login.mybenefit.pl Open in urlscan Pro
18.173.154.96  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request auth Show response login.mybenefit.pl/auth/realms/cafeteria_system/protocol/openid-connect/	9 KB 10 KB	349ms 211ms	Document text/html	18.173.154.96 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://login.mybenefit.pl/auth/realms/cafeteria_system/protocol/openid-connect/auth?client_id=a209abdd9e29a7c6ab01ba0c0a0ee1ec&scope=openid+email+profile+private+MyB_SSO_UID&redirect_uri=https%3A%2F%2Fkafeteria.mybenefit.pl%2Fg4noauth%2Factions%2FReadAuthorizationResponse&response_type=code&state=login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.154.96 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-154-96.muc50.r.cloudfront.net Software / Resource Hash b5a4e9fc43dc1eb5211f1747f6fbb050efb7f77783f6b505a0dc054482d1b86e Security Headers Name Value Content-Security-Policy frame-src 'self' https://www.google.com; frame-ancestors 'self' https://*.mybenefit.pl; object-src 'none'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options ALLOW-FROM https://www.google.com X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language pl-PL,pl;q=0.9 Response headers cache-control no-store, must-revalidate, max-age=0 content-language pl content-security-policy frame-src 'self' https://www.google.com; frame-ancestors 'self' https://*.mybenefit.pl; object-src 'none'; content-type text/html;charset=utf-8 date Mon, 21 Aug 2023 22:34:31 GMT referrer-policy no-referrer strict-transport-security max-age=31536000; includeSubDomains via 1.1 5951b29f5460c0b6d21eb11bce7b8168.cloudfront.net (CloudFront) x-amz-cf-id P9cOndKYDA3v0-DFn54fxKXPGGgTI2-K8B2wQTsvBnf3RYKW33SYZA== x-amz-cf-pop MUC50-P3 x-cache Miss from cloudfront x-content-type-options nosniff x-frame-options ALLOW-FROM https://www.google.com x-robots-tag none x-xss-protection 1; mode=block
GET H2	200	login.css login.mybenefit.pl/auth/resources/xtp8n/login/mybenefit/09694b74/	37 KB 9 KB	178ms 178ms	Stylesheet text/css	18.173.154.96 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://login.mybenefit.pl/auth/resources/xtp8n/login/mybenefit/09694b74/login.css Requested by Host: login.mybenefit.pl URL: https://login.mybenefit.pl/auth/realms/cafeteria_system/protocol/openid-connect/auth?client_id=a209abdd9e29a7c6ab01ba0c0a0ee1ec&scope=openid+email+profile+private+MyB_SSO_UID&redirect_uri=https%3A%2F%2Fkafeteria.mybenefit.pl%2Fg4noauth%2Factions%2FReadAuthorizationResponse&response_type=code&state=login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.154.96 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-154-96.muc50.r.cloudfront.net Software / Resource Hash bc6ff332f85825302d4815c47faf0737cc8599946ff0caadefdb9e4c03f111d6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language pl-PL,pl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 22:34:32 GMT strict-transport-security max-age=31536000; includeSubDomains referrer-policy no-referrer x-content-type-options nosniff content-encoding gzip via 1.1 5951b29f5460c0b6d21eb11bce7b8168.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P3 x-cache Miss from cloudfront content-type text/css;charset=UTF-8 cache-control max-age=2592000 x-amz-cf-id DafDZvOt7VDexoK2lUbUJySSQzMRStKlca6AKu6atS2qTAqFlEJ8yA== x-xss-protection 1; mode=block
GET H2	200	login.js Show response login.mybenefit.pl/auth/resources/xtp8n/login/mybenefit/09694b74/	679 KB 199 KB	219ms 219ms	Script text/javascript	18.173.154.96 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://login.mybenefit.pl/auth/resources/xtp8n/login/mybenefit/09694b74/login.js Requested by Host: login.mybenefit.pl URL: https://login.mybenefit.pl/auth/realms/cafeteria_system/protocol/openid-connect/auth?client_id=a209abdd9e29a7c6ab01ba0c0a0ee1ec&scope=openid+email+profile+private+MyB_SSO_UID&redirect_uri=https%3A%2F%2Fkafeteria.mybenefit.pl%2Fg4noauth%2Factions%2FReadAuthorizationResponse&response_type=code&state=login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.154.96 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-154-96.muc50.r.cloudfront.net Software / Resource Hash 10b9d2ac013be4bbf0f555426cc6de67e0df6422558d2e3ccfb1f6a3cda7e69d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language pl-PL,pl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 22:34:32 GMT strict-transport-security max-age=31536000; includeSubDomains referrer-policy no-referrer x-content-type-options nosniff content-encoding gzip via 1.1 5951b29f5460c0b6d21eb11bce7b8168.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P3 x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 cache-control max-age=2592000 x-amz-cf-id Sth5uEOH-Yy8wR-EUtOEHTcc_Z2WW7gQeWNlXXxZnsUhsXIkYDJBOA== x-xss-protection 1; mode=block
GET H2	200	loader.js Show response sdk.privacy-center.org/bf226e0f-8b65-4a01-bdb1-0e0c29c4bf20/	14 KB 6 KB	198ms 82ms	Script application/javascript	52.222.139.115 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sdk.privacy-center.org/bf226e0f-8b65-4a01-bdb1-0e0c29c4bf20/loader.js?target=login.mybenefit.pl Requested by Host: login.mybenefit.pl URL: https://login.mybenefit.pl/auth/realms/cafeteria_system/protocol/openid-connect/auth?client_id=a209abdd9e29a7c6ab01ba0c0a0ee1ec&scope=openid+email+profile+private+MyB_SSO_UID&redirect_uri=https%3A%2F%2Fkafeteria.mybenefit.pl%2Fg4noauth%2Factions%2FReadAuthorizationResponse&response_type=code&state=login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.139.115 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-139-115.ams50.r.cloudfront.net Software CloudFront / Resource Hash 113ce400fa2f8ee3be832459102044ed83cf3c52672a883f76109a9a0eb83b45 Request headers accept-language pl-PL,pl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 22:34:32 GMT content-encoding gzip x-didomi-remote-config-metadata multiReg:true;legacyGlobalGdpr:true x-didomi-remote-config-source Lambda via 1.1 5345148f0ba8ae3c67b69d035acdbfc4.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop AMS50-C1 age 2115 etag "3bab203b07f85f07fa0f244e626340e8" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 cache-control max-age=7200, public content-length 5326 x-amz-cf-id 5jYTmfLzQRqnDPgkKU-PtgY4W4sBugTThJUd8ca6CbzTmi4GW_IRpQ==
GET H2	200	css2 fonts.googleapis.com/	7 KB 1 KB	150ms 54ms	Stylesheet text/css	172.217.16.138 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Mulish:wght@400;700;800;900&display=swap Requested by Host: login.mybenefit.pl URL: https://login.mybenefit.pl/auth/resources/xtp8n/login/mybenefit/09694b74/login.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.138 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f10.1e100.net Software ESF / Resource Hash 053a12701ca13497533f408b8dc4c234cbdd02169cc7b763ad04fede35af541a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language pl-PL,pl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 21 Aug 2023 22:34:32 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 21 Aug 2023 22:34:32 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 21 Aug 2023 22:34:32 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	259 KB 78 KB	183ms 88ms	Script application/javascript	142.250.186.72 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MQTT37N Requested by Host: login.mybenefit.pl URL: https://login.mybenefit.pl/auth/realms/cafeteria_system/protocol/openid-connect/auth?client_id=a209abdd9e29a7c6ab01ba0c0a0ee1ec&scope=openid+email+profile+private+MyB_SSO_UID&redirect_uri=https%3A%2F%2Fkafeteria.mybenefit.pl%2Fg4noauth%2Factions%2FReadAuthorizationResponse&response_type=code&state=login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.72 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f8.1e100.net Software Google Tag Manager / Resource Hash 9896471d327b870fca024c0657135e2c5af7e683f80fa268669f64eea2e633e0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language pl-PL,pl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 22:34:32 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 79022 x-xss-protection 0 last-modified Mon, 21 Aug 2023 21:53:52 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 21 Aug 2023 22:34:32 GMT
GET H2	200	sdk.20ae1cc979e35c1b42da8b24393d957cb92d0c8a.js Show response sdk.privacy-center.org/sdk/20ae1cc979e35c1b42da8b24393d957cb92d0c8a/modern/	343 KB 89 KB	62ms 62ms	Script application/javascript	52.222.139.115 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sdk.privacy-center.org/sdk/20ae1cc979e35c1b42da8b24393d957cb92d0c8a/modern/sdk.20ae1cc979e35c1b42da8b24393d957cb92d0c8a.js Requested by Host: sdk.privacy-center.org URL: https://sdk.privacy-center.org/bf226e0f-8b65-4a01-bdb1-0e0c29c4bf20/loader.js?target=login.mybenefit.pl Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.139.115 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-139-115.ams50.r.cloudfront.net Software AmazonS3 / Resource Hash 3cca0d980f8059ecbc3443be069869ef74485b2808e500a87aa8de1d5fc19bb3 Request headers accept-language pl-PL,pl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 17:24:50 GMT content-encoding gzip via 1.1 5345148f0ba8ae3c67b69d035acdbfc4.cloudfront.net (CloudFront) last-modified Mon, 21 Aug 2023 17:19:20 GMT server AmazonS3 x-amz-meta-s3cmd-attrs atime:1692637998/ctime:1692637998/gid:0/gname:root/md5:378d4d270d86fa3f45fc264f65034aa5/mode:33188/mtime:1692637998/uid:0/uname:root x-amz-cf-pop AMS50-C1 age 18583 etag W/"378d4d270d86fa3f45fc264f65034aa5" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 x-amz-cf-id ksWG-ttV5fFEEvgYREbMQapRJtrjhhiiHyhjMgkRM0QH4ES01rSY2Q==
GET H2	200	ui-gdpr-en-web.20ae1cc979e35c1b42da8b24393d957cb92d0c8a.js Show response sdk.privacy-center.org/sdk/20ae1cc979e35c1b42da8b24393d957cb92d0c8a/modern/	215 KB 44 KB	54ms 54ms	Script application/javascript	52.222.139.115 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sdk.privacy-center.org/sdk/20ae1cc979e35c1b42da8b24393d957cb92d0c8a/modern/ui-gdpr-en-web.20ae1cc979e35c1b42da8b24393d957cb92d0c8a.js Requested by Host: sdk.privacy-center.org URL: https://sdk.privacy-center.org/sdk/20ae1cc979e35c1b42da8b24393d957cb92d0c8a/modern/sdk.20ae1cc979e35c1b42da8b24393d957cb92d0c8a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.139.115 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-139-115.ams50.r.cloudfront.net Software AmazonS3 / Resource Hash 9f19ff539396d98ad02816a4c84b536b19a8f4b00395e25353e06962ca63aa47 Request headers accept-language pl-PL,pl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 17:25:18 GMT content-encoding gzip via 1.1 5345148f0ba8ae3c67b69d035acdbfc4.cloudfront.net (CloudFront) last-modified Mon, 21 Aug 2023 17:19:34 GMT server AmazonS3 x-amz-meta-s3cmd-attrs atime:1692637998/ctime:1692637998/gid:0/gname:root/md5:4ba807685f82cfdbb639a56d4912205c/mode:33188/mtime:1692637998/uid:0/uname:root x-amz-cf-pop AMS50-C1 age 18555 etag W/"4ba807685f82cfdbb639a56d4912205c" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 x-amz-cf-id 7QlqI1fmBeeSDVilSIGBRPtRU-VOHjurgMALR1ipKlG-Mq36amosHQ==
GET H2	200	1Ptvg83HX_SGhgqk3wot.woff2 fonts.gstatic.com/s/mulish/v12/	27 KB 27 KB	139ms 44ms	Font font/woff2	142.250.181.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Mulish:wght@400;700;800;900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.227 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f3.1e100.net Software sffe / Resource Hash 8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://login.mybenefit.pl accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 08:42:06 GMT x-content-type-options nosniff age 222746 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27428 x-xss-protection 0 last-modified Mon, 11 Jul 2022 18:57:51 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 18 Aug 2024 08:42:06 GMT
GET H/1.1	200 OK	Benefit_Systems_logo_przezroczyste.png www.benefitsystems.pl/fileadmin/benefitsystems/logotypy/	53 KB 54 KB	173ms 39ms	Image image/png	109.232.242.151 BENEFIT-SYSTEM
General Check archive.org Show headers Download Go to Show image Full URL https://www.benefitsystems.pl/fileadmin/benefitsystems/logotypy/Benefit_Systems_logo_przezroczyste.png Requested by Host: login.mybenefit.pl URL: https://login.mybenefit.pl/auth/realms/cafeteria_system/protocol/openid-connect/auth?client_id=a209abdd9e29a7c6ab01ba0c0a0ee1ec&scope=openid+email+profile+private+MyB_SSO_UID&redirect_uri=https%3A%2F%2Fkafeteria.mybenefit.pl%2Fg4noauth%2Factions%2FReadAuthorizationResponse&response_type=code&state=login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.232.242.151 Warsaw, Poland, ASN60968 (BENEFIT-SYSTEM, PL), Reverse DNS Software / Resource Hash 8797feb858f3c098b4456f7e53ccc1a26b69e82647f6dc754bb8dbe9a1978467 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://bs-dev--dev.lightning.force.com/ https://bs-dev--dev--c.visualforce.com/ https://bs-dev--qa2.lightning.force.com/ https://bs-dev--qa2--c.visualforce.com/ https://bs-qa--test.lightning.force.com/ https://bs-qa--test--c.visualforce.com/ https://benefitsystems-crm--uat.lightning.force.com/ https://benefitsystems-crm--uat--c.visualforce.com/ https://benefitsystems-crm--preprod.lightning.force.com/ https://benefitsystems-crm--preprod--c.visualforce.com/ https://benefitsystems-crm.lightning.force.com/ https://benefitsystems-crm--c.visualforce.com/; Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language pl-PL,pl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Mon, 21 Aug 2023 22:34:32 GMT Content-Security-Policy frame-ancestors 'self' https://bs-dev--dev.lightning.force.com/ https://bs-dev--dev--c.visualforce.com/ https://bs-dev--qa2.lightning.force.com/ https://bs-dev--qa2--c.visualforce.com/ https://bs-qa--test.lightning.force.com/ https://bs-qa--test--c.visualforce.com/ https://benefitsystems-crm--uat.lightning.force.com/ https://benefitsystems-crm--uat--c.visualforce.com/ https://benefitsystems-crm--preprod.lightning.force.com/ https://benefitsystems-crm--preprod--c.visualforce.com/ https://benefitsystems-crm.lightning.force.com/ https://benefitsystems-crm--c.visualforce.com/; X-Content-Type-Options nosniff Strict-Transport-Security max-age=16070400; includeSubDomains Last-Modified Tue, 06 Dec 2022 09:08:31 GMT ETag "638f068f-d53f" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 54591 X-XSS-Protection 1; mode=block
GET H2	200	logo.svg login.mybenefit.pl/auth/resources/xtp8n/login/mybenefit/09694b74/assets/	6 KB 3 KB	179ms 178ms	Image image/svg+xml	18.173.154.96 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://login.mybenefit.pl/auth/resources/xtp8n/login/mybenefit/09694b74/assets/logo.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.154.96 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-154-96.muc50.r.cloudfront.net Software / Resource Hash 72fe9dfea4ea363bdc4057010438efb1cbdf32089ab54bee31912008f9035d5f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language pl-PL,pl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 22:34:32 GMT strict-transport-security max-age=31536000; includeSubDomains referrer-policy no-referrer x-content-type-options nosniff content-encoding gzip via 1.1 5951b29f5460c0b6d21eb11bce7b8168.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P3 x-cache Miss from cloudfront content-type image/svg+xml cache-control max-age=2592000 content-length 2691 x-xss-protection 1; mode=block x-amz-cf-id ZfGXgYePlnnGk-EtNKS0YTBidy1Pqq7gFqIMRHFNtilLfZAcVI_1Ow==
GET H2	200	1Ptvg83HX_SGhgqk0QotcqA.woff2 fonts.gstatic.com/s/mulish/v12/	24 KB 24 KB	44ms 44ms	Font font/woff2	142.250.181.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk0QotcqA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Mulish:wght@400;700;800;900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.227 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f3.1e100.net Software sffe / Resource Hash 2bde8ca32e52ee96dc3d6ddd52240b115f3a2ca527c7697899aa21ed9cba3a5b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://login.mybenefit.pl accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Fri, 18 Aug 2023 19:22:25 GMT x-content-type-options nosniff age 270727 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24316 x-xss-protection 0 last-modified Mon, 11 Jul 2022 19:02:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 17 Aug 2024 19:22:25 GMT

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture boolean| gdprAppliesGlobally function| __tcfapi string| KCResourcesPath object| bootstrap object| dataLayer function| _ object| mybkc object| didomiRemoteConfig string| didomiCountry object| didomiGeoRegulations object| webpackChunkDidomi object| Didomi object| didomiOnReady object| didomiEventListeners object| didomiState object| DidomiSanitizing object| google_tag_manager object| google_tag_data

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			login.mybenefit.pl/auth/realms/cafeteria_system/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: 29f081e0-1358-4009-bb05-2ca1a3e73db7.pr1-keycloak-0-42614
			login.mybenefit.pl/auth/realms/cafeteria_system/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID_LEGACY Value: 29f081e0-1358-4009-bb05-2ca1a3e73db7.pr1-keycloak-0-42614
			login.mybenefit.pl/auth/realms/cafeteria_system/	1969-12-31 23:59:59	Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJkNGRlMmQyMi0xMzI4LTRjZjItYTk2NS01MGZmNjU3MzE0MzkifQ.eyJjaWQiOiJhMjA5YWJkZDllMjlhN2M2YWIwMWJhMGMwYTBlZTFlYyIsInB0eSI6Im9wZW5pZC1jb25uZWN0IiwicnVyaSI6Imh0dHBzOi8va2FmZXRlcmlhLm15YmVuZWZpdC5wbC9nNG5vYXV0aC9hY3Rpb25zL1JlYWRBdXRob3JpemF0aW9uUmVzcG9uc2UiLCJhY3QiOiJBVVRIRU5USUNBVEUiLCJub3RlcyI6eyJzY29wZSI6Im9wZW5pZCBlbWFpbCBwcm9maWxlIHByaXZhdGUgTXlCX1NTT19VSUQiLCJpc3MiOiJodHRwczovL2xvZ2luLm15YmVuZWZpdC5wbC9hdXRoL3JlYWxtcy9jYWZldGVyaWFfc3lzdGVtIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUiLCJyZWRpcmVjdF91cmkiOiJodHRwczovL2thZmV0ZXJpYS5teWJlbmVmaXQucGwvZzRub2F1dGgvYWN0aW9ucy9SZWFkQXV0aG9yaXphdGlvblJlc3BvbnNlIiwic3RhdGUiOiJsb2dpbiJ9fQ.LtKhAJvVNOCUzANmMQEBKsdbbCdQgPeQZlb_hq28xkY
			.mybenefit.pl/	1970-01-20 14:54:09	Name: didomi_token Value: eyJ1c2VyX2lkIjoiMThhMWEzYzQtNjYxMC02YTQzLTkzNGEtZGVlMmM4ZWE2NjUyIiwiY3JlYXRlZCI6IjIwMjMtMDgtMjFUMjI6MzQ6MzIuNDQyWiIsInVwZGF0ZWQiOiIyMDIzLTA4LTIxVDIyOjM0OjMyLjQ0MloiLCJ2ZXJzaW9uIjpudWxsfQ==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-src 'self' https://www.google.com; frame-ancestors 'self' https://*.mybenefit.pl; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.google.com
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
login.mybenefit.pl
sdk.privacy-center.org
www.benefitsystems.pl
www.googletagmanager.com
109.232.242.151
142.250.181.227
142.250.186.72
172.217.16.138
18.173.154.96
52.222.139.115
053a12701ca13497533f408b8dc4c234cbdd02169cc7b763ad04fede35af541a
10b9d2ac013be4bbf0f555426cc6de67e0df6422558d2e3ccfb1f6a3cda7e69d
113ce400fa2f8ee3be832459102044ed83cf3c52672a883f76109a9a0eb83b45
2bde8ca32e52ee96dc3d6ddd52240b115f3a2ca527c7697899aa21ed9cba3a5b
3cca0d980f8059ecbc3443be069869ef74485b2808e500a87aa8de1d5fc19bb3
72fe9dfea4ea363bdc4057010438efb1cbdf32089ab54bee31912008f9035d5f
8797feb858f3c098b4456f7e53ccc1a26b69e82647f6dc754bb8dbe9a1978467
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
9896471d327b870fca024c0657135e2c5af7e683f80fa268669f64eea2e633e0
9f19ff539396d98ad02816a4c84b536b19a8f4b00395e25353e06962ca63aa47
b5a4e9fc43dc1eb5211f1747f6fbb050efb7f77783f6b505a0dc054482d1b86e
bc6ff332f85825302d4815c47faf0737cc8599946ff0caadefdb9e4c03f111d6