urlscan.io logo urlscan.io
SecurityTrails logo

sso.ergohestia.pl Open in urlscan Pro
91.198.179.219  Public Scan

Go To Rescan Add Verdict Report
URL: https://sso.ergohestia.pl/my.policy
Submission: On December 16 via manual from PL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 91.198.179.219, located in Poland and belongs to HESTIA, PL. The main domain is sso.ergohestia.pl.
TLS certificate: Issued by Thawte TLS RSA CA G1 on May 19th 2022. Valid for: a year.
This is the only time sso.ergohestia.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 12 91.198.179.219 43932 (HESTIA)
9 1
Apex Domain
Subdomains		 Transfer
12 ergohestia.pl
sso.ergohestia.pl
cdn01.ergohestia.pl
174 KB
9 1
Domain Requested by
6 cdn01.ergohestia.pl sso.ergohestia.pl
cdn01.ergohestia.pl
6 sso.ergohestia.pl 3 redirects sso.ergohestia.pl
9 2

This site contains no links.

Subject Issuer Validity Valid
*.ergohestia.pl
Thawte TLS RSA CA G1		 2022-05-19 -
2023-06-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://sso.ergohestia.pl/my.policy
Frame ID: 47A9339772BB7187ECF89C57DEE5012F
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

iHestia – Dialog w ubezpieczeniach

Page URL History Show full URLs

  1. https://sso.ergohestia.pl/my.policy HTTP 302
    https://sso.ergohestia.pl/my.logout.php3?errorcode=19 HTTP 302
    https://sso.ergohestia.pl/ HTTP 302
    https://sso.ergohestia.pl/my.policy Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

172 kB
Transfer

249 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sso.ergohestia.pl/my.policy HTTP 302
    https://sso.ergohestia.pl/my.logout.php3?errorcode=19 HTTP 302
    https://sso.ergohestia.pl/ HTTP 302
    https://sso.ergohestia.pl/my.policy Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request my.policy
sso.ergohestia.pl/
Redirect Chain
  • https://sso.ergohestia.pl/my.policy
  • https://sso.ergohestia.pl/my.logout.php3?errorcode=19
  • https://sso.ergohestia.pl/
  • https://sso.ergohestia.pl/my.policy
34 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.ergohestia.pl/my.policy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.198.179.219 , Poland, ASN43932 (HESTIA, PL),
Reverse DNS
host219.hestia.pl
Software
/
Resource Hash
5efab9becaac64b2d6ef8fcc224d23c0847e329f4fb58a40972745cc3642052a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AP-Authentication-Required
true
Accept-Ranges
bytes
Age
29813
Cache-Control
no-cache, must-revalidate
Connection
close
Content-Length
34352
Content-Type
text/html; charset=utf-8
Date
Fri, 16 Dec 2022 10:17:34 GMT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Frame-Options
DENY

Redirect headers

Connection
close
Content-Length
0
Location
/my.policy
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
apm.css
cdn01.ergohestia.pl/ih/apm/v2/css/ 		55 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn01.ergohestia.pl/ih/apm/v2/css/apm.css
Requested by
Host: sso.ergohestia.pl
URL: https://sso.ergohestia.pl/my.policy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.198.179.219 , Poland, ASN43932 (HESTIA, PL),
Reverse DNS
host219.hestia.pl
Software
/
Resource Hash
40f84b14289ee95cde66beb447b7889017af015ed786b937dc88fe49bf191001
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.ergohestia.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 10:17:34 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Connection
keep-alive
Content-Length
14931
Pragma
public
Last-Modified
Wed, 19 May 2021 10:55:59 GMT
ETag
"60a4eebf-dbdc"
Vary
AP-Ic,Accept-Encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/css
Cache-Control
max-age=7776000, public
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Mime-Type, Cache-Control, X-Request-With, X-File-Name, Content-Type, *
Expires
Thu, 16 Mar 2023 10:17:34 GMT
jquery.2.2.0.min.js
cdn01.ergohestia.pl/ih/apm/js/ 		82 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.ergohestia.pl/ih/apm/js/jquery.2.2.0.min.js
Requested by
Host: sso.ergohestia.pl
URL: https://sso.ergohestia.pl/my.policy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.198.179.219 , Poland, ASN43932 (HESTIA, PL),
Reverse DNS
host219.hestia.pl
Software
/
Resource Hash
e176dc8d5da626a295961c495ff00c67ac6dd9295677410f6e211537dfb3a1e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.ergohestia.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 10:17:34 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Connection
keep-alive
Pragma
public
Last-Modified
Mon, 24 Sep 2018 13:05:53 GMT
ETag
"5ba8e131-14917"
Vary
AP-Ic,Accept-Encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/javascript
Cache-Control
max-age=7776000, public
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Mime-Type, Cache-Control, X-Request-With, X-File-Name, Content-Type, *
Expires
Thu, 16 Mar 2023 10:17:34 GMT
jquery.cookie.js
cdn01.ergohestia.pl/ih/apm/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.ergohestia.pl/ih/apm/js/jquery.cookie.js
Requested by
Host: sso.ergohestia.pl
URL: https://sso.ergohestia.pl/my.policy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.198.179.219 , Poland, ASN43932 (HESTIA, PL),
Reverse DNS
host219.hestia.pl
Software
/
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.ergohestia.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 10:17:34 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Connection
keep-alive
Content-Length
1732
Pragma
public
Last-Modified
Mon, 24 Sep 2018 13:05:53 GMT
ETag
"5ba8e131-c31"
Vary
AP-Ic,Accept-Encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/javascript
Cache-Control
max-age=7776000, public
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Mime-Type, Cache-Control, X-Request-With, X-File-Name, Content-Type, *
Expires
Thu, 16 Mar 2023 10:17:34 GMT
session_check.js
sso.ergohestia.pl/public/include/js/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sso.ergohestia.pl/public/include/js/session_check.js?v=13
Requested by
Host: sso.ergohestia.pl
URL: https://sso.ergohestia.pl/my.policy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.198.179.219 , Poland, ASN43932 (HESTIA, PL),
Reverse DNS
host219.hestia.pl
Software
/
Resource Hash
a5ea9b6d1aa661f4df9f86ec4cd271bff35c6c1f243b49ad3b9ee4986f9ac8ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.ergohestia.pl/my.policy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 10:17:34 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Last-Modified
Fri, 23 Sep 2016 00:53:19 GMT
Age
3355
ETag
"1dd6-53d223449fdc0"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
7638
tr.gif
sso.ergohestia.pl/public/images/my/ 		43 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso.ergohestia.pl/public/images/my/tr.gif
Requested by
Host: sso.ergohestia.pl
URL: https://sso.ergohestia.pl/my.policy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.198.179.219 , Poland, ASN43932 (HESTIA, PL),
Reverse DNS
host219.hestia.pl
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.ergohestia.pl/my.policy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 10:17:34 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Last-Modified
Sat, 10 Mar 2007 05:11:20 GMT
Age
1112
ETag
"2b-42b4b92116e00"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
43
ihbg.png
cdn01.ergohestia.pl/ih/apm/v2/img/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.ergohestia.pl/ih/apm/v2/img/ihbg.png?1598343126
Requested by
Host: cdn01.ergohestia.pl
URL: https://cdn01.ergohestia.pl/ih/apm/v2/css/apm.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.198.179.219 , Poland, ASN43932 (HESTIA, PL),
Reverse DNS
host219.hestia.pl
Software
/
Resource Hash
7c96c2bb573de75c9ba370c45c6ccb234b10a60728f7370e1443d0bfd8133a89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn01.ergohestia.pl/ih/apm/v2/css/apm.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
public
Date
Fri, 16 Dec 2022 10:17:34 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Last-Modified
Mon, 24 Sep 2018 13:05:53 GMT
ETag
"5ba8e131-af05"
Vary
AP-Ic,Accept-Encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Cache-Control
max-age=7776000, public
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Mime-Type, Cache-Control, X-Request-With, X-File-Name, Content-Type, *
Content-Length
44805
Expires
Thu, 16 Mar 2023 10:17:34 GMT
logo_eh.svg
cdn01.ergohestia.pl/ih/apm/v2/img/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.ergohestia.pl/ih/apm/v2/img/logo_eh.svg?1598343126
Requested by
Host: cdn01.ergohestia.pl
URL: https://cdn01.ergohestia.pl/ih/apm/v2/css/apm.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.198.179.219 , Poland, ASN43932 (HESTIA, PL),
Reverse DNS
host219.hestia.pl
Software
/
Resource Hash
2faee7d1871e1c3a521ba0fcc1e8da1e66bffb4a69e9edf05a16c9f5541861a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn01.ergohestia.pl/ih/apm/v2/css/apm.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
public
Date
Fri, 16 Dec 2022 10:17:34 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Last-Modified
Mon, 24 Sep 2018 13:05:53 GMT
ETag
"5ba8e131-279a"
Vary
AP-Ic,Accept-Encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/svg+xml
Cache-Control
max-age=7776000, public
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Mime-Type, Cache-Control, X-Request-With, X-File-Name, Content-Type, *
Content-Length
10138
Expires
Thu, 16 Mar 2023 10:17:34 GMT
logo_poweredby.svg
cdn01.ergohestia.pl/ih/apm/v2/img/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.ergohestia.pl/ih/apm/v2/img/logo_poweredby.svg?1598343126
Requested by
Host: cdn01.ergohestia.pl
URL: https://cdn01.ergohestia.pl/ih/apm/v2/css/apm.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.198.179.219 , Poland, ASN43932 (HESTIA, PL),
Reverse DNS
host219.hestia.pl
Software
/
Resource Hash
58dfd4a5afbb94d5d3520490de6bc2a3f0391dbd6dd2e378f4d3ddaf81d00c1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn01.ergohestia.pl/ih/apm/v2/css/apm.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
public
Date
Fri, 16 Dec 2022 10:17:34 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Last-Modified
Wed, 13 Feb 2019 13:28:33 GMT
ETag
"5c641b81-3947"
Vary
AP-Ic,Accept-Encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/svg+xml
Cache-Control
max-age=7776000, public
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Mime-Type, Cache-Control, X-Request-With, X-File-Name, Content-Type, *
Content-Length
14663
Expires
Thu, 16 Mar 2023 10:17:34 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| $ function| jQuery function| getHTTPRequestObject function| APMSessionTimeout function| RenderBrand function| AutoLogin function| SessionExpired_CustomizedScreenGet boolean| globalRestartOnSubmit function| sessionTimedOut function| SupportLayoutPage function| SupportLayoutPageDirect function| SupportLayoutPagePolisaonline function| SupportLayoutPageJupiter function| SupportLayoutPageSyriusz function| SupportLayoutPageSet boolean| doNotAutoSubmit string| globalFormId string| globalTableId string| globalSubmitTrId object| globalSavePasswordCheckbox object| globalInputs function| getFormCompatibility function| OnLoad function| checkExternalAddCheckbox function| disableSubmit function| OnSubmit function| verifyNewPassword function| masterSubmit function| setViewport function| onorientationchange function| dontChangePasswordClick object| sessionLogonCustomizations object| sessionLogonCustomizationPairs object| pairs number| j undefined| pair object| sessionLogonValuesets object| inpx undefined| options object| sessionTimeout function| F5_include_JS undefined| f5VirtualKeyboardMove undefined| f5VirtualKeyboardForceBlur undefined| f5VirtualKeyboardMessageText undefined| f5VirtualKeyboardHideText undefined| VirtualKeyboard_CustomizedMessageTextGet undefined| VirtualKeyboard_CustomizedHideTextGet function| delete_cookie_before_href function| delete_cookie_info function| isNotEmpty

4 Cookies

Domain/Path Name / Value
sso.ergohestia.pl/ Name: LastMRH_Session
Value: 43b63575
sso.ergohestia.pl/ Name: MRHSession
Value: baa5507c0ef4d444f028d7c443b63575
.sso.ergohestia.pl/ Name: TS01027acd
Value: 01c7bbbb3bb8c5983a64479c4fed5e3a12cd9a14fec4f6c5036eed7bf61f09139150c211b8ccf5f496f9d07100af5a35657eea09805d6701aaf763bc24420591d7cefd24501e37e62c2adf704a259a4cf676f155be2bf5fe87806c1f012e749ac8728ae73a
.cdn01.ergohestia.pl/ Name: TS01ade3cd
Value: 01c7bbbb3bebf70a5a2940f6c1a5abbb9b8f52e59089492cca8c697df3a93f395560f624f7e2478364b58d007b412fa6917c76a96a

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY