urlscan.io logo urlscan.io
SecurityTrails logo

login.certum.pl Open in urlscan Pro
213.222.201.137  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://signer.certum.pl/
Effective URL: https://login.certum.pl/auth/realms/CertumOneAccount/protocol/openid-connect/auth?response_type=code&client_id=signer-cl...
Submission: On June 05 via api from US — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 213.222.201.137, located in Poland and belongs to ASSECODS, PL. The main domain is login.certum.pl.
TLS certificate: Issued by Certum Extended Validation CA SHA2 on January 10th 2024. Valid for: a year.
This is the only time login.certum.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3 213.222.221.142 34530 (ASSECO-DS-AS)
9 213.222.201.137 28785 (ASSECODS)
2 142.250.185.168 15169 (GOOGLE)
2 172.217.16.142 15169 (GOOGLE)
1 216.239.32.36 15169 (GOOGLE)
14 4
3    213.222.221.142 (Poland)

ASN34530 (ASSECO-DS-AS, PL)
signer.certum.pl
9    213.222.201.137 (Poland)

ASN28785 (ASSECODS, PL)
login.certum.pl
2    142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net
www.googletagmanager.com
2    172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f14.1e100.net
www.google-analytics.com
1    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
12 certum.pl
signer.certum.pl
login.certum.pl
89 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 65
region1.google-analytics.com — Cisco Umbrella Rank: 2406
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
163 KB
14 3
Domain Requested by
9 login.certum.pl login.certum.pl
3 signer.certum.pl 3 redirects
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com login.certum.pl
www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
14 5

This site contains links to these domains. Also see Links.

Domain
www.certum.pl
Subject Issuer Validity Valid
login.certum.pl
Certum Extended Validation CA SHA2		 2024-01-10 -
2025-01-09		 a year crt.sh
*.google-analytics.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://login.certum.pl/auth/realms/CertumOneAccount/protocol/openid-connect/auth?response_type=code&client_id=signer-cloud-login&scope=openid&state=mb6Qt7m5b2rzOWpSkMAashJtnAkL8jMStkR8muLtb7I%3D&redirect_uri=https://signer.certum.pl/signer/login/oauth2/code/signer&nonce=GiWibweU2LjyKN-pEFAonmsU0a6X369Mz236wakMVAI
Frame ID: 2DB6F302E310903060F4C2BB5340ED77
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Zaloguj siÄ™

Page URL History Show full URLs

  1. http://signer.certum.pl/ HTTP 307
    https://signer.certum.pl/ HTTP 302
    https://signer.certum.pl/signer/ HTTP 302
    http://signer.certum.pl/signer/oauth2/authorization/signer HTTP 307
    https://signer.certum.pl/signer/oauth2/authorization/signer HTTP 302
    https://login.certum.pl/auth/realms/CertumOneAccount/protocol/openid-connect/auth?response_type=code... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

4
IPs

2
Countries

271 kB
Transfer

638 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://signer.certum.pl/ HTTP 307
    https://signer.certum.pl/ HTTP 302
    https://signer.certum.pl/signer/ HTTP 302
    http://signer.certum.pl/signer/oauth2/authorization/signer HTTP 307
    https://signer.certum.pl/signer/oauth2/authorization/signer HTTP 302
    https://login.certum.pl/auth/realms/CertumOneAccount/protocol/openid-connect/auth?response_type=code&client_id=signer-cloud-login&scope=openid&state=mb6Qt7m5b2rzOWpSkMAashJtnAkL8jMStkR8muLtb7I%3D&redirect_uri=https://signer.certum.pl/signer/login/oauth2/code/signer&nonce=GiWibweU2LjyKN-pEFAonmsU0a6X369Mz236wakMVAI Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request auth
login.certum.pl/auth/realms/CertumOneAccount/protocol/openid-connect/
Redirect Chain
  • http://signer.certum.pl/
  • https://signer.certum.pl/
  • https://signer.certum.pl/signer/
  • http://signer.certum.pl/signer/oauth2/authorization/signer
  • https://signer.certum.pl/signer/oauth2/authorization/signer
  • https://login.certum.pl/auth/realms/CertumOneAccount/protocol/openid-connect/auth?response_type=code&client_id=signer-cloud-login&scope=openid&state=mb6Qt7m5b2rzOWpSkMAashJtnAkL8jMStkR8muLtb7I%3D&r...
5 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.certum.pl/auth/realms/CertumOneAccount/protocol/openid-connect/auth?response_type=code&client_id=signer-cloud-login&scope=openid&state=mb6Qt7m5b2rzOWpSkMAashJtnAkL8jMStkR8muLtb7I%3D&redirect_uri=https://signer.certum.pl/signer/login/oauth2/code/signer&nonce=GiWibweU2LjyKN-pEFAonmsU0a6X369Mz236wakMVAI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.222.201.137 , Poland, ASN28785 (ASSECODS, PL),
Reverse DNS
Software
Apache /
Resource Hash
a6f5bf0137a3f6e01277c141b0ac61cb3286a97f51c99b7ca16304cd8d38d7ce
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
pl-PL,pl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Content-Language
pl
Content-Length
5540
Content-Security-Policy
frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Content-Type
text/html;charset=utf-8
Date
Wed, 05 Jun 2024 11:28:03 GMT
Keep-Alive
timeout=100, max=100
Referrer-Policy
no-referrer
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubDomains max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Robots-Tag
none
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
close
Content-Length
0
Content-Security-Policy
default-src 'self'; style-src 'unsafe-inline' 'self' fonts.googleapis.com; frame-src certumsignerservice: https://cloudsign.webnotarius.pl 'self'; font-src data: 'self' fonts.gstatic.com; img-src data: 'self'
Date
Wed, 05 Jun 2024 11:28:03 GMT
Expires
0
Location
https://login.certum.pl/auth/realms/CertumOneAccount/protocol/openid-connect/auth?response_type=code&client_id=signer-cloud-login&scope=openid&state=mb6Qt7m5b2rzOWpSkMAashJtnAkL8jMStkR8muLtb7I%3D&redirect_uri=https://signer.certum.pl/signer/login/oauth2/code/signer&nonce=GiWibweU2LjyKN-pEFAonmsU0a6X369Mz236wakMVAI
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		206 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-3246658-41
Requested by
Host: login.certum.pl
URL: https://login.certum.pl/auth/realms/CertumOneAccount/protocol/openid-connect/auth?response_type=code&client_id=signer-cloud-login&scope=openid&state=mb6Qt7m5b2rzOWpSkMAashJtnAkL8jMStkR8muLtb7I%3D&redirect_uri=https://signer.certum.pl/signer/login/oauth2/code/signer&nonce=GiWibweU2LjyKN-pEFAonmsU0a6X369Mz236wakMVAI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
86c915b93715fca316ead311710184c418a2d14811df2401f0716fbb788787b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 11:28:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75913
x-xss-protection
0
last-modified
Wed, 05 Jun 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 05 Jun 2024 11:28:03 GMT
login.css
login.certum.pl/auth/resources/dvyuj/login/keycloak-19-coa-1.0.1/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.certum.pl/auth/resources/dvyuj/login/keycloak-19-coa-1.0.1/css/login.css
Requested by
Host: login.certum.pl
URL: https://login.certum.pl/auth/realms/CertumOneAccount/protocol/openid-connect/auth?response_type=code&client_id=signer-cloud-login&scope=openid&state=mb6Qt7m5b2rzOWpSkMAashJtnAkL8jMStkR8muLtb7I%3D&redirect_uri=https://signer.certum.pl/signer/login/oauth2/code/signer&nonce=GiWibweU2LjyKN-pEFAonmsU0a6X369Mz236wakMVAI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.222.201.137 , Poland, ASN28785 (ASSECODS, PL),
Reverse DNS
Software
Apache /
Resource Hash
792bed33aece5047a8eff056348a147d684eb216983b1ac141692d3fed61bb9d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 11:28:03 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
Content-Encoding
gzip
Referrer-Policy
no-referrer
Server
Apache
X-Content-Type-Options
nosniff
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=2592000
Connection
Keep-Alive
Keep-Alive
timeout=100, max=99
Content-Length
4326
X-XSS-Protection
1; mode=block
script.js
login.certum.pl/auth/resources/dvyuj/login/keycloak-19-coa-1.0.1/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.certum.pl/auth/resources/dvyuj/login/keycloak-19-coa-1.0.1/js/script.js
Requested by
Host: login.certum.pl
URL: https://login.certum.pl/auth/realms/CertumOneAccount/protocol/openid-connect/auth?response_type=code&client_id=signer-cloud-login&scope=openid&state=mb6Qt7m5b2rzOWpSkMAashJtnAkL8jMStkR8muLtb7I%3D&redirect_uri=https://signer.certum.pl/signer/login/oauth2/code/signer&nonce=GiWibweU2LjyKN-pEFAonmsU0a6X369Mz236wakMVAI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.222.201.137 , Poland, ASN28785 (ASSECODS, PL),
Reverse DNS
Software
Apache /
Resource Hash
6974aa2f72ddc951af7b13e7dc38e9398571fdf209a5d276f0fe22f3a868e204
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 11:28:03 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
Content-Encoding
gzip
Referrer-Policy
no-referrer
Server
Apache
X-Content-Type-Options
nosniff
Content-Type
text/javascript;charset=UTF-8
Cache-Control
max-age=2592000
Connection
Keep-Alive
Keep-Alive
timeout=100, max=98
Content-Length
1849
X-XSS-Protection
1; mode=block
style.css
login.certum.pl/auth/resources/dvyuj/login/keycloak-19-coa-1.0.1/icons/ 		1 KB
960 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.certum.pl/auth/resources/dvyuj/login/keycloak-19-coa-1.0.1/icons/style.css
Requested by
Host: login.certum.pl
URL: https://login.certum.pl/auth/resources/dvyuj/login/keycloak-19-coa-1.0.1/css/login.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.222.201.137 , Poland, ASN28785 (ASSECODS, PL),
Reverse DNS
Software
Apache /
Resource Hash
a65a4f36204dbacb30cd9e4e90bb81b32b1c516522cdaef072d51e7fec364cb0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 11:28:03 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
Content-Encoding
gzip
Referrer-Policy
no-referrer
Server
Apache
X-Content-Type-Options
nosniff
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=2592000
Connection
Keep-Alive
Keep-Alive
timeout=100, max=100
Content-Length
491
X-XSS-Protection
1; mode=block
certum-logo.svg
login.certum.pl/auth/resources/dvyuj/login/keycloak-19-coa-1.0.1/img/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.certum.pl/auth/resources/dvyuj/login/keycloak-19-coa-1.0.1/img/certum-logo.svg
Requested by
Host: login.certum.pl
URL: https://login.certum.pl/auth/resources/dvyuj/login/keycloak-19-coa-1.0.1/css/login.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.222.201.137 , Poland, ASN28785 (ASSECODS, PL),
Reverse DNS
Software
Apache /
Resource Hash
c18d165733062086c0ad295d62d63405317457aa942d94aeb783f798d02dbc0a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 11:28:03 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
Content-Encoding
gzip
Referrer-Policy
no-referrer
Server
Apache
X-Content-Type-Options
nosniff
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Connection
Keep-Alive
Keep-Alive
timeout=100, max=99
Content-Length
3044
X-XSS-Protection
1; mode=block
geomanist-regular-webfont.woff
login.certum.pl/auth/resources/dvyuj/login/keycloak-19-coa-1.0.1/fonts/ 		40 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://login.certum.pl/auth/resources/dvyuj/login/keycloak-19-coa-1.0.1/fonts/geomanist-regular-webfont.woff
Requested by
Host: login.certum.pl
URL: https://login.certum.pl/auth/resources/dvyuj/login/keycloak-19-coa-1.0.1/css/login.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.222.201.137 , Poland, ASN28785 (ASSECODS, PL),
Reverse DNS
Software
Apache /
Resource Hash
a54887dc689bf9f3147f25fb36aca0c46eb4399cb10e49b783dcbb42c56a04b8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://login.certum.pl
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 11:28:03 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Referrer-Policy
no-referrer
Transfer-Encoding
chunked
Content-Type
application/octet-stream
Cache-Control
max-age=2592000
Connection
Keep-Alive
Keep-Alive
timeout=100, max=97
X-XSS-Protection
1; mode=block
icomoon.ttf
login.certum.pl/auth/resources/dvyuj/login/keycloak-19-coa-1.0.1/icons/fonts/ 		3 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://login.certum.pl/auth/resources/dvyuj/login/keycloak-19-coa-1.0.1/icons/fonts/icomoon.ttf?b4qev0
Requested by
Host: login.certum.pl
URL: https://login.certum.pl/auth/resources/dvyuj/login/keycloak-19-coa-1.0.1/icons/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.222.201.137 , Poland, ASN28785 (ASSECODS, PL),
Reverse DNS
Software
Apache /
Resource Hash
f162d4be54cfb6911f0729c920f991b58606d003e91e0e103950411617f34cad
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://login.certum.pl
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 11:28:03 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
Content-Encoding
gzip
Referrer-Policy
no-referrer
Server
Apache
X-Content-Type-Options
nosniff
Content-Type
application/octet-stream
Cache-Control
max-age=2592000
Connection
Keep-Alive
Keep-Alive
timeout=100, max=100
Content-Length
1692
X-XSS-Protection
1; mode=block
Geomanist-Book.otf
login.certum.pl/auth/resources/dvyuj/login/keycloak-19-coa-1.0.1/fonts/ 		38 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://login.certum.pl/auth/resources/dvyuj/login/keycloak-19-coa-1.0.1/fonts/Geomanist-Book.otf
Requested by
Host: login.certum.pl
URL: https://login.certum.pl/auth/resources/dvyuj/login/keycloak-19-coa-1.0.1/css/login.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.222.201.137 , Poland, ASN28785 (ASSECODS, PL),
Reverse DNS
Software
Apache /
Resource Hash
372162a2bd67a23ee5dd8e53a1ae856463e639e3b425099fc6093313c147085f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://login.certum.pl
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 11:28:03 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Referrer-Policy
no-referrer
Transfer-Encoding
chunked
Content-Type
application/octet-stream
Cache-Control
max-age=2592000
Connection
Keep-Alive
Keep-Alive
timeout=100, max=98
X-XSS-Protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		251 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NGET1CZV09&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3246658-41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
cb10d081ac3e898b19c2443081d4c0998eb779c1424aaeef5b41fd80f42baaa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 11:28:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90290
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 05 Jun 2024 11:28:04 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3246658-41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 05 Jun 2024 10:29:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3536
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 05 Jun 2024 12:29:08 GMT
collect
region1.google-analytics.com/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-NGET1CZV09&gtm=45je4630v9112224035za200&_p=1717586883528&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=259803966.1717586884&ul=pl-pl&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1717586884&sct=1&seg=0&dl=https%3A%2F%2Flogin.certum.pl%2Fauth%2Frealms%2FCertumOneAccount%2Fprotocol%2Fopenid-connect%2Fauth%3Fresponse_type%3Dcode%26client_id%3Dsigner-cloud-login%26scope%3Dopenid%26state%3Dmb6Qt7m5b2rzOWpSkMAashJtnAkL8jMStkR8muLtb7I%253D%26redirect_uri%3Dhttps%3A%2F%2Fsigner.certum.pl%2Fsigner%2Flogin%2Foauth2%2Fcode%2Fsigner%26nonce%3DGiWibweU2LjyKN-pEFAonmsU0a6X369Mz236wakMVAI&dt=Zaloguj%20si%C4%99&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1286
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NGET1CZV09&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 11:28:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://login.certum.pl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=239495226&t=pageview&_s=1&dl=https%3A%2F%2Flogin.certum.pl%2Fauth%2Frealms%2FCertumOneAccount%2Fprotocol%2Fopenid-connect%2Fauth%3Fresponse_type%3Dcode%26client_id%3Dsigner-cloud-login%26scope%3Dopenid%26state%3Dmb6Qt7m5b2rzOWpSkMAashJtnAkL8jMStkR8muLtb7I%253D%26redirect_uri%3Dhttps%3A%2F%2Fsigner.certum.pl%2Fsigner%2Flogin%2Foauth2%2Fcode%2Fsigner%26nonce%3DGiWibweU2LjyKN-pEFAonmsU0a6X369Mz236wakMVAI&ul=pl-pl&de=UTF-8&dt=Zaloguj%20si%C4%99&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=809491015&gjid=109769842&cid=259803966.1717586884&tid=UA-3246658-41&_gid=401918163.1717586885&_r=1&gtm=457e4630za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&npa=1&z=1551943867
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 11:28:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://login.certum.pl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
login.certum.pl/auth/resources/dvyuj/login/keycloak-19-coa-1.0.1/img/ 		5 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://login.certum.pl/auth/resources/dvyuj/login/keycloak-19-coa-1.0.1/img/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.222.201.137 , Poland, ASN28785 (ASSECODS, PL),
Reverse DNS
Software
Apache /
Resource Hash
23c5f7346319a1978a83d0804dda76c3d8e9ce643cb7eec8ce85a2fe6d6c5fe6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 11:28:04 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
Content-Encoding
gzip
Referrer-Policy
no-referrer
Server
Apache
X-Content-Type-Options
nosniff
Content-Type
application/octet-stream
Cache-Control
max-age=2592000
Connection
Keep-Alive
Keep-Alive
timeout=100, max=97
Content-Length
1026
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| checkActiveLocale function| rememberLogin function| changeAccountCheck function| changeAccount function| showPassword function| checkStrength function| strengthBarProgress function| strengthBarVisibility function| catchStrength function| addIconCross function| removeIconCross function| showElementById function| showElements function| changeClassName function| addClasses function| removeClasses function| backPage object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData

8 Cookies

Domain/Path Name / Value
login.certum.pl/auth/realms/CertumOneAccount/ Name: AUTH_SESSION_ID
Value: 61bfdfb5-5680-4b28-bf14-ae1cadf43fe7.vm-sso-r7-keycloak-customer-0101
login.certum.pl/auth/realms/CertumOneAccount/ Name: AUTH_SESSION_ID_LEGACY
Value: 61bfdfb5-5680-4b28-bf14-ae1cadf43fe7.vm-sso-r7-keycloak-customer-0101
login.certum.pl/auth/realms/CertumOneAccount/ Name: KC_RESTART
Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIyNzg1ZjRjOS1hYTFiLTRlMGItOThmOC1jYTE1M2M2YThlNDkifQ.eyJjaWQiOiJzaWduZXItY2xvdWQtbG9naW4iLCJwdHkiOiJvcGVuaWQtY29ubmVjdCIsInJ1cmkiOiJodHRwczovL3NpZ25lci5jZXJ0dW0ucGwvc2lnbmVyL2xvZ2luL29hdXRoMi9jb2RlL3NpZ25lciIsImFjdCI6IkFVVEhFTlRJQ0FURSIsIm5vdGVzIjp7InNjb3BlIjoib3BlbmlkIiwiaXNzIjoiaHR0cHM6Ly9sb2dpbi5jZXJ0dW0ucGwvYXV0aC9yZWFsbXMvQ2VydHVtT25lQWNjb3VudCIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6Ly9zaWduZXIuY2VydHVtLnBsL3NpZ25lci9sb2dpbi9vYXV0aDIvY29kZS9zaWduZXIiLCJzdGF0ZSI6Im1iNlF0N201YjJyek9XcFNrTUFhc2hKdG5Ba0w4ak1TdGtSOG11THRiN0k9Iiwibm9uY2UiOiJHaVdpYndlVTJManlLTi1wRUZBb25tc1UwYTZYMzY5TXoyMzZ3YWtNVkFJIn19.zRatysPJ1XNYngQ_8rJVuXWsHpLrvrjpSIvXAa_StZY
signer.certum.pl/signer Name: JSESSIONID
Value: 9E7027AF7401B9F0B0D2EC74107C5223
.certum.pl/ Name: _ga_NGET1CZV09
Value: GS1.1.1717586884.1.0.1717586884.0.0.0
.certum.pl/ Name: _ga
Value: GA1.2.259803966.1717586884
.certum.pl/ Name: _gid
Value: GA1.2.401918163.1717586885
.certum.pl/ Name: _gat_gtag_UA_3246658_41
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=63072000; includeSubDomains max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block