autenti-prod.identt.pl Open in urlscan Pro
3.121.12.221 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://autenti-prod.identt.pl/
Effective URL:
https://autenti-prod.identt.pl/
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On August 20 via api (August 20th 2023, 4:14:36 am UTC) from AU — Scanned from PL

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 14 HTTP transactions. The main IP is 3.121.12.221, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is autenti-prod.identt.pl.
TLS certificate: Issued by R3 on August 13th 2023. Valid for: 3 months.

This is the only time autenti-prod.identt.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	52.29.88.9 52.29.88.9	16509 (AMAZON-02) (AMAZON-02)
6	3.121.12.221 3.121.12.221	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.106 142.250.185.106	15169 (GOOGLE) (GOOGLE)
2	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
1	35.188.42.15 35.188.42.15	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
14	6

5 52.29.88.9 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-88-9.eu-central-1.compute.amazonaws.com

autenti-prod.identt.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
civs.identt.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.121.12.221 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-12-221.eu-central-1.compute.amazonaws.com

autenti-prod.identt.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.106 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.227 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.188.42.15 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	identt.pl 1 redirects autenti-prod.identt.pl civs.identt.pl	2 MB
2	gstatic.com fonts.gstatic.com	36 KB
1	sentry.io sentry.io — Cisco Umbrella Rank: 193	599 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73	903 B
14	4

	Domain	Requested by
7	autenti-prod.identt.pl	1 redirects autenti-prod.identt.pl
4	civs.identt.pl	autenti-prod.identt.pl
2	fonts.gstatic.com	fonts.googleapis.com
1	sentry.io	autenti-prod.identt.pl
1	fonts.googleapis.com	client
14	5

This site contains no links.

Subject Issuer	Validity	Valid
autenti-prod.identt.pl R3	`2023-08-13` - `2023-11-11`	3 months	crt.sh
civs.identt.pl R3	`2023-07-30` - `2023-10-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-06` - `2024-07-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://autenti-prod.identt.pl/
Frame ID: 89EA7483A712CD00FBE4CF700D710102
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Weryfikacja

Page URL History Show full URLs

http://autenti-prod.identt.pl/ HTTP 308
https://autenti-prod.identt.pl/ Page URL

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

1805 kB
Transfer

5343 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://autenti-prod.identt.pl/ HTTP 308
https://autenti-prod.identt.pl/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
autenti-prod.identt.pl/
Redirect Chain

http://autenti-prod.identt.pl/
https://autenti-prod.identt.pl/

1 KB
775 B

149ms
49ms

Document
text/html

3.121.12.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://autenti-prod.identt.pl/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.121.12.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-121-12-221.eu-central-1.compute.amazonaws.com

Software

Resource Hash

171e5d1f42f8783a4272f567878f8f2523218434749a98e488072f10887701be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 20 Aug 2023 04:14:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 164
Content-Type: text/html
Date: Sun, 20 Aug 2023 04:14:31 GMT
Location: https://autenti-prod.identt.pl

GET
H2 200 antmedia_adaptor.js Show response
autenti-prod.identt.pl/assets/js/ 39 KB
9 KB 51ms
51ms Script
text/javascript 3.121.12.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://autenti-prod.identt.pl/assets/js/antmedia_adaptor.js

Requested by

Host: autenti-prod.identt.pl
URL: https://autenti-prod.identt.pl/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.121.12.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-121-12-221.eu-central-1.compute.amazonaws.com

Software

Resource Hash

58440c1453151bbb13bf4968e295f86b0055e7bd6212ae4b8b7740a5bf4f180b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://autenti-prod.identt.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 04:14:31 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 vendor-81c4f5a6d7ced4359ba1.js Show response
autenti-prod.identt.pl/ 3 MB
955 KB 98ms
97ms Script
text/javascript 3.121.12.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://autenti-prod.identt.pl/vendor-81c4f5a6d7ced4359ba1.js

Requested by

Host: autenti-prod.identt.pl
URL: https://autenti-prod.identt.pl/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.121.12.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-121-12-221.eu-central-1.compute.amazonaws.com

Software

Resource Hash

f8f6df45255fdde9903ee52244bc574cb567c9db9894a27c3948f75b176768e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://autenti-prod.identt.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 04:14:31 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 app-81c4f5a6d7ced4359ba1.js Show response
autenti-prod.identt.pl/ 2 MB
802 KB 101ms
100ms Script
text/javascript 3.121.12.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://autenti-prod.identt.pl/app-81c4f5a6d7ced4359ba1.js

Requested by

Host: autenti-prod.identt.pl
URL: https://autenti-prod.identt.pl/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.121.12.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-121-12-221.eu-central-1.compute.amazonaws.com

Software

Resource Hash

b936094fb1a5dc7dfbf59b1836adbcf465538a8bf332e0571590d5882f6cc808

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://autenti-prod.identt.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 04:14:31 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
content-type: text/javascript

OPTIONS
H2 200 data
civs.identt.pl/pl/api/v2/verify/self/ 0
0 149ms
51ms Preflight
text/plain 52.29.88.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://civs.identt.pl/pl/api/v2/verify/self/data

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.29.88.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-88-9.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com; img-src 'self' data: *; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://themes.googleusercontent.com https://fonts.gstatic.com; object-src 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://autenti-prod.identt.pl
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://autenti-prod.identt.pl
access-control-max-age: 600
content-length: 2
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com; img-src 'self' data: *; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://themes.googleusercontent.com https://fonts.gstatic.com; object-src 'none'
content-type: text/plain; charset=utf-8
date: Sun, 20 Aug 2023 04:14:32 GMT
referrer-policy: strict-origin
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-request-id: 1a4aa8c193156b1c63194005f1903021
x-xss-protection: 1; mode=block

OPTIONS
H2 200 /
civs.identt.pl/pl/api/v4/document/undefined/user-metadata/ 0
0 148ms
50ms Preflight
text/plain 52.29.88.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://civs.identt.pl/pl/api/v4/document/undefined/user-metadata/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.29.88.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-88-9.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com; img-src 'self' data: *; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://themes.googleusercontent.com https://fonts.gstatic.com; object-src 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://autenti-prod.identt.pl
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://autenti-prod.identt.pl
access-control-max-age: 600
content-length: 2
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com; img-src 'self' data: *; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://themes.googleusercontent.com https://fonts.gstatic.com; object-src 'none'
content-type: text/plain; charset=utf-8
date: Sun, 20 Aug 2023 04:14:32 GMT
referrer-policy: strict-origin
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-request-id: 358c3ea7fd952e4c05ea1ce0518562ca
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 2 KB
903 B 149ms
53ms Stylesheet
text/css 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Sarala:400,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

ESF /

Resource Hash

1684f7d087e9006284e2e479d020a5b110dbb91ad6c62f5e85c28a51c140c154

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://autenti-prod.identt.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 20 Aug 2023 04:14:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 20 Aug 2023 04:14:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 20 Aug 2023 04:14:32 GMT

GET
H2 401 data Show response
civs.identt.pl/pl/api/v2/verify/self/ 52 B
623 B 129ms
128ms XHR
application/json 52.29.88.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://civs.identt.pl/pl/api/v2/verify/self/data

Requested by

Host: autenti-prod.identt.pl
URL: https://autenti-prod.identt.pl/vendor-81c4f5a6d7ced4359ba1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.29.88.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-88-9.eu-central-1.compute.amazonaws.com

Software

Resource Hash

6b6700ecfa68864428dd823e368a0512e4527a494a415547390470cdd1a911d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com; img-src 'self' data: *; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://themes.googleusercontent.com https://fonts.gstatic.com; object-src 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://autenti-prod.identt.pl/
accept-language: pl-PL,pl;q=0.9
Authorization: Bearer undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 04:14:32 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com; img-src 'self' data: *; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://themes.googleusercontent.com https://fonts.gstatic.com; object-src 'none'
www-authenticate: Token
x-content-type-options: nosniff
referrer-policy: strict-origin
strict-transport-security: max-age=15724800; includeSubDomains
vary: Authorization, Cookie, origin
allow: GET, OPTIONS
content-language: pl
x-frame-options: DENY
access-control-allow-origin: *
content-type: application/json
access-control-allow-credentials: true
content-length: 52
x-xss-protection: 1; mode=block

POST
H2 401 / Show response
civs.identt.pl/pl/api/v4/document/undefined/user-metadata/ 52 B
687 B 132ms
131ms XHR
application/json 52.29.88.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://civs.identt.pl/pl/api/v4/document/undefined/user-metadata/

Requested by

Host: autenti-prod.identt.pl
URL: https://autenti-prod.identt.pl/vendor-81c4f5a6d7ced4359ba1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.29.88.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-88-9.eu-central-1.compute.amazonaws.com

Software

Resource Hash

6b6700ecfa68864428dd823e368a0512e4527a494a415547390470cdd1a911d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com; img-src 'self' data: *; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://themes.googleusercontent.com https://fonts.gstatic.com; object-src 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://autenti-prod.identt.pl/
accept-language: pl-PL,pl;q=0.9
Authorization: Bearer undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 20 Aug 2023 04:14:32 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com; img-src 'self' data: *; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://themes.googleusercontent.com https://fonts.gstatic.com; object-src 'none'
www-authenticate: Bearer realm="api",error="invalid_token",error_description="The access token is invalid."
x-content-type-options: nosniff
referrer-policy: strict-origin
strict-transport-security: max-age=15724800; includeSubDomains
vary: Authorization, Cookie, origin
allow: POST, OPTIONS
content-language: pl
x-frame-options: DENY
access-control-allow-origin: *
content-type: application/json
access-control-allow-credentials: true
content-length: 52
x-xss-protection: 1; mode=block

GET
H2 200 wasm-worker-prod.js
autenti-prod.identt.pl/opencv_worker/ 348 B
381 B 50ms
49ms Other
text/javascript 3.121.12.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://autenti-prod.identt.pl/opencv_worker/wasm-worker-prod.js

Requested by

Host: autenti-prod.identt.pl
URL: https://autenti-prod.identt.pl/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.121.12.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-121-12-221.eu-central-1.compute.amazonaws.com

Software

Resource Hash

f94582530a7752c7b49accc59aecf71b29f27b27da5e439a7eaecf6785de1be3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://autenti-prod.identt.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 04:14:32 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 wasm-worker-prod.js
autenti-prod.identt.pl/face_detector/ 128 B
268 B 49ms
49ms Other
text/javascript 3.121.12.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://autenti-prod.identt.pl/face_detector/wasm-worker-prod.js

Requested by

Host: autenti-prod.identt.pl
URL: https://autenti-prod.identt.pl/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.121.12.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-121-12-221.eu-central-1.compute.amazonaws.com

Software

Resource Hash

9ae062f110a5dc26eae5ccb12cf4a9626d34ff7769158316c6bab5c1197bd214

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://autenti-prod.identt.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 04:14:32 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 uK_y4riEZv4o1w9hDRcS.woff2
fonts.gstatic.com/s/sarala/v10/ 17 KB
18 KB 148ms
44ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sarala/v10/uK_y4riEZv4o1w9hDRcS.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Sarala:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

06ddbc7856b40694ab7981a5b14927abd176e7a094404e4a4df00deccc426bba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://autenti-prod.identt.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 16:20:37 GMT
x-content-type-options: nosniff
age: 42835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:02:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 16:20:37 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d079eaa788cd4c891b9a5eefdd75a4224d98b192bb4da7d75fe8a582d0fc29b5

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e4380f7161d1f1352f6c8e181f1228edcabbc86eeb154b5ac1a6dc8073a44b8

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7de5fe8d5f0ad06093610d02945a11ba3e2177f1304dd7d80f7460c0ba521b1

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 299554018e709dee6d3a8599fa85746c8b41c5a7fa313e9679a79b29b957c01c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 992634bbb9448e8c81523279f54d9b99046d822fcda77a49edd71866267025cd

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 uK_x4riEZv4o1w9ptjIHPd-Z.woff2
fonts.gstatic.com/s/sarala/v10/ 18 KB
18 KB 44ms
43ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sarala/v10/uK_x4riEZv4o1w9ptjIHPd-Z.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Sarala:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

a6c243eef301305bcc4e06bdff3d9c821ffe084758a979338f8d3e72755d2cf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://autenti-prod.identt.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:16:03 GMT
x-content-type-options: nosniff
age: 64709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17988
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:05:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 10:16:03 GMT

POST
H/1.1 200
OK / Show response
sentry.io/api/1301235/store/ 41 B
599 B 622ms
154ms Fetch
application/json 35.188.42.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1301235/store/?sentry_key=98e8a9e3af7c4191969eb156294c07da&sentry_version=7

Requested by

Host: autenti-prod.identt.pl
URL: https://autenti-prod.identt.pl/vendor-81c4f5a6d7ced4359ba1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

872b51f188bb6b0ca694d5d45719bf6c48015ec444e313ad06c64550a3b2c8ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://autenti-prod.identt.pl/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 20 Aug 2023 04:14:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
Server: nginx
vary: origin,access-control-request-method,access-control-request-headers
Content-Type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 41

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://civs.identt.pl/pl/api/v2/verify/self/data Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://civs.identt.pl/pl/api/v4/document/undefined/user-metadata/ Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

autenti-prod.identt.pl
civs.identt.pl
fonts.googleapis.com
fonts.gstatic.com
sentry.io
142.250.181.227
142.250.185.106
3.121.12.221
35.188.42.15
52.29.88.9
06ddbc7856b40694ab7981a5b14927abd176e7a094404e4a4df00deccc426bba
0e4380f7161d1f1352f6c8e181f1228edcabbc86eeb154b5ac1a6dc8073a44b8
1684f7d087e9006284e2e479d020a5b110dbb91ad6c62f5e85c28a51c140c154
171e5d1f42f8783a4272f567878f8f2523218434749a98e488072f10887701be
299554018e709dee6d3a8599fa85746c8b41c5a7fa313e9679a79b29b957c01c
58440c1453151bbb13bf4968e295f86b0055e7bd6212ae4b8b7740a5bf4f180b
6b6700ecfa68864428dd823e368a0512e4527a494a415547390470cdd1a911d4
872b51f188bb6b0ca694d5d45719bf6c48015ec444e313ad06c64550a3b2c8ee
992634bbb9448e8c81523279f54d9b99046d822fcda77a49edd71866267025cd
9ae062f110a5dc26eae5ccb12cf4a9626d34ff7769158316c6bab5c1197bd214
a6c243eef301305bcc4e06bdff3d9c821ffe084758a979338f8d3e72755d2cf4
b7de5fe8d5f0ad06093610d02945a11ba3e2177f1304dd7d80f7460c0ba521b1
b936094fb1a5dc7dfbf59b1836adbcf465538a8bf332e0571590d5882f6cc808
d079eaa788cd4c891b9a5eefdd75a4224d98b192bb4da7d75fe8a582d0fc29b5
f8f6df45255fdde9903ee52244bc574cb567c9db9894a27c3948f75b176768e0
f94582530a7752c7b49accc59aecf71b29f27b27da5e439a7eaecf6785de1be3

autenti-prod.identt.pl Open in urlscan Pro 3.121.12.221 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

14 Requests

100 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

6 IPs

2 Countries

1805 kBTransfer

5343 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

0 Cookies

2 Console Messages

Security Headers

Indicators

autenti-prod.identt.pl Open in urlscan Pro
3.121.12.221 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

1805 kB
Transfer

5343 kB
Size

0
Cookies

14 HTTP transactions
5 data transactions