urlscan.io logo urlscan.io
SecurityTrails logo

188.123.221.120 Open in urlscan Pro
188.123.221.120  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://188.123.221.120/
Effective URL: https://188.123.221.120/web/login
Submission: On April 06 via manual from ES — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 0 domains to perform 13 HTTP transactions. The main IP is 188.123.221.120, located in Gliwice, Poland and belongs to PIRXNET-AS, PL. The main domain is 188.123.221.120.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on September 5th 2023. Valid for: a year.
This is the only time 188.123.221.120 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 188.123.221.120 35434 (PIRXNET-AS)
13 1
Apex Domain
Subdomains		 Transfer
13 0
Domain Requested by
13 0

This site contains no links.

Subject Issuer Validity Valid
*.roca.pl
GeoTrust TLS RSA CA G1		 2023-09-05 -
2024-09-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://188.123.221.120/web/login
Frame ID: 4F121B7FAAFED6B402093685462FE093
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

..: KARO HRMS :..

Page URL History Show full URLs

  1. http://188.123.221.120/ HTTP 307
    https://188.123.221.120/ Page URL
  2. https://188.123.221.120/web/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

1
IPs

1
Countries

375 kB
Transfer

985 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://188.123.221.120/ HTTP 307
    https://188.123.221.120/ Page URL
  2. https://188.123.221.120/web/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://188.123.221.120/ HTTP 307
  • https://188.123.221.120/

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
188.123.221.120/
Redirect Chain
  • http://188.123.221.120/
  • https://188.123.221.120/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://188.123.221.120/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.123.221.120 Gliwice, Poland, ASN35434 (PIRXNET-AS, PL),
Reverse DNS
roca.ip4.gl.digi.pl
Software
nginx /
Resource Hash
fe93c767a560d9437d9432861fe99500f6f8c804d17b550a4650ec6852949d2c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Security-policy
frame-ancestors 'self'
Content-Type
text/html;charset=UTF-8
Date
Sat, 06 Apr 2024 14:14:33 GMT
Expires
0
Internet
YES
Keep-Alive
timeout=20
Last-Modified
Thu, 07 Mar 2024 08:18:12 GMT
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff nosniff
X-Frame-Options
SAMEORIGIN SAMEORIGIN
X-XSS-Protection
1; mode=block 1; mode=block

Redirect headers

Location
https://188.123.221.120/
Non-Authoritative-Reason
HttpsUpgrades
jquery.reject.css
188.123.221.120/theme/_karo_22.2/jReject/css/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://188.123.221.120/theme/_karo_22.2/jReject/css/jquery.reject.css
Requested by
Host: 188.123.221.120
URL: https://188.123.221.120/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.123.221.120 Gliwice, Poland, ASN35434 (PIRXNET-AS, PL),
Reverse DNS
roca.ip4.gl.digi.pl
Software
nginx /
Resource Hash
762092da897dbb953b6e22a9a7ce4457e9d96938d60c0b734a47ee90db175391
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://188.123.221.120/
accept-language
pl-PL,pl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 14:14:33 GMT
Content-Security-policy
frame-ancestors 'self'
X-Content-Type-Options
nosniff, nosniff
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Connection
keep-alive
Content-Length
1970
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Last-Modified
Thu, 07 Mar 2024 08:18:54 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
text/css;charset=UTF-8
Internet
YES
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges
bytes
Keep-Alive
timeout=20
Expires
0
jquery.min.js
188.123.221.120/theme/_karo_22.2/jquery/1.11/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://188.123.221.120/theme/_karo_22.2/jquery/1.11/jquery.min.js
Requested by
Host: 188.123.221.120
URL: https://188.123.221.120/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.123.221.120 Gliwice, Poland, ASN35434 (PIRXNET-AS, PL),
Reverse DNS
roca.ip4.gl.digi.pl
Software
nginx /
Resource Hash
2348ced4712ccbdd78006a5cbf1974dd1f6ea2a7b8e4b781e34ddb8851cd0af4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://188.123.221.120/
accept-language
pl-PL,pl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 14:14:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Content-Security-policy
frame-ancestors 'self'
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Last-Modified
Thu, 07 Mar 2024 08:18:54 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Internet
YES
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges
bytes
Keep-Alive
timeout=20
Expires
0
jquery.reject.js
188.123.221.120/theme/_karo_22.2/jReject/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://188.123.221.120/theme/_karo_22.2/jReject/js/jquery.reject.js
Requested by
Host: 188.123.221.120
URL: https://188.123.221.120/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.123.221.120 Gliwice, Poland, ASN35434 (PIRXNET-AS, PL),
Reverse DNS
roca.ip4.gl.digi.pl
Software
nginx /
Resource Hash
7d66594241c03d6ab4ea5279a6c8754523c651f150f3bf0a996130fd611aedd4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://188.123.221.120/
accept-language
pl-PL,pl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 14:14:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Content-Security-policy
frame-ancestors 'self'
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Last-Modified
Thu, 07 Mar 2024 08:18:54 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Internet
YES
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges
bytes
Keep-Alive
timeout=20
Expires
0
jquery.browser.js
188.123.221.120/theme/_karo_22.2/jReject/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://188.123.221.120/theme/_karo_22.2/jReject/js/jquery.browser.js
Requested by
Host: 188.123.221.120
URL: https://188.123.221.120/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.123.221.120 Gliwice, Poland, ASN35434 (PIRXNET-AS, PL),
Reverse DNS
roca.ip4.gl.digi.pl
Software
nginx /
Resource Hash
d06e78d0ce099d8a471cb4580649c0ea406bed20c2e7b31f7df7ba6a6ec69a1c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://188.123.221.120/
accept-language
pl-PL,pl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 14:14:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Content-Security-policy
frame-ancestors 'self'
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Last-Modified
Thu, 07 Mar 2024 08:18:54 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Internet
YES
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges
bytes
Keep-Alive
timeout=20
Expires
0
Primary Request login
188.123.221.120/web/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://188.123.221.120/web/login
Requested by
Host: 188.123.221.120
URL: https://188.123.221.120/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.123.221.120 Gliwice, Poland, ASN35434 (PIRXNET-AS, PL),
Reverse DNS
roca.ip4.gl.digi.pl
Software
nginx /
Resource Hash
5a625032124657b929d3b27a8d9db34e6ba04658ef67b84ccbd64803baa177fb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://188.123.221.120/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
pl-PL,pl;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache,no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Language
pl
Content-Security-policy
frame-ancestors 'self'
Content-Type
text/html;charset=UTF-8
Date
Sat, 06 Apr 2024 14:14:34 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Internet
YES
Keep-Alive
timeout=20
Pragma
No-cache
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff nosniff
X-Frame-Options
SAMEORIGIN SAMEORIGIN
X-UA-Compatible
IE=edge
X-XSS-Protection
1; mode=block 1; mode=block
vary
accept-encoding
login.css
188.123.221.120/theme/_karo_22.2/resource/ 		296 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://188.123.221.120/theme/_karo_22.2/resource/login.css?1=Powered%20by%20%3Cb%3EKARO%20HRMS%3C/b%3E,%20built%20on%20version%2022.2.19
Requested by
Host: 188.123.221.120
URL: https://188.123.221.120/web/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.123.221.120 Gliwice, Poland, ASN35434 (PIRXNET-AS, PL),
Reverse DNS
roca.ip4.gl.digi.pl
Software
nginx /
Resource Hash
7f3cd65910cdc3e5e26126a427b2f36d4401d21f8f7143bf25aa4e0623eda351
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://188.123.221.120/web/login
accept-language
pl-PL,pl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 14:14:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Content-Security-policy
frame-ancestors 'self'
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Connection
keep-alive
Content-Length
45379
X-XSS-Protection
1; mode=block, 1; mode=block
last-modified
Sun, 31 Mar 2024 02:33:46 GMT
Server
nginx
ETag
"396e2dc4b48666e7b4b083ecb52ec121"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
text/css;charset=UTF-8
Internet
YES
cache-control
public, max-age=315360000
Keep-Alive
timeout=20
expires
Mon, 31 Mar 2025 02:33:46 GMT
js_langs
188.123.221.120/web/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://188.123.221.120/web/js_langs
Requested by
Host: 188.123.221.120
URL: https://188.123.221.120/web/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.123.221.120 Gliwice, Poland, ASN35434 (PIRXNET-AS, PL),
Reverse DNS
roca.ip4.gl.digi.pl
Software
nginx /
Resource Hash
9267075489461e2e38cebad57e48d88545dee8e8a64d44d065ebe6372f2eab91
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://188.123.221.120/web/login
accept-language
pl-PL,pl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 14:14:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Content-Security-policy
frame-ancestors 'self'
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
X-UA-Compatible
IE=edge
Pragma
No-cache
Server
nginx
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Content-Language
pl
Internet
YES
Cache-Control
no-cache,no-store
Keep-Alive
timeout=20
Expires
Thu, 01 Jan 1970 00:00:00 GMT
login.js
188.123.221.120/theme/_karo_22.2/resource/ 		383 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://188.123.221.120/theme/_karo_22.2/resource/login.js?1=Powered%20by%20%3Cb%3EKARO%20HRMS%3C/b%3E,%20built%20on%20version%2022.2.19
Requested by
Host: 188.123.221.120
URL: https://188.123.221.120/web/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.123.221.120 Gliwice, Poland, ASN35434 (PIRXNET-AS, PL),
Reverse DNS
roca.ip4.gl.digi.pl
Software
nginx /
Resource Hash
6284e1fdae8a464ee7d90fc4ac9b138f16a22d0e056cd76c1dd55a8218dac768
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://188.123.221.120/web/login
accept-language
pl-PL,pl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 14:14:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Content-Security-policy
frame-ancestors 'self'
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Connection
keep-alive
Content-Length
109175
X-XSS-Protection
1; mode=block, 1; mode=block
last-modified
Sun, 31 Mar 2024 02:33:46 GMT
Server
nginx
ETag
"94a195b3733a0cc3e3c7d61419d409e7"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
text/javascript;charset=UTF-8
Internet
YES
cache-control
public, max-age=315360000
Keep-Alive
timeout=20
expires
Mon, 31 Mar 2025 02:33:46 GMT
js_langs_plugin
188.123.221.120/web/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://188.123.221.120/web/js_langs_plugin
Requested by
Host: 188.123.221.120
URL: https://188.123.221.120/web/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.123.221.120 Gliwice, Poland, ASN35434 (PIRXNET-AS, PL),
Reverse DNS
roca.ip4.gl.digi.pl
Software
nginx /
Resource Hash
da76ccbee7a2a6267556ea83e15d6efcb5ff4ad69d86e8a444705f383d41183d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://188.123.221.120/web/login
accept-language
pl-PL,pl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 14:14:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Content-Security-policy
frame-ancestors 'self'
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
X-UA-Compatible
IE=edge
Pragma
No-cache
Server
nginx
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Content-Language
pl
Internet
YES
Cache-Control
no-cache,no-store
Keep-Alive
timeout=20
Expires
Thu, 01 Jan 1970 00:00:00 GMT
puzzle.jpg
188.123.221.120/theme/_karo_22.2/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://188.123.221.120/theme/_karo_22.2/images/puzzle.jpg
Requested by
Host: 188.123.221.120
URL: https://188.123.221.120/web/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.123.221.120 Gliwice, Poland, ASN35434 (PIRXNET-AS, PL),
Reverse DNS
roca.ip4.gl.digi.pl
Software
nginx /
Resource Hash
0654f16b521d65444d6f2621c793997590e0c3560fb0d4b6dbfbaceee93539b3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://188.123.221.120/web/login
accept-language
pl-PL,pl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 14:14:34 GMT
Content-Security-policy
frame-ancestors 'self'
X-Content-Type-Options
nosniff, nosniff
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Connection
keep-alive
Content-Length
8473
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Last-Modified
Thu, 07 Mar 2024 08:18:53 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
image/jpeg;charset=UTF-8
Internet
YES
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges
bytes
Keep-Alive
timeout=20
Expires
0
icomoon.woff
188.123.221.120/theme/_karo_22.2/fonts/ 		156 KB
157 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://188.123.221.120/theme/_karo_22.2/fonts/icomoon.woff
Requested by
Host: 188.123.221.120
URL: https://188.123.221.120/theme/_karo_22.2/resource/login.css?1=Powered%20by%20%3Cb%3EKARO%20HRMS%3C/b%3E,%20built%20on%20version%2022.2.19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.123.221.120 Gliwice, Poland, ASN35434 (PIRXNET-AS, PL),
Reverse DNS
roca.ip4.gl.digi.pl
Software
nginx /
Resource Hash
ea4e8bbd436d9b0cf393900bad63db2df6099e34b3b2f8a095cc9bf03bb7c63d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://188.123.221.120/theme/_karo_22.2/resource/login.css?1=Powered%20by%20%3Cb%3EKARO%20HRMS%3C/b%3E,%20built%20on%20version%2022.2.19
Origin
https://188.123.221.120
accept-language
pl-PL,pl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 14:14:35 GMT
Content-Security-policy
frame-ancestors 'self'
X-Content-Type-Options
nosniff, nosniff
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Connection
keep-alive
Content-Length
159876
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Last-Modified
Thu, 07 Mar 2024 08:18:50 GMT
Server
nginx
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
font/woff;charset=UTF-8
Access-Control-Allow-Origin
*
Internet
YES
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges
bytes
Keep-Alive
timeout=20
Expires
0
favicon.ico
188.123.221.120/theme/_karo_22.2/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://188.123.221.120/theme/_karo_22.2/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.123.221.120 Gliwice, Poland, ASN35434 (PIRXNET-AS, PL),
Reverse DNS
roca.ip4.gl.digi.pl
Software
nginx /
Resource Hash
cd53737707e511ceed7f09c385cccb2519f716a585d8de4b24325ed6514000cc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://188.123.221.120/web/login
accept-language
pl-PL,pl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 14:14:36 GMT
Content-Security-policy
frame-ancestors 'self'
X-Content-Type-Options
nosniff, nosniff
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Connection
keep-alive
Content-Length
1150
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Last-Modified
Thu, 07 Mar 2024 08:18:45 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
image/x-icon;charset=UTF-8
Internet
YES
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges
bytes
Keep-Alive
timeout=20
Expires
0

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| API_URL string| WEB_URL string| CONTEXT_PATH function| getDefaultTemplate string| defaultTemplate string| remText string| limitText string| filtruj string| pokazFiltrZaawansowany string| filtrJestUstawiony string| filtr string| ukryjFiltrZaawansowany string| filtrZaawansowany string| lang string| operation_confirm string| yes string| no string| session_timeout_message string| session_timeout_button_label object| validMessage string| pracownikId string| pracownikIdDp string| kiero object| DMZ function| isMobileDevice function| isCanvasSupported function| potwierdzenieOperacji boolean| dmz_draw_enable object| dmz_circleXX1 function| init function| dmz_mouseLoadingStart function| dmz_mouseLoadingStop number| ca function| dmz_draw function| dmz_loadingDraw function| ie_ver function| inIframe function| parseUrl function| returnFromIframe function| locationReplace function| contentLocationReplace function| dmzPageTitle function| sendBeacon function| preprocessI18references function| loadExportFunctions function| overrideDataTablePrint function| overrideDataTablePrintGenericXls function| loadExternalScript function| $ function| jQuery object| jQuery111006158638719873013 function| addValidateError function| newWindowDownload undefined| dateRangeOptions undefined| deferredPrompt function| showAddToHomeScreen function| addToHomeScreen function| loadCriticalFonts function| setCookies number| timerC

1 Cookies

Domain/Path Name / Value
188.123.221.120/ Name: JSESSIONID
Value: A445D9F3658D161EFBD22192B8CCFE29

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://188.123.221.120/web/login
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block