urlscan.io logo urlscan.io
SecurityTrails logo

b2b.acc.gallagher.shopworks-clients.nl Open in urlscan Pro
162.55.95.215  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://b2b.acc.gallagher.shopworks-clients.nl/
Effective URL: https://b2b.acc.gallagher.shopworks-clients.nl/account/login
Submission: On June 29 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 11 HTTP transactions. The main IP is 162.55.95.215, located in Germany and belongs to HETZNER-AS, DE. The main domain is b2b.acc.gallagher.shopworks-clients.nl.
TLS certificate: Issued by R3 on June 29th 2022. Valid for: 3 months.
This is the only time b2b.acc.gallagher.shopworks-clients.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 11 162.55.95.215 24940 (HETZNER-AS)
2 185.166.143.38 16509 (AMAZON-02)
11 3
Domain Requested by
11 b2b.acc.gallagher.shopworks-clients.nl 2 redirects b2b.acc.gallagher.shopworks-clients.nl
2 b2b-commerce-suite.atlassian.net b2b.acc.gallagher.shopworks-clients.nl
b2b-commerce-suite.atlassian.net
11 2

This site contains no links.

Subject Issuer Validity Valid
b2b.acc.gallagher.shopworks-clients.nl
R3		 2022-06-29 -
2022-09-27		 3 months crt.sh
*.atlassian.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-07 -
2022-12-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://b2b.acc.gallagher.shopworks-clients.nl/account/login
Frame ID: B48F79615B7B5ADC3EF5808EA8757DBF
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign up

Page URL History Show full URLs

  1. https://b2b.acc.gallagher.shopworks-clients.nl/ HTTP 302
    https://b2b.acc.gallagher.shopworks-clients.nl/account/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jira-issue-collector-plugin
  • atlassian\.jira\.collector\.plugin

Page Statistics

11
Requests

91 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

719 kB
Transfer

1991 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://b2b.acc.gallagher.shopworks-clients.nl/ HTTP 302
    https://b2b.acc.gallagher.shopworks-clients.nl/account/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://b2b.acc.gallagher.shopworks-clients.nl/media/5d/74/43/1656418305/demostore-logo_%287%29.png HTTP 302
  • https://b2b.acc.gallagher.shopworks-clients.nl/account/login

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
b2b.acc.gallagher.shopworks-clients.nl/account/
Redirect Chain
  • https://b2b.acc.gallagher.shopworks-clients.nl/
  • https://b2b.acc.gallagher.shopworks-clients.nl/account/login
73 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b2b.acc.gallagher.shopworks-clients.nl/account/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.95.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
production1133-stag.hipex.io
Software
nginx /
Resource Hash
231f2d7c2b4610f49b0a5e7e5f953a47bbc1dda5f12760a3e6a41b5bd138e660
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src-elem * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src-attr * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; style-src * 'unsafe-inline' 'unsafe-hashes'; style-src-elem * 'unsafe-inline' 'unsafe-hashes'; style-src-attr * 'unsafe-inline' 'unsafe-hashes'; img-src * data:; font-src * 'self' data:; connect-src *; media-src *; object-src *; prefetch-src *; child-src *; frame-src *; worker-src data: blob:; frame-ancestors *; form-action *; base-uri *; manifest-src *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store, private
content-encoding
br
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src-elem * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src-attr * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; style-src * 'unsafe-inline' 'unsafe-hashes'; style-src-elem * 'unsafe-inline' 'unsafe-hashes'; style-src-attr * 'unsafe-inline' 'unsafe-hashes'; img-src * data:; font-src * 'self' data:; connect-src *; media-src *; object-src *; prefetch-src *; child-src *; frame-src *; worker-src data: blob:; frame-ancestors *; form-action *; base-uri *; manifest-src *;
content-type
text/html; charset=UTF-8
date
Wed, 29 Jun 2022 09:48:08 GMT
expect-ct
max-age=0
expires
Thu, 01 Jan 1970 00:00:00 GMT
feature-policy
autoplay 'self';
referrer-policy
strict-origin-when-cross-origin no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-environment
Hipex/3 main
x-frame-options
deny
x-xss-protection
1; mode=block;

Redirect headers

age
0
cache-control
no-cache, private
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src-elem * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src-attr * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; style-src * 'unsafe-inline' 'unsafe-hashes'; style-src-elem * 'unsafe-inline' 'unsafe-hashes'; style-src-attr * 'unsafe-inline' 'unsafe-hashes'; img-src * data:; font-src * 'self' data:; connect-src *; media-src *; object-src *; prefetch-src *; child-src *; frame-src *; worker-src data: blob:; frame-ancestors *; form-action *; base-uri *; manifest-src *;
content-type
text/html; charset=UTF-8
date
Wed, 29 Jun 2022 09:48:08 GMT
expect-ct
max-age=0
expires
Wed, 29 Jun 2022 09:48:08 GMT
feature-policy
autoplay 'self';
location
/account/login
referrer-policy
no-referrer-when-downgrade
server
nginx
sw-invalidation-states
x-environment
Hipex/3 main
x-xss-protection
1; mode=block;
all.css
b2b.acc.gallagher.shopworks-clients.nl/theme/37b4646d6c777bbd1070944da10bc45e/css/ 		396 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://b2b.acc.gallagher.shopworks-clients.nl/theme/37b4646d6c777bbd1070944da10bc45e/css/all.css?1656418305405944
Requested by
Host: b2b.acc.gallagher.shopworks-clients.nl
URL: https://b2b.acc.gallagher.shopworks-clients.nl/account/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.95.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
production1133-stag.hipex.io
Software
nginx /
Resource Hash
59d391e2bd6bdbb3ec49e837806d3c0a1ce0b8553029fe4e4bf7508da6aaad7a
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src-elem * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src-attr * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; style-src * 'unsafe-inline' 'unsafe-hashes'; style-src-elem * 'unsafe-inline' 'unsafe-hashes'; style-src-attr * 'unsafe-inline' 'unsafe-hashes'; img-src * data:; font-src * 'self' data:; connect-src *; media-src *; object-src *; prefetch-src *; child-src *; frame-src *; worker-src data: blob:; frame-ancestors *; form-action *; base-uri *; manifest-src *;
X-Xss-Protection 1; mode=block;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://b2b.acc.gallagher.shopworks-clients.nl/account/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 09:48:08 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 28 Jun 2022 12:11:45 GMT
server
nginx
x-environment
Hipex/3 general
etag
W/"62baf001-631b8"
expect-ct
max-age=0
vary
Accept-Encoding
content-type
text/css
feature-policy
autoplay 'self';
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src-elem * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src-attr * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; style-src * 'unsafe-inline' 'unsafe-hashes'; style-src-elem * 'unsafe-inline' 'unsafe-hashes'; style-src-attr * 'unsafe-inline' 'unsafe-hashes'; img-src * data:; font-src * 'self' data:; connect-src *; media-src *; object-src *; prefetch-src *; child-src *; frame-src *; worker-src data: blob:; frame-ancestors *; form-action *; base-uri *; manifest-src *;
x-xss-protection
1; mode=block;
com.atlassian.jira.collector.plugin.jira-issue-collector-plugin:issuecollector.js
b2b-commerce-suite.atlassian.net/s/d41d8cd98f00b204e9800998ecf8427e-T/-x8fh9u/b/3/9edb822e6c4db3635f27806476c088cb/_/download/batch/com.atlassian.jira.collector.plugin.jira-issue-collector-plugin:i... 		293 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b2b-commerce-suite.atlassian.net/s/d41d8cd98f00b204e9800998ecf8427e-T/-x8fh9u/b/3/9edb822e6c4db3635f27806476c088cb/_/download/batch/com.atlassian.jira.collector.plugin.jira-issue-collector-plugin:issuecollector/com.atlassian.jira.collector.plugin.jira-issue-collector-plugin:issuecollector.js?locale=de-DE&collectorId=14472e02
Requested by
Host: b2b.acc.gallagher.shopworks-clients.nl
URL: https://b2b.acc.gallagher.shopworks-clients.nl/account/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.166.143.38 Amsterdam, Netherlands, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
globaledge-envoy /
Resource Hash
71e41fbf7de3b970aa2b660d950a97268727754bce05029849b7d0eeb179d9c0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://b2b.acc.gallagher.shopworks-clients.nl/account/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 09:48:08 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "endpoint-1", "max_age": 600, "include_subdomains": true, "failure_fraction": 0.001}
atl-traceid
50031f07a0a2287c
x-arequestid
2a1abba0-6d28-41c2-ba34-a94d42ae3ee2
x-envoy-upstream-service-time
59
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
globaledge-envoy
etag
W/"976112326"
expect-ct
report-uri="https://web-security-reports.services.atlassian.com/expect-ct-report/atlassian-proxy", max-age=86400
strict-transport-security
max-age=63072000; preload
report-to
{"group": "endpoint-1", "max_age": 600, "endpoints": [{"url": "https://dj9s4kmieytgz.cloudfront.net"}], "include_subdomains": true}
content-type
application/javascript;charset=UTF-8
cache-control
max-age=600,public
timing-allow-origin
*
expires
Thu, 01 Jan 1970 00:00:00 GMT
login
b2b.acc.gallagher.shopworks-clients.nl/account/
Redirect Chain
  • https://b2b.acc.gallagher.shopworks-clients.nl/media/5d/74/43/1656418305/demostore-logo_%287%29.png
  • https://b2b.acc.gallagher.shopworks-clients.nl/account/login
73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b2b.acc.gallagher.shopworks-clients.nl/account/login
Requested by
Host: b2b.acc.gallagher.shopworks-clients.nl
URL: https://b2b.acc.gallagher.shopworks-clients.nl/account/login
Protocol
H2
Server
162.55.95.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
production1133-stag.hipex.io
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src-elem * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src-attr * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; style-src * 'unsafe-inline' 'unsafe-hashes'; style-src-elem * 'unsafe-inline' 'unsafe-hashes'; style-src-attr * 'unsafe-inline' 'unsafe-hashes'; img-src * data:; font-src * 'self' data:; connect-src *; media-src *; object-src *; prefetch-src *; child-src *; frame-src *; worker-src data: blob:; frame-ancestors *; form-action *; base-uri *; manifest-src *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://b2b.acc.gallagher.shopworks-clients.nl/account/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 09:48:09 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin, no-referrer-when-downgrade
server
nginx
x-environment
Hipex/3 main
x-frame-options
deny
expect-ct
max-age=0
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-store, private
feature-policy
autoplay 'self';
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src-elem * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src-attr * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; style-src * 'unsafe-inline' 'unsafe-hashes'; style-src-elem * 'unsafe-inline' 'unsafe-hashes'; style-src-attr * 'unsafe-inline' 'unsafe-hashes'; img-src * data:; font-src * 'self' data:; connect-src *; media-src *; object-src *; prefetch-src *; child-src *; frame-src *; worker-src data: blob:; frame-ancestors *; form-action *; base-uri *; manifest-src *;
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 29 Jun 2022 09:48:09 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx
x-environment
Hipex/3 main
expect-ct
max-age=0
content-type
text/html; charset=UTF-8
location
/account/login
cache-control
no-cache, private
feature-policy
autoplay 'self';
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src-elem * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src-attr * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; style-src * 'unsafe-inline' 'unsafe-hashes'; style-src-elem * 'unsafe-inline' 'unsafe-hashes'; style-src-attr * 'unsafe-inline' 'unsafe-hashes'; img-src * data:; font-src * 'self' data:; connect-src *; media-src *; object-src *; prefetch-src *; child-src *; frame-src *; worker-src data: blob:; frame-ancestors *; form-action *; base-uri *; manifest-src *;
x-xss-protection
1; mode=block;
expires
Wed, 29 Jun 2022 09:48:09 GMT
all.js
b2b.acc.gallagher.shopworks-clients.nl/theme/37b4646d6c777bbd1070944da10bc45e/js/ 		848 KB
194 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b2b.acc.gallagher.shopworks-clients.nl/theme/37b4646d6c777bbd1070944da10bc45e/js/all.js?1656418305868678
Requested by
Host: b2b.acc.gallagher.shopworks-clients.nl
URL: https://b2b.acc.gallagher.shopworks-clients.nl/account/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.95.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
production1133-stag.hipex.io
Software
nginx /
Resource Hash
5097fc93ff7b2d731f30fda18e36de5f23e6488e7ecb06dd6096e14ffbb06c00
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src-elem * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src-attr * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; style-src * 'unsafe-inline' 'unsafe-hashes'; style-src-elem * 'unsafe-inline' 'unsafe-hashes'; style-src-attr * 'unsafe-inline' 'unsafe-hashes'; img-src * data:; font-src * 'self' data:; connect-src *; media-src *; object-src *; prefetch-src *; child-src *; frame-src *; worker-src data: blob:; frame-ancestors *; form-action *; base-uri *; manifest-src *;
X-Xss-Protection 1; mode=block;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://b2b.acc.gallagher.shopworks-clients.nl/account/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 09:48:08 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 28 Jun 2022 12:11:45 GMT
server
nginx
x-environment
Hipex/3 general
etag
W/"62baf001-d4146"
expect-ct
max-age=0
vary
Accept-Encoding
content-type
application/x-javascript
feature-policy
autoplay 'self';
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src-elem * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src-attr * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; style-src * 'unsafe-inline' 'unsafe-hashes'; style-src-elem * 'unsafe-inline' 'unsafe-hashes'; style-src-attr * 'unsafe-inline' 'unsafe-hashes'; img-src * data:; font-src * 'self' data:; connect-src *; media-src *; object-src *; prefetch-src *; child-src *; frame-src *; worker-src data: blob:; frame-ancestors *; form-action *; base-uri *; manifest-src *;
x-xss-protection
1; mode=block;
Inter-Regular.woff2
b2b.acc.gallagher.shopworks-clients.nl/theme/37b4646d6c777bbd1070944da10bc45e/assets/font/ 		98 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://b2b.acc.gallagher.shopworks-clients.nl/theme/37b4646d6c777bbd1070944da10bc45e/assets/font/Inter-Regular.woff2
Requested by
Host: b2b.acc.gallagher.shopworks-clients.nl
URL: https://b2b.acc.gallagher.shopworks-clients.nl/theme/37b4646d6c777bbd1070944da10bc45e/css/all.css?1656418305405944
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.95.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
production1133-stag.hipex.io
Software
nginx /
Resource Hash
77677cd3d62f53fce403b743c6ab0dfacf6109cfa5f2c511a57b0779222c76de

Request headers

Referer
https://b2b.acc.gallagher.shopworks-clients.nl/theme/37b4646d6c777bbd1070944da10bc45e/css/all.css?1656418305405944
Origin
https://b2b.acc.gallagher.shopworks-clients.nl
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 09:48:09 GMT
content-encoding
br
last-modified
Tue, 28 Jun 2022 12:11:45 GMT
server
nginx
etag
W/"62baf001-186f8"
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=315360000, public
expires
Thu, 31 Dec 2037 23:55:55 GMT
Inter-SemiBold.woff2
b2b.acc.gallagher.shopworks-clients.nl/theme/37b4646d6c777bbd1070944da10bc45e/assets/font/ 		105 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://b2b.acc.gallagher.shopworks-clients.nl/theme/37b4646d6c777bbd1070944da10bc45e/assets/font/Inter-SemiBold.woff2
Requested by
Host: b2b.acc.gallagher.shopworks-clients.nl
URL: https://b2b.acc.gallagher.shopworks-clients.nl/theme/37b4646d6c777bbd1070944da10bc45e/css/all.css?1656418305405944
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.95.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
production1133-stag.hipex.io
Software
nginx /
Resource Hash
e9bb1331830a18e2504d966f1fa931e711cad726e454722f324d63534cec97d9

Request headers

Referer
https://b2b.acc.gallagher.shopworks-clients.nl/theme/37b4646d6c777bbd1070944da10bc45e/css/all.css?1656418305405944
Origin
https://b2b.acc.gallagher.shopworks-clients.nl
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 09:48:09 GMT
content-encoding
br
last-modified
Tue, 28 Jun 2022 12:11:45 GMT
server
nginx
etag
W/"62baf001-1a2b0"
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=315360000, public
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		113 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
732703ae6fbff9108df105187da531c48e1268d476dc7420abcb9e3ee9de0330

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
Inter-Bold.woff2
b2b.acc.gallagher.shopworks-clients.nl/theme/37b4646d6c777bbd1070944da10bc45e/assets/font/ 		105 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://b2b.acc.gallagher.shopworks-clients.nl/theme/37b4646d6c777bbd1070944da10bc45e/assets/font/Inter-Bold.woff2
Requested by
Host: b2b.acc.gallagher.shopworks-clients.nl
URL: https://b2b.acc.gallagher.shopworks-clients.nl/theme/37b4646d6c777bbd1070944da10bc45e/css/all.css?1656418305405944
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.95.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
production1133-stag.hipex.io
Software
nginx /
Resource Hash
20fd98b18d523471ae687971086817766649ce25f32e438d14711561a95bc9e9

Request headers

Referer
https://b2b.acc.gallagher.shopworks-clients.nl/theme/37b4646d6c777bbd1070944da10bc45e/css/all.css?1656418305405944
Origin
https://b2b.acc.gallagher.shopworks-clients.nl
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 09:48:09 GMT
content-encoding
br
last-modified
Tue, 28 Jun 2022 12:11:45 GMT
server
nginx
etag
W/"62baf001-1a324"
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=315360000, public
expires
Thu, 31 Dec 2037 23:55:55 GMT
14472e02
b2b-commerce-suite.atlassian.net/rest/collectors/1.0/configuration/trigger/ 		163 B
421 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b2b-commerce-suite.atlassian.net/rest/collectors/1.0/configuration/trigger/14472e02?os_authType=none&callback=trigger_14472e02
Requested by
Host: b2b-commerce-suite.atlassian.net
URL: https://b2b-commerce-suite.atlassian.net/s/d41d8cd98f00b204e9800998ecf8427e-T/-x8fh9u/b/3/9edb822e6c4db3635f27806476c088cb/_/download/batch/com.atlassian.jira.collector.plugin.jira-issue-collector-plugin:issuecollector/com.atlassian.jira.collector.plugin.jira-issue-collector-plugin:issuecollector.js?locale=de-DE&collectorId=14472e02
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.166.143.38 Amsterdam, Netherlands, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
globaledge-envoy /
Resource Hash
bc0ca5b89bf98c6f18d53f223b3dfb2d5b2d74cf38dfae844032439b01383a82
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://b2b.acc.gallagher.shopworks-clients.nl/account/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 09:48:09 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "endpoint-1", "max_age": 600, "include_subdomains": true, "failure_fraction": 0.001}
atl-traceid
7a850d0295c17183
x-arequestid
a360b403-5587-4be8-a43d-fbb1e55bd221
x-envoy-upstream-service-time
27
vary
Accept-Encoding
x-xss-protection
1; mode=block
server
globaledge-envoy
expect-ct
report-uri="https://web-security-reports.services.atlassian.com/expect-ct-report/atlassian-proxy", max-age=86400
strict-transport-security
max-age=63072000; preload
report-to
{"group": "endpoint-1", "max_age": 600, "endpoints": [{"url": "https://dj9s4kmieytgz.cloudfront.net"}], "include_subdomains": true}
content-type
application/x-javascript;charset=UTF-8
cache-control
no-transform, max-age=3600
timing-allow-origin
*
expires
Wed, 29 Jun 2022 10:48:09 GMT
country-state-data
b2b.acc.gallagher.shopworks-clients.nl/country/ 		35 B
927 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b2b.acc.gallagher.shopworks-clients.nl/country/country-state-data
Requested by
Host: b2b.acc.gallagher.shopworks-clients.nl
URL: https://b2b.acc.gallagher.shopworks-clients.nl/theme/37b4646d6c777bbd1070944da10bc45e/js/all.js?1656418305868678
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.95.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
production1133-stag.hipex.io
Software
nginx /
Resource Hash
9be01e311646c6de66aa874c62b7b35886439a3726d2a5646810d3c898be777e
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src-elem * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src-attr * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; style-src * 'unsafe-inline' 'unsafe-hashes'; style-src-elem * 'unsafe-inline' 'unsafe-hashes'; style-src-attr * 'unsafe-inline' 'unsafe-hashes'; img-src * data:; font-src * 'self' data:; connect-src *; media-src *; object-src *; prefetch-src *; child-src *; frame-src *; worker-src data: blob:; frame-ancestors *; form-action *; base-uri *; manifest-src *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block;

Request headers

Referer
https://b2b.acc.gallagher.shopworks-clients.nl/account/login
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/json

Response headers

date
Wed, 29 Jun 2022 09:48:09 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin, no-referrer-when-downgrade
server
nginx
x-environment
Hipex/3 main
x-frame-options
deny
expect-ct
max-age=0
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache, private
feature-policy
autoplay 'self';
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src-elem * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src-attr * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; style-src * 'unsafe-inline' 'unsafe-hashes'; style-src-elem * 'unsafe-inline' 'unsafe-hashes'; style-src-attr * 'unsafe-inline' 'unsafe-hashes'; img-src * data:; font-src * 'self' data:; connect-src *; media-src *; object-src *; prefetch-src *; child-src *; frame-src *; worker-src data: blob:; frame-ancestors *; form-action *; base-uri *; manifest-src *;
expires
Wed, 29 Jun 2022 09:48:09 GMT
country-state-data
b2b.acc.gallagher.shopworks-clients.nl/country/ 		35 B
927 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b2b.acc.gallagher.shopworks-clients.nl/country/country-state-data
Requested by
Host: b2b.acc.gallagher.shopworks-clients.nl
URL: https://b2b.acc.gallagher.shopworks-clients.nl/theme/37b4646d6c777bbd1070944da10bc45e/js/all.js?1656418305868678
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.95.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
production1133-stag.hipex.io
Software
nginx /
Resource Hash
9be01e311646c6de66aa874c62b7b35886439a3726d2a5646810d3c898be777e
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src-elem * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src-attr * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; style-src * 'unsafe-inline' 'unsafe-hashes'; style-src-elem * 'unsafe-inline' 'unsafe-hashes'; style-src-attr * 'unsafe-inline' 'unsafe-hashes'; img-src * data:; font-src * 'self' data:; connect-src *; media-src *; object-src *; prefetch-src *; child-src *; frame-src *; worker-src data: blob:; frame-ancestors *; form-action *; base-uri *; manifest-src *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block;

Request headers

Referer
https://b2b.acc.gallagher.shopworks-clients.nl/account/login
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/json

Response headers

date
Wed, 29 Jun 2022 09:48:09 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin, no-referrer-when-downgrade
server
nginx
x-environment
Hipex/3 main
x-frame-options
deny
expect-ct
max-age=0
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache, private
feature-policy
autoplay 'self';
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src-elem * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src-attr * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; style-src * 'unsafe-inline' 'unsafe-hashes'; style-src-elem * 'unsafe-inline' 'unsafe-hashes'; style-src-attr * 'unsafe-inline' 'unsafe-hashes'; img-src * data:; font-src * 'self' data:; connect-src *; media-src *; object-src *; prefetch-src *; child-src *; frame-src *; worker-src data: blob:; frame-ancestors *; form-action *; base-uri *; manifest-src *;
expires
Wed, 29 Jun 2022 09:48:09 GMT

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| features function| $ function| jQuery string| activeNavigationId object| router string| storeApiProxyToken string| salesChannelId object| breakpoints object| csrf object| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime object| picturefillCFG function| picturefill function| PluginConfigManager function| PluginManager function| PluginBaseClass function| Hammer function| flatpickr object| eventEmitter function| storeApiClient function| Feature undefined| trigger_14472e02

6 Cookies

Domain/Path Name / Value
b2b.acc.gallagher.shopworks-clients.nl/ Name: session-
Value: 25e62031c8cbd2b15cf543cc7ec5bcd3
b2b.acc.gallagher.shopworks-clients.nl/ Name: timezone
Value: Etc/Unknown
b2b-commerce-suite.atlassian.net/ Name: atlassian.xsrf.token
Value: 6c4c0a44-ab89-4966-91a2-4670634f0bb3_32050fc59f1703c6136bab30b3b7c7066db1659e_lout
b2b.acc.gallagher.shopworks-clients.nl/ Name: csrf[frontend.account.login]
Value: 23f.Igvne4TrdaX2H33POmjLEGEZCrmsDEcukp-6qh4ia-Y.RFONLP6ITO24KRKDCA6RYSB2QfTFfhJ99-jpyXBnMalSYrgz3oxN3aFmEg
b2b.acc.gallagher.shopworks-clients.nl/ Name: csrf[frontend.account.register.save]
Value: 2f625f7104af37fb5e92bde05eadf.fCYFve6ksKBQbD02ss-KhzF-Dl6BLhm5inpN-OR_Zt4.TQtz7auUnZlmIllY6PrOswAzSw7Rdirp2Rx_jNYNHK8OcUHLlpDe6hYnDQ
b2b.acc.gallagher.shopworks-clients.nl/ Name: csrf[frontend.store-api.proxy]
Value: d598a.xLwf7STpwnuRwGW7KKjUInx6hoyD2diGIhBGZLf4QN4.joxRl3u9uzD1jSHuf8WeYzAA3rjr7qD_dmQtAseyCojw_TKMSLmFFdyqDg

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src-elem * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; script-src-attr * 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval'; style-src * 'unsafe-inline' 'unsafe-hashes'; style-src-elem * 'unsafe-inline' 'unsafe-hashes'; style-src-attr * 'unsafe-inline' 'unsafe-hashes'; img-src * data:; font-src * 'self' data:; connect-src *; media-src *; object-src *; prefetch-src *; child-src *; frame-src *; worker-src data: blob:; frame-ancestors *; form-action *; base-uri *; manifest-src *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block;