back-office.test-01.vertexgateway.com Open in urlscan Pro
34.147.46.29 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://back-office.test-01.vertexgateway.com/
Submission: On July 04 via automatic, source certstream-suspicious (July 4th 2024, 3:22:00 am UTC) — Scanned from NL

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 34.147.46.29, located in Groningen, Netherlands and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is back-office.test-01.vertexgateway.com.
TLS certificate: Issued by R11 on July 3rd 2024. Valid for: 3 months.

This is the only time back-office.test-01.vertexgateway.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
11	34.147.46.29 34.147.46.29		396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
11	2

11 34.147.46.29 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 29.46.147.34.bc.googleusercontent.com

back-office.test-01.vertexgateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	vertexgateway.com back-office.test-01.vertexgateway.com	336 KB
11	1

	Domain	Requested by
11	back-office.test-01.vertexgateway.com	back-office.test-01.vertexgateway.com
11	1

This site contains no links.

Subject Issuer	Validity	Valid
back-office.test-01.vertexgateway.com R11	`2024-07-03` - `2024-10-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://back-office.test-01.vertexgateway.com/
Frame ID: D6BB2E788114927DA09E5703F8DEF148
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login - Back Office

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

365 kB
Transfer

976 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
back-office.test-01.vertexgateway.com/ 1 KB
1 KB 80ms
23ms Document
text/html 34.147.46.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://back-office.test-01.vertexgateway.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.147.46.29 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

29.46.147.34.bc.googleusercontent.com

Software

Resource Hash

9731a62a8861bd1a9ceb2c862f7afa39a25efe6abd0dbc006faa0ff057135103

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: https:;script-src 'self';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-security-policy: img-src 'self' data: https:;script-src 'self';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Thu, 04 Jul 2024 03:21:55 GMT
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-my-custom-header: Allow
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 index-B-UYeCV8.js Show response
back-office.test-01.vertexgateway.com/assets/ 187 KB
60 KB 27ms
24ms Script
application/javascript 34.147.46.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://back-office.test-01.vertexgateway.com/assets/index-B-UYeCV8.js

Requested by

Host: back-office.test-01.vertexgateway.com
URL: https://back-office.test-01.vertexgateway.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.147.46.29 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

29.46.147.34.bc.googleusercontent.com

Software

Resource Hash

918d020ef0c5d5b88708e935da15a2776c1ae575985211159793d3080ed8d03e

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: https:;script-src 'self';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://back-office.test-01.vertexgateway.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:21:55 GMT
content-security-policy: img-src 'self' data: https:;script-src 'self';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 02 Jul 2024 13:54:50 GMT
x-my-custom-header: Allow
cross-origin-opener-policy: same-origin
etag: W/"2ed42-19073ba0810"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 vendor-CH9KqFa3.js Show response
back-office.test-01.vertexgateway.com/assets/ 523 KB
162 KB 46ms
43ms Script
application/javascript 34.147.46.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://back-office.test-01.vertexgateway.com/assets/vendor-CH9KqFa3.js

Requested by

Host: back-office.test-01.vertexgateway.com
URL: https://back-office.test-01.vertexgateway.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.147.46.29 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

29.46.147.34.bc.googleusercontent.com

Software

Resource Hash

c92ef173f041a94ab1d9027215ccae80c03b3b7c49ac7d379522cfbd257862ec

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: https:;script-src 'self';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://back-office.test-01.vertexgateway.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:21:55 GMT
content-security-policy: img-src 'self' data: https:;script-src 'self';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 02 Jul 2024 13:54:50 GMT
x-my-custom-header: Allow
cross-origin-opener-policy: same-origin
etag: W/"82b94-19073ba0810"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 vendor-CK3xsyOP.css
back-office.test-01.vertexgateway.com/assets/ 195 KB
100 KB 85ms
82ms Stylesheet
text/css 34.147.46.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://back-office.test-01.vertexgateway.com/assets/vendor-CK3xsyOP.css

Requested by

Host: back-office.test-01.vertexgateway.com
URL: https://back-office.test-01.vertexgateway.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.147.46.29 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

29.46.147.34.bc.googleusercontent.com

Software

Resource Hash

3a78c3466a61bc1aa89e97caaaf42c39779fe3be4143a6e95de38364fa934073

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: https:;script-src 'self';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://back-office.test-01.vertexgateway.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:21:55 GMT
content-security-policy: img-src 'self' data: https:;script-src 'self';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 02 Jul 2024 13:54:50 GMT
x-my-custom-header: Allow
cross-origin-opener-policy: same-origin
etag: W/"30d4c-19073ba0810"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 index-JD65qxUp.css
back-office.test-01.vertexgateway.com/assets/ 28 KB
5 KB 25ms
23ms Stylesheet
text/css 34.147.46.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://back-office.test-01.vertexgateway.com/assets/index-JD65qxUp.css

Requested by

Host: back-office.test-01.vertexgateway.com
URL: https://back-office.test-01.vertexgateway.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.147.46.29 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

29.46.147.34.bc.googleusercontent.com

Software

Resource Hash

549ae488023f2ab869d2d21ae64f542326b7156e7ea1d8cf1dea642799557924

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: https:;script-src 'self';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://back-office.test-01.vertexgateway.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:21:55 GMT
content-security-policy: img-src 'self' data: https:;script-src 'self';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 02 Jul 2024 13:54:50 GMT
x-my-custom-header: Allow
cross-origin-opener-policy: same-origin
etag: W/"7031-19073ba0810"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 403 current Show response
back-office.test-01.vertexgateway.com/gateway/internal/v1/users/ 6 KB
2 KB 42ms
41ms Fetch
application/json 34.147.46.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://back-office.test-01.vertexgateway.com/gateway/internal/v1/users/current

Requested by

Host: back-office.test-01.vertexgateway.com
URL: https://back-office.test-01.vertexgateway.com/assets/index-B-UYeCV8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.147.46.29 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

29.46.147.34.bc.googleusercontent.com

Software

Resource Hash

47e62dc3e2e1eaf4ca7c22c03def35d235f0f44f65d03329efd73ee9386026a9

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: https:;script-src 'self';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:21:56 GMT
content-security-policy: img-src 'self' data: https:;script-src 'self';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
x-my-custom-header: Allow
cross-origin-opener-policy: same-origin
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
origin-agent-cluster: ?1
cache-control: no-cache, private

GET
H2 200 favicon-32x32-BEItDHPD.png
back-office.test-01.vertexgateway.com/assets/ 939 B
2 KB 24ms
24ms Other
image/png 34.147.46.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://back-office.test-01.vertexgateway.com/assets/favicon-32x32-BEItDHPD.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.147.46.29 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

29.46.147.34.bc.googleusercontent.com

Software

Resource Hash

6758ffa0e87ce3d45024b873176190804a45ef644b19c61d9809db66e1801f4e

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: https:;script-src 'self';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:21:56 GMT
content-security-policy: img-src 'self' data: https:;script-src 'self';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 939
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 02 Jul 2024 13:54:50 GMT
x-my-custom-header: Allow
cross-origin-opener-policy: same-origin
etag: W/"3ab-19073ba0810"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/png
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 LoginPage-H6kIL_tN.js Show response
back-office.test-01.vertexgateway.com/assets/ 3 KB
2 KB 29ms
26ms Script
application/javascript 34.147.46.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://back-office.test-01.vertexgateway.com/assets/LoginPage-H6kIL_tN.js

Requested by

Host: back-office.test-01.vertexgateway.com
URL: https://back-office.test-01.vertexgateway.com/assets/vendor-CH9KqFa3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.147.46.29 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

29.46.147.34.bc.googleusercontent.com

Software

Resource Hash

352f47793e2ac748acb178756a723ce12e43b93dd177a68846e92443b4ab8d93

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: https:;script-src 'self';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://back-office.test-01.vertexgateway.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:21:56 GMT
content-security-policy: img-src 'self' data: https:;script-src 'self';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 02 Jul 2024 13:54:50 GMT
x-my-custom-header: Allow
cross-origin-opener-policy: same-origin
etag: W/"c54-19073ba0810"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 userLoginFormSchema-DEAJluBG.js Show response
back-office.test-01.vertexgateway.com/assets/ 429 B
1 KB 28ms
24ms Script
application/javascript 34.147.46.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://back-office.test-01.vertexgateway.com/assets/userLoginFormSchema-DEAJluBG.js

Requested by

Host: back-office.test-01.vertexgateway.com
URL: https://back-office.test-01.vertexgateway.com/assets/vendor-CH9KqFa3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.147.46.29 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

29.46.147.34.bc.googleusercontent.com

Software

Resource Hash

88cb2913ce9c702bbd0e91cee190032a6b178fc85586060d1d7d3b87127f1a03

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: https:;script-src 'self';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://back-office.test-01.vertexgateway.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:21:56 GMT
content-security-policy: img-src 'self' data: https:;script-src 'self';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 429
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 02 Jul 2024 13:54:50 GMT
x-my-custom-header: Allow
cross-origin-opener-policy: same-origin
etag: W/"1ad-19073ba0810"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 LoginPage-BMl7jpUV.css
back-office.test-01.vertexgateway.com/assets/ 1 KB
1 KB 27ms
25ms Stylesheet
text/css 34.147.46.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://back-office.test-01.vertexgateway.com/assets/LoginPage-BMl7jpUV.css

Requested by

Host: back-office.test-01.vertexgateway.com
URL: https://back-office.test-01.vertexgateway.com/assets/vendor-CH9KqFa3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.147.46.29 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

29.46.147.34.bc.googleusercontent.com

Software

Resource Hash

7daa5cac5f36a0de022a1dd98c0aad7ccd91e49710cb04f9c45230c40d947d8f

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: https:;script-src 'self';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:21:56 GMT
content-security-policy: img-src 'self' data: https:;script-src 'self';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 02 Jul 2024 13:54:50 GMT
x-my-custom-header: Allow
cross-origin-opener-policy: same-origin
etag: W/"559-19073ba0810"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 favicon-32x32-BEItDHPD.png
back-office.test-01.vertexgateway.com/assets/ 939 B
649 B 24ms
23ms Other
image/png 34.147.46.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://back-office.test-01.vertexgateway.com/assets/favicon-32x32-BEItDHPD.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.147.46.29 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

29.46.147.34.bc.googleusercontent.com

Software

Resource Hash

6758ffa0e87ce3d45024b873176190804a45ef644b19c61d9809db66e1801f4e

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data: https:;script-src 'self';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 03:21:56 GMT
content-security-policy: img-src 'self' data: https:;script-src 'self';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 939
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 02 Jul 2024 13:54:50 GMT
x-my-custom-header: Allow
cross-origin-opener-policy: same-origin
etag: W/"3ab-19073ba0810"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/png
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 29 KB
29 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb329a2d91fd9d5d2c5e5652b45a7af01aa6cbc0c7c1caa4846e60a8b43c4bf3

Request headers

Referer
Origin: https://back-office.test-01.vertexgateway.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://back-office.test-01.vertexgateway.com/gateway/internal/v1/users/current Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	img-src 'self' data: https:;script-src 'self';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

back-office.test-01.vertexgateway.com
34.147.46.29
352f47793e2ac748acb178756a723ce12e43b93dd177a68846e92443b4ab8d93
3a78c3466a61bc1aa89e97caaaf42c39779fe3be4143a6e95de38364fa934073
47e62dc3e2e1eaf4ca7c22c03def35d235f0f44f65d03329efd73ee9386026a9
549ae488023f2ab869d2d21ae64f542326b7156e7ea1d8cf1dea642799557924
6758ffa0e87ce3d45024b873176190804a45ef644b19c61d9809db66e1801f4e
7daa5cac5f36a0de022a1dd98c0aad7ccd91e49710cb04f9c45230c40d947d8f
88cb2913ce9c702bbd0e91cee190032a6b178fc85586060d1d7d3b87127f1a03
918d020ef0c5d5b88708e935da15a2776c1ae575985211159793d3080ed8d03e
9731a62a8861bd1a9ceb2c862f7afa39a25efe6abd0dbc006faa0ff057135103
bb329a2d91fd9d5d2c5e5652b45a7af01aa6cbc0c7c1caa4846e60a8b43c4bf3
c92ef173f041a94ab1d9027215ccae80c03b3b7c49ac7d379522cfbd257862ec

back-office.test-01.vertexgateway.com Open in urlscan Pro 34.147.46.29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

11 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

365 kBTransfer

976 kBSize

0 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

back-office.test-01.vertexgateway.com Open in urlscan Pro
34.147.46.29 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

365 kB
Transfer

976 kB
Size

0
Cookies

11 HTTP transactions
1 data transactions