urlscan.io logo urlscan.io
SecurityTrails logo

oauth.venpay.eu Open in urlscan Pro
2a00:1450:4001:801::2013  Public Scan

Go To Rescan Add Verdict Report
URL: https://oauth.venpay.eu/
Submission: On July 12 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 18 HTTP transactions. The main IP is 2a00:1450:4001:801::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is oauth.venpay.eu.
TLS certificate: Issued by WR3 on July 11th 2024. Valid for: 3 months.
This is the only time oauth.venpay.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:133... 15133 (EDGECAST)
2 20.50.88.238 8075 (MICROSOFT...)
18 8
7    2a00:1450:4001:801::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
oauth.venpay.eu
3    2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
2    20.50.88.238 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
7 venpay.eu
oauth.venpay.eu
6 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 352
47 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 531
200 B
2 gstatic.com
www.gstatic.com
62 KB
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2374
22 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 736
24 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1156
11 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 74
775 B
18 8
Domain Requested by
7 oauth.venpay.eu oauth.venpay.eu
3 cdn.jsdelivr.net oauth.venpay.eu
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 www.gstatic.com oauth.venpay.eu
1 az416426.vo.msecnd.net oauth.venpay.eu
1 code.jquery.com oauth.venpay.eu
1 use.fontawesome.com oauth.venpay.eu
1 fonts.googleapis.com oauth.venpay.eu
18 8

This site contains no links.

Subject Issuer Validity Valid
oauth.venpay.eu
WR3		 2024-07-11 -
2024-10-09		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-06-06 -
2025-06-06		 a year crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-24 -
2025-06-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://oauth.venpay.eu/
Frame ID: B932E752207FBE320EDFA280510F49A4
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

coffeecApp for Web

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

18
Requests

100 %
HTTPS

88 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

174 kB
Transfer

655 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
oauth.venpay.eu/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oauth.venpay.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
fb17acf84bc7716a8e863597651000599431a8226ea2cf2a87b69b6aeb253cee
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' *.venpay.eu *.bitx.com pay.google.com *.googleapis.com *.fontawesome.com google.com;base-uri 'self';font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data: *.gstatic.com *.googleapis.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net cdn.jsdelivr.net code.jquery.com *.gstatic.com *.fontawesome.com js.monitor.azure.com google.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' *.applicationinsights.azure.com *.visualstudio.com *.fontawesome.com google.com
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-encoding
gzip
content-length
1038
content-security-policy
default-src 'self' 'unsafe-inline' *.venpay.eu *.bitx.com pay.google.com *.googleapis.com *.fontawesome.com google.com;base-uri 'self';font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data: *.gstatic.com *.googleapis.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net cdn.jsdelivr.net code.jquery.com *.gstatic.com *.fontawesome.com js.monitor.azure.com google.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' *.applicationinsights.azure.com *.visualstudio.com *.fontawesome.com google.com
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Fri, 12 Jul 2024 06:14:23 GMT
etag
W/"85c-HRrmiPlrNTIKzlpyEPbD1MZG7Wg"
expires
0
origin-agent-cluster
?1
referrer-policy
no-referrer
server
Google Frontend
strict-transport-security
max-age=15552000; includeSubDomains
surrogate-control
no-store
vary
Accept-Encoding
x-cloud-trace-context
d3ba47e8cf61f5fc94032f21c70d9961
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ 		157 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css
Requested by
Host: oauth.venpay.eu
URL: https://oauth.venpay.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://oauth.venpay.eu
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 06:14:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5940004
x-jsd-version
4.5.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
23906
x-served-by
cache-fra-etou8220099-FRA, cache-lga21974-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o5KEpwpGHR6YlB7ccKLFLTMtOdgvpbp2cYlV6F9GLR75K27j9YHy9omOjmuvefEWlfdlcSf6tyP3OoXnoAPB%2BtGKUqwtiPJog38NzgMNRL7p7haBBFakaIqlTtMX042tUd4DkptWY2WGHJF2fjU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a1ee48ea8c137dd-FRA
icon
fonts.googleapis.com/ 		569 B
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: oauth.venpay.eu
URL: https://oauth.venpay.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Jul 2024 06:14:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Jul 2024 06:14:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Jul 2024 06:14:23 GMT
all.css
use.fontawesome.com/releases/v5.3.1/css/ 		48 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.3.1/css/all.css
Requested by
Host: oauth.venpay.eu
URL: https://oauth.venpay.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9

Request headers

Referer
Origin
https://oauth.venpay.eu
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 06:14:23 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:45:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"10519cfd3206802f58315b877a9beab5"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BBOgbdzQ61HQGPSDG%2BawZKFrgAh0Mu2l7urFiFJB8VH9XtBEEJ%2BOdb6fEx5UxHDl54Z7eX9On8Q6VpyilSA0OvNzXlh8Y6DDYcsFnOC0XIKtwq4I59y%2F49x2Z%2FFkotSskav%2BzRTx99bQHgp8l6fBYMEF"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
8a1ee48eab949f30-FRA
alt-svc
h3=":443"; ma=86400
ccappStyle.css
oauth.venpay.eu/stylesheets/ 		928 B
465 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oauth.venpay.eu/stylesheets/ccappStyle.css
Requested by
Host: oauth.venpay.eu
URL: https://oauth.venpay.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
9ce968858d9107162a31b122b5310d35872a435d2d3015a44706a468ad4ec4d6
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' *.venpay.eu *.bitx.com pay.google.com *.googleapis.com *.fontawesome.com google.com;base-uri 'self';font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data: *.gstatic.com *.googleapis.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net cdn.jsdelivr.net code.jquery.com *.gstatic.com *.fontawesome.com js.monitor.azure.com google.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' *.applicationinsights.azure.com *.visualstudio.com *.fontawesome.com google.com
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' *.venpay.eu *.bitx.com pay.google.com *.googleapis.com *.fontawesome.com google.com;base-uri 'self';font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data: *.gstatic.com *.googleapis.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net cdn.jsdelivr.net code.jquery.com *.gstatic.com *.fontawesome.com js.monitor.azure.com google.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' *.applicationinsights.azure.com *.visualstudio.com *.fontawesome.com google.com
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Fri, 12 Jul 2024 06:14:23 GMT
content-encoding
gzip
x-permitted-cross-domain-policies
none
surrogate-control
no-store
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
content-length
301
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
cross-origin-opener-policy
same-origin
etag
W/"3a0-49773873e8"
x-download-options
noopen
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
origin-agent-cluster
?1
x-cloud-trace-context
678512f977f776947fa19b7b77d8dea2
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
expires
0
jquery-3.5.1.slim.min.js
code.jquery.com/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.slim.min.js
Requested by
Host: oauth.venpay.eu
URL: https://oauth.venpay.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db

Request headers

Referer
Origin
https://oauth.venpay.eu
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 06:14:23 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
12683359
x-cache
HIT, HIT
content-length
24606
x-served-by
cache-lga21954-LGA, cache-fra-etou8220074-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1720764864.782628,VS0,VE0
etag
W/"28feccc0-11abc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
17, 2495
firebase-app.js
www.gstatic.com/firebasejs/8.0.0/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.0.0/firebase-app.js
Requested by
Host: oauth.venpay.eu
URL: https://oauth.venpay.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15be51c050eb413012120d2f5fb436dcab1074fc34f414634a799f4d1d124567
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 19:56:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37096
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6538
x-xss-protection
0
last-modified
Mon, 26 Oct 2020 20:17:37 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 11 Jul 2025 19:56:07 GMT
firebase-auth.js
www.gstatic.com/firebasejs/8.0.0/ 		172 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.0.0/firebase-auth.js
Requested by
Host: oauth.venpay.eu
URL: https://oauth.venpay.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1e27d5ee75dadcbce5c9c6922271d39430c0023c6201e28584044cbe30e75dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 10:01:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
245565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56120
x-xss-protection
0
last-modified
Mon, 26 Oct 2020 20:17:40 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Jul 2025 10:01:38 GMT
init.production.min.js
oauth.venpay.eu/js/ 		296 B
357 B 		Script
General
Check archive.org
Download Go to
Full URL
https://oauth.venpay.eu/js/init.production.min.js
Requested by
Host: oauth.venpay.eu
URL: https://oauth.venpay.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
94be3cee06cd7931123b9d2b32888cf7062289d353ed4064a93c98e414a0b795
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' *.venpay.eu *.bitx.com pay.google.com *.googleapis.com *.fontawesome.com google.com;base-uri 'self';font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data: *.gstatic.com *.googleapis.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net cdn.jsdelivr.net code.jquery.com *.gstatic.com *.fontawesome.com js.monitor.azure.com google.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' *.applicationinsights.azure.com *.visualstudio.com *.fontawesome.com google.com
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' *.venpay.eu *.bitx.com pay.google.com *.googleapis.com *.fontawesome.com google.com;base-uri 'self';font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data: *.gstatic.com *.googleapis.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net cdn.jsdelivr.net code.jquery.com *.gstatic.com *.fontawesome.com js.monitor.azure.com google.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' *.applicationinsights.azure.com *.visualstudio.com *.fontawesome.com google.com
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Fri, 12 Jul 2024 06:14:23 GMT
content-encoding
gzip
x-permitted-cross-domain-policies
none
surrogate-control
no-store
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
content-length
234
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
cross-origin-opener-policy
same-origin
etag
W/"128-49773873e8"
x-download-options
noopen
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
origin-agent-cluster
?1
x-cloud-trace-context
63d47eedc91147e0e8953d3caf180195
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
expires
0
helpers.min.js
oauth.venpay.eu/js/ 		1 KB
558 B 		Script
General
Check archive.org
Download Go to
Full URL
https://oauth.venpay.eu/js/helpers.min.js
Requested by
Host: oauth.venpay.eu
URL: https://oauth.venpay.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
65fb7a840c85a8b90af517900b2c95bba5069fdda18fdf341391992085796075
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' *.venpay.eu *.bitx.com pay.google.com *.googleapis.com *.fontawesome.com google.com;base-uri 'self';font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data: *.gstatic.com *.googleapis.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net cdn.jsdelivr.net code.jquery.com *.gstatic.com *.fontawesome.com js.monitor.azure.com google.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' *.applicationinsights.azure.com *.visualstudio.com *.fontawesome.com google.com
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' *.venpay.eu *.bitx.com pay.google.com *.googleapis.com *.fontawesome.com google.com;base-uri 'self';font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data: *.gstatic.com *.googleapis.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net cdn.jsdelivr.net code.jquery.com *.gstatic.com *.fontawesome.com js.monitor.azure.com google.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' *.applicationinsights.azure.com *.visualstudio.com *.fontawesome.com google.com
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Fri, 12 Jul 2024 06:14:23 GMT
content-encoding
gzip
x-permitted-cross-domain-policies
none
surrogate-control
no-store
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
content-length
430
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
cross-origin-opener-policy
same-origin
etag
W/"581-49773873e8"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
origin-agent-cluster
?1
x-cloud-trace-context
1134270ffc387696158158616c679023
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
accept-ranges
bytes
expires
0
app.min.js
oauth.venpay.eu/js/ 		4 KB
910 B 		Script
General
Check archive.org
Download Go to
Full URL
https://oauth.venpay.eu/js/app.min.js
Requested by
Host: oauth.venpay.eu
URL: https://oauth.venpay.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
23ce627ab376f20b12803fd41a985b7d502437c32cb63ca07ee91fca51b7bce2
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' *.venpay.eu *.bitx.com pay.google.com *.googleapis.com *.fontawesome.com google.com;base-uri 'self';font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data: *.gstatic.com *.googleapis.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net cdn.jsdelivr.net code.jquery.com *.gstatic.com *.fontawesome.com js.monitor.azure.com google.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' *.applicationinsights.azure.com *.visualstudio.com *.fontawesome.com google.com
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' *.venpay.eu *.bitx.com pay.google.com *.googleapis.com *.fontawesome.com google.com;base-uri 'self';font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data: *.gstatic.com *.googleapis.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net cdn.jsdelivr.net code.jquery.com *.gstatic.com *.fontawesome.com js.monitor.azure.com google.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' *.applicationinsights.azure.com *.visualstudio.com *.fontawesome.com google.com
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Fri, 12 Jul 2024 06:14:23 GMT
content-encoding
gzip
x-permitted-cross-domain-policies
none
surrogate-control
no-store
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
content-length
787
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
cross-origin-opener-policy
same-origin
etag
W/"1007-49773873e8"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
origin-agent-cluster
?1
x-cloud-trace-context
949cea36bb02ed041905832719c37bd3
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
accept-ranges
bytes
expires
0
insights.min.js
oauth.venpay.eu/js/ 		903 B
737 B 		Script
General
Check archive.org
Download Go to
Full URL
https://oauth.venpay.eu/js/insights.min.js
Requested by
Host: oauth.venpay.eu
URL: https://oauth.venpay.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
a67a7e362ff8ccf7ab609154030a76c1f79daae2d9ae598dc0123bf12fe33904
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' *.venpay.eu *.bitx.com pay.google.com *.googleapis.com *.fontawesome.com google.com;base-uri 'self';font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data: *.gstatic.com *.googleapis.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net cdn.jsdelivr.net code.jquery.com *.gstatic.com *.fontawesome.com js.monitor.azure.com google.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' *.applicationinsights.azure.com *.visualstudio.com *.fontawesome.com google.com
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' *.venpay.eu *.bitx.com pay.google.com *.googleapis.com *.fontawesome.com google.com;base-uri 'self';font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data: *.gstatic.com *.googleapis.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net cdn.jsdelivr.net code.jquery.com *.gstatic.com *.fontawesome.com js.monitor.azure.com google.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' *.applicationinsights.azure.com *.visualstudio.com *.fontawesome.com google.com
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Fri, 12 Jul 2024 06:14:23 GMT
content-encoding
gzip
x-permitted-cross-domain-policies
none
surrogate-control
no-store
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
content-length
585
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
cross-origin-opener-policy
same-origin
etag
W/"387-49773873e8"
x-download-options
noopen
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
origin-agent-cluster
?1
x-cloud-trace-context
7543459494a6462798b748e3439f823b
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
expires
0
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
Requested by
Host: oauth.venpay.eu
URL: https://oauth.venpay.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://oauth.venpay.eu
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 06:14:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5939171
x-jsd-version
1.16.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7831
x-served-by
cache-fra-eddf8230124-FRA, cache-lga21977-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Fv47S1EMABDTZ0MlC73tDcF3U59GAWyEtjEOaT7FoXydhojwoKa%2BmDMy6VOGaGhcTng4RJ8Hn0OpHW2b6WM8fog5%2B9DFwy0MRLiFJXM%2B5Ctm4lL9eVSBOoupEB4QSbAomhihYx4ypN3KAI1Frc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a1ee48ea8c337dd-FRA
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ 		62 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js
Requested by
Host: oauth.venpay.eu
URL: https://oauth.venpay.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://oauth.venpay.eu
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 06:14:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5936367
x-jsd-version
4.5.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14911
x-served-by
cache-fra-etou8220064-FRA, cache-lga21938-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hYWvDDHULi%2BQgPRKGv6C7smXEtk9G88t8eOvYy341HRlxX%2BPQL1%2BNL1Lcyq5yJDFiLLJ2nxeuXnygXJhbghud2jWtdyQDziXz8R1NUEwVTbPSBv4ygPcTaZO5FDHfUEHikLJPYgzH7uSaFPBvgU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a1ee48ea8c537dd-FRA
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: oauth.venpay.eu
URL: https://oauth.venpay.eu/js/insights.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD6) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 12 Jul 2024 06:14:24 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
39
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frc/4CD6)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
635ad354-d01e-00fe-2e22-d4af9e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Fri, 12 Jul 2024 06:44:24 GMT
favicon.ico
oauth.venpay.eu/ 		2 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://oauth.venpay.eu/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
83936ed8306936ce279fdc557e2d0850a6cb1fb69b1deb02e1e593034b2632fd
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' *.venpay.eu *.bitx.com pay.google.com *.googleapis.com *.fontawesome.com google.com;base-uri 'self';font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data: *.gstatic.com *.googleapis.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net cdn.jsdelivr.net code.jquery.com *.gstatic.com *.fontawesome.com js.monitor.azure.com google.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' *.applicationinsights.azure.com *.visualstudio.com *.fontawesome.com google.com
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' *.venpay.eu *.bitx.com pay.google.com *.googleapis.com *.fontawesome.com google.com;base-uri 'self';font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data: *.gstatic.com *.googleapis.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net cdn.jsdelivr.net code.jquery.com *.gstatic.com *.fontawesome.com js.monitor.azure.com google.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' *.applicationinsights.azure.com *.visualstudio.com *.fontawesome.com google.com
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Fri, 12 Jul 2024 06:14:24 GMT
content-encoding
gzip
x-permitted-cross-domain-policies
none
surrogate-control
no-store
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
content-length
931
x-xss-protection
0
referrer-policy
no-referrer
server
Google Frontend
cross-origin-opener-policy
same-origin
etag
W/"778-X5Wd++uGQnGx0RLem/RuUzRnMC8"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
x-cloud-trace-context
f9c827ba07cc3c7db7d3438c4ec54002
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
expires
0
track
dc.services.visualstudio.com/v2/ 		96 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.238 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
65e7cdb56af926ea1a1de0b7c8d725c72ff14749e7520ac0c17fada9f45355c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
Sdk-Context
appId
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Fri, 12 Jul 2024 06:14:24 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.238 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://oauth.venpay.eu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Fri, 12 Jul 2024 06:14:24 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| firebase object| config function| jqDecorateObject function| jqValidatePhoneNumber function| jqValidatePassword function| jqValidateEmail function| jqValidateCode function| validatePhoneNumber function| validateEmail function| validatePassword function| validateCheckBox function| validateCode function| decorateObject function| validateSignupForm function| initializeRecaptchaVerifier function| sendEmail function| jqSigninWithCustomToken function| jqSendEmail function| jqVerifyCodeResetPassword function| jqConfirmPassword function| jqVerifyCodeCheckEmail function| jqConfirmEmail function| jqConfirmCode function| verifyCodeResetPassword function| verifyCodeCheckEmail function| confirmPassword function| confirmEmail function| signinWithCustomToken function| sendEmailVerification function| sendPhoneNumberVerification function| confirmCode object| auth object| appInsights function| Popper object| bootstrap object| AI object| Microsoft function| __extends function| _endsWith

2 Cookies

Domain/Path Name / Value
oauth.venpay.eu/ Name: ai_user
Value: d3+i/|2024-07-12T06:14:24.217Z
oauth.venpay.eu/ Name: ai_session
Value: w1h5i|1720764864320.2|1720764864320.2

1 Console Messages

Source Level URL
Text
network error URL: https://oauth.venpay.eu/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline' *.venpay.eu *.bitx.com pay.google.com *.googleapis.com *.fontawesome.com google.com;base-uri 'self';font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data: *.gstatic.com *.googleapis.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' *.vo.msecnd.net cdn.jsdelivr.net code.jquery.com *.gstatic.com *.fontawesome.com js.monitor.azure.com google.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' *.applicationinsights.azure.com *.visualstudio.com *.fontawesome.com google.com
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
cdn.jsdelivr.net
code.jquery.com
dc.services.visualstudio.com
fonts.googleapis.com
oauth.venpay.eu
use.fontawesome.com
www.gstatic.com
20.50.88.238
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:3036::6815:1b98
2606:4700::6812:ba1f
2a00:1450:4001:801::2013
2a00:1450:4001:80b::2003
2a00:1450:4001:830::200a
2a04:4e42:200::649
15be51c050eb413012120d2f5fb436dcab1074fc34f414634a799f4d1d124567
23ce627ab376f20b12803fd41a985b7d502437c32cb63ca07ee91fca51b7bce2
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9
65e7cdb56af926ea1a1de0b7c8d725c72ff14749e7520ac0c17fada9f45355c5
65fb7a840c85a8b90af517900b2c95bba5069fdda18fdf341391992085796075
83936ed8306936ce279fdc557e2d0850a6cb1fb69b1deb02e1e593034b2632fd
94be3cee06cd7931123b9d2b32888cf7062289d353ed4064a93c98e414a0b795
9ce968858d9107162a31b122b5310d35872a435d2d3015a44706a468ad4ec4d6
a1e27d5ee75dadcbce5c9c6922271d39430c0023c6201e28584044cbe30e75dd
a67a7e362ff8ccf7ab609154030a76c1f79daae2d9ae598dc0123bf12fe33904
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
fb17acf84bc7716a8e863597651000599431a8226ea2cf2a87b69b6aeb253cee
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f