last-Modified
Tue, 31 Oct 2023 12:41:14 GMT
X-Amz-Cf-Pop
LHR50-P7
Age
32594
ETag
"8872-609027859ce80"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
image/png
access-control-allow-origin
*
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34930
X-Amz-Cf-Id
cQRPnE-ilHeTk40eOq3JhXX7T1IwtZGtbyqP_nUIhsuqwwY540w8xg==
nr-rum-1.246.1.min.js
js-agent.newrelic.com/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-rum-1.246.1.min.js
Requested by
Host: fm.mybenefit.pl
URL: https://fm.mybenefit.pl/r/h7r1db2z4t/7neq7vbiu7/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef19e3064e5fd9e046a6f4661949e2c7b1c7862f5269ac227ab08b8f63da87fe
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://fm.mybenefit.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
RDDAwCkVSpQHx6hy0l8q2dFgVzGGMuQC
content-encoding
br
via
1.1 varnish
date
Thu, 02 Nov 2023 16:41:50 GMT
strict-transport-security
max-age=300
x-amz-request-id
DFZWV2Z0W8SVTMQ4
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
15673
x-amz-id-2
Y1o02ngYS9GSyYMTnZfNaLkZYF2Ng5U3OSMDbFJSoDOKwl98j5i58Sjtuv4hjeJbfl3Ks/nLW3I=
x-served-by
cache-fra-eddf8230075-FRA
last-modified
Tue, 31 Oct 2023 15:33:55 GMT
server
AmazonS3
x-timer
S1698943310.432905,VS0,VE0
etag
"04fdba12d14ecd22e6ac743bca4e0072"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
69142
3575ffbad0
bam.nr-data.net/1/ 		40 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/3575ffbad0?a=1061157021&v=1.246.1&to=bwEDYhADW0QAUk1ZC1ZLIkMRFlpaTldUBFQXAgxpFQdZVA5cXA%3D%3D&rst=1246&ck=0&s=d65b68dba8ee5e18&ref=https://fm.mybenefit.pl/r/h7r1db2z4t/7neq7vbiu7/&ap=90&be=225&fe=852&dc=380&at=Q0YAFFgZSEo%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1698943309242,%22n%22:0,%22f%22:0,%22dn%22:32,%22dne%22:32,%22c%22:32,%22s%22:63,%22ce%22:102,%22rq%22:102,%22rp%22:225,%22rpe%22:386,%22di%22:604,%22ds%22:604,%22de%22:605,%22dc%22:1073,%22l%22:1073,%22le%22:1077%7D,%22navigation%22:%7B%7D%7D&fp=627&fcp=627
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-rum-1.246.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ed59ee4d04819c48c1bb60b3ef6928c621cd5cd86d7103957de3eebba9910b0d

Request headers

Referer
https://fm.mybenefit.pl/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 02 Nov 2023 16:41:50 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/plain
access-control-allow-origin
https://fm.mybenefit.pl
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
40
x-served-by
cache-fra-eddf8230112-FRA

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| NREUM object| webpackChunk:NRBA-1.246.1.PROD object| newrelic function| $ function| jQuery object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha

2 Cookies

Domain/Path Name / Value
fm.mybenefit.pl/ Name: freshsession
Value: nml9kbtl4614b4h4ssmiijb5sn
fm.mybenefit.pl/ Name: SERVERID
Value: s2