urlscan.io logo urlscan.io
SecurityTrails logo

ipg.vandar.app Open in urlscan Pro
2606:4700:3035::6815:1839  Public Scan

Go To Rescan Add Verdict Report
URL: https://ipg.vandar.app/v3/YD7LEMX9KGJFRRW
Submission: On July 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3035::6815:1839, located in United States and belongs to CLOUDFLARENET, US. The main domain is ipg.vandar.app.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 1st 2023. Valid for: a year.
This is the only time ipg.vandar.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
6 185.206.95.72 202468 (ABRARVAN-...)
1 185.233.85.250 49382 (PAYDA)
13 5
Apex Domain
Subdomains		 Transfer
7 vandar.io
api.vandar.io
dash.vandar.io
ipg.vandar.io
902 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88
2 KB
1 vandar.app
ipg.vandar.app
2 KB
13 3
Domain Requested by
3 ipg.vandar.io
3 api.vandar.io ipg.vandar.app
api.vandar.io
2 fonts.googleapis.com ipg.vandar.app
api.vandar.io
1 dash.vandar.io ipg.vandar.app
1 ipg.vandar.app
13 5

This site contains links to these domains. Also see Links.

Domain
vandar.io
ipg.vandar.io
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-01 -
2024-02-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.vandar.io
Certum Domain Validation CA SHA2		 2022-11-26 -
2023-11-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ipg.vandar.app/v3/YD7LEMX9KGJFRRW
Frame ID: 3782DADA176F41555E27898FA72BB6A8
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

وندار | ارائه دهنده راهکارهای پرداخت

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

13
Requests

77 %
HTTPS

50 %
IPv6

3
Domains

5
Subdomains

5
IPs

3
Countries

906 kB
Transfer

914 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request YD7LEMX9KGJFRRW
ipg.vandar.app/v3/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ipg.vandar.app/v3/YD7LEMX9KGJFRRW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1839 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd07f19ea769e5d966ebb88bf76546f3dec1070453681fadc199c1d4274234dd
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
withcredentials, Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN, x-csrftoken, access-control-allow-origin, Access-Control-Allow-Origin, origin, access-control-allow-headers
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
https://dash.vandar.io
access-control-expose-headers
Content-Length,Content-Range
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7e5a27089bc19ba7-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 12 Jul 2023 14:59:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-login-observed
0
ratelimit-observed
1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sB6wyGAMMQTcCbKDqi0673N3ua264lLpwxmPLXuPRcM1we5zn4Bg0ayDwGXMajrFShJ653aXjqkZZ%2FnBe6U5lbF4D%2B6XKXRtC4R62YD%2FWwbAOrEg0OUbQ19Wi9WLLs0WjJzMcoQYqkS6TX0kIg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=16000000; includeSubDomains; preload;
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display:400,700%7COpen+Sans:300,400,700
Requested by
Host: ipg.vandar.app
URL: https://ipg.vandar.app/v3/YD7LEMX9KGJFRRW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a90dd16f6d8450739a5c5b1ca88bd0f7197f9ddc8e827d543e4a688afb73481c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ipg.vandar.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 12 Jul 2023 14:59:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 14:59:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 Jul 2023 14:59:52 GMT
bootstrap.css
api.vandar.io/css/ 		132 KB
132 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api.vandar.io/css/bootstrap.css
Requested by
Host: ipg.vandar.app
URL: https://ipg.vandar.app/v3/YD7LEMX9KGJFRRW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.206.95.72 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
gerenciamentoweb90.dyndns-pics.com
Software
/
Resource Hash
1f7b1710ec4cebde2e20796af1baef1e3c140b1c4aa80eb54627509a84aaf34a
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ipg.vandar.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 14:59:52 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-length
134656
x-xss-protection
1; mode=block
last-modified
Fri, 16 Jun 2023 22:56:35 GMT
ratelimit-observed
1
etag
"648ce8a3-20e00"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
text/css
access-control-allow-origin
https://dash.vandar.io
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
ratelimit-login-observed
0
accept-ranges
bytes
access-control-allow-headers
withcredentials, Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN, x-csrftoken, access-control-allow-origin, Access-Control-Allow-Origin, origin, access-control-allow-headers
bootstrap-rtl.min.css
api.vandar.io/css/ 		24 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api.vandar.io/css/bootstrap-rtl.min.css
Requested by
Host: ipg.vandar.app
URL: https://ipg.vandar.app/v3/YD7LEMX9KGJFRRW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.206.95.72 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
gerenciamentoweb90.dyndns-pics.com
Software
/
Resource Hash
41a4650481e83752c89317b3896df89e49ce56b09ab272c963a7ac7f795dbfe9
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ipg.vandar.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 14:59:52 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-length
24903
x-xss-protection
1; mode=block
last-modified
Fri, 16 Jun 2023 22:56:35 GMT
ratelimit-observed
2
etag
"648ce8a3-6147"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
text/css
access-control-allow-origin
https://dash.vandar.io
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
ratelimit-login-observed
0
accept-ranges
bytes
access-control-allow-headers
withcredentials, Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN, x-csrftoken, access-control-allow-origin, Access-Control-Allow-Origin, origin, access-control-allow-headers
web.css
api.vandar.io/css/ 		426 KB
427 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api.vandar.io/css/web.css
Requested by
Host: ipg.vandar.app
URL: https://ipg.vandar.app/v3/YD7LEMX9KGJFRRW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.206.95.72 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
gerenciamentoweb90.dyndns-pics.com
Software
/
Resource Hash
445beeb3ea936292da7697061aa2211b667779da25fcc044f6938d1a20f4898c
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ipg.vandar.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 14:59:52 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-length
435752
x-xss-protection
1; mode=block
last-modified
Fri, 16 Jun 2023 22:56:35 GMT
ratelimit-observed
3
etag
"648ce8a3-6a628"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
text/css
access-control-allow-origin
https://dash.vandar.io
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
ratelimit-login-observed
0
accept-ranges
bytes
access-control-allow-headers
withcredentials, Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN, x-csrftoken, access-control-allow-origin, Access-Control-Allow-Origin, origin, access-control-allow-headers
Logo.fb897088.svg
dash.vandar.io/img/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dash.vandar.io/img/Logo.fb897088.svg
Requested by
Host: ipg.vandar.app
URL: https://ipg.vandar.app/v3/YD7LEMX9KGJFRRW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.233.85.250 , Iran, Islamic Republic Of, ASN49382 (PAYDA, IR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ipg.vandar.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
css
fonts.googleapis.com/ 		2 KB
646 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito
Requested by
Host: api.vandar.io
URL: https://api.vandar.io/css/web.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
acb56c6f7cb5d7535893ca8f3ede167db52e709927be848f4285ab3d92973bb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.vandar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 12 Jul 2023 14:59:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 14:14:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 Jul 2023 14:59:53 GMT
backerror.png
ipg.vandar.io/assets/img/vandar/ 		232 KB
233 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipg.vandar.io/assets/img/vandar/backerror.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.206.95.72 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
gerenciamentoweb90.dyndns-pics.com
Software
/
Resource Hash
8f823cf2782021b3feec2dfd5861eaaa4ebfc1b4c05cae78106ad9f33767f3db
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ipg.vandar.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 14:59:53 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-length
237442
x-xss-protection
1; mode=block
last-modified
Sun, 18 Jun 2023 12:09:47 GMT
ratelimit-observed
6
etag
"648ef40b-39f82"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
image/png
access-control-allow-origin
https://dash.vandar.io
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
ratelimit-login-observed
0
accept-ranges
bytes
access-control-allow-headers
withcredentials, Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN, x-csrftoken, access-control-allow-origin, Access-Control-Allow-Origin, origin, access-control-allow-headers
Rectangle.svg
ipg.vandar.io/assets/img/vandar/ 		258 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipg.vandar.io/assets/img/vandar/Rectangle.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.206.95.72 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
gerenciamentoweb90.dyndns-pics.com
Software
/
Resource Hash
1c11f3263dfa4f196a0ef4bdc1f3390f4b39927270dfefd1e3dba985984eaa41
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ipg.vandar.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 14:59:53 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-length
258
x-xss-protection
1; mode=block
last-modified
Sun, 18 Jun 2023 12:09:47 GMT
ratelimit-observed
5
etag
"648ef40b-102"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
image/svg+xml
access-control-allow-origin
https://dash.vandar.io
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
ratelimit-login-observed
0
accept-ranges
bytes
access-control-allow-headers
withcredentials, Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN, x-csrftoken, access-control-allow-origin, Access-Control-Allow-Origin, origin, access-control-allow-headers
RepeatGrid3.svg
ipg.vandar.io/assets/img/vandar/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipg.vandar.io/assets/img/vandar/RepeatGrid3.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.206.95.72 , Iran, Islamic Republic Of, ASN202468 (ABRARVAN-AS AbrArvan CDN and IaaS, IR),
Reverse DNS
gerenciamentoweb90.dyndns-pics.com
Software
/
Resource Hash
12c41bd50b4369129d9da59edf885000447266bac268c4229c8d362b09e77b74
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ipg.vandar.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 14:59:53 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
content-length
85588
x-xss-protection
1; mode=block
last-modified
Sun, 18 Jun 2023 12:09:47 GMT
ratelimit-observed
4
etag
"648ef40b-14e54"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
image/svg+xml
access-control-allow-origin
https://dash.vandar.io
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
ratelimit-login-observed
0
accept-ranges
bytes
access-control-allow-headers
withcredentials, Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN, x-csrftoken, access-control-allow-origin, Access-Control-Allow-Origin, origin, access-control-allow-headers
IRANSansWeb.woff2
api.vandar.io/fonts/ 		0
0
IRANSansWeb.woff
api.vandar.io/fonts/ 		0
0
IRANSansWeb.ttf
api.vandar.io/fonts/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.vandar.io
URL
https://api.vandar.io/fonts/IRANSansWeb.woff2?eb5adaac0d814e1e8e5cbd75efb9db3e
Domain
api.vandar.io
URL
https://api.vandar.io/fonts/IRANSansWeb.woff?bd6f69a8db87710b2f3fcd6ef75bd3e2
Domain
api.vandar.io
URL
https://api.vandar.io/fonts/IRANSansWeb.ttf?e9908f05e5771638e40913309b784a17

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

1 Cookies

Domain/Path Name / Value
ipg.vandar.app/ Name: vms_ipg_session
Value: eyJpdiI6IkUrS09RcEFWaHBFZXFKNWZ3MlNRYnc9PSIsInZhbHVlIjoibmRSODNJKzdtZHlkK1RSOTMxdHpTTVRJOW1OaFE5UC9UNGMzSUFyaUxUamV1VHJwWDVIbDV4YUZ6c0ZOQXNPK1dadWFhbk1uTDFvWkxRaysvejc4aml2ZW1tNHNzaFVFbUNJSnlhRVNkdmxneVYzK3dDNkdVTTBCZDdXU2hJT3kiLCJtYWMiOiI2Mzg0MzBiOTZjYzllYWRkNjkwNmIxYWE2NDA0YmE4MmMzMDNiNDg4OTIzZDFlMGRlOGEzNzY1NTUwMDMwYWM0IiwidGFnIjoiIn0%3D

10 Console Messages

Source Level URL
Text
network error URL: https://ipg.vandar.app/v3/YD7LEMX9KGJFRRW
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://ipg.vandar.app/v3/YD7LEMX9KGJFRRW
Message:
Mixed Content: The page at 'https://ipg.vandar.app/v3/YD7LEMX9KGJFRRW' was loaded over HTTPS, but requested an insecure element 'http://ipg.vandar.io/assets/img/vandar/backerror.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://ipg.vandar.app/v3/YD7LEMX9KGJFRRW
Message:
Mixed Content: The page at 'https://ipg.vandar.app/v3/YD7LEMX9KGJFRRW' was loaded over HTTPS, but requested an insecure element 'http://ipg.vandar.io/assets/img/vandar/Rectangle.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://ipg.vandar.app/v3/YD7LEMX9KGJFRRW
Message:
Mixed Content: The page at 'https://ipg.vandar.app/v3/YD7LEMX9KGJFRRW' was loaded over HTTPS, but requested an insecure element 'http://ipg.vandar.io/assets/img/vandar/RepeatGrid3.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript error URL: https://ipg.vandar.app/v3/YD7LEMX9KGJFRRW
Message:
Access to font at 'https://api.vandar.io/fonts/IRANSansWeb.woff2?eb5adaac0d814e1e8e5cbd75efb9db3e' from origin 'https://ipg.vandar.app' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://dash.vandar.io' that is not equal to the supplied origin.
network error URL: https://api.vandar.io/fonts/IRANSansWeb.woff2?eb5adaac0d814e1e8e5cbd75efb9db3e
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://ipg.vandar.app/v3/YD7LEMX9KGJFRRW
Message:
Access to font at 'https://api.vandar.io/fonts/IRANSansWeb.woff?bd6f69a8db87710b2f3fcd6ef75bd3e2' from origin 'https://ipg.vandar.app' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://dash.vandar.io' that is not equal to the supplied origin.
network error URL: https://api.vandar.io/fonts/IRANSansWeb.woff?bd6f69a8db87710b2f3fcd6ef75bd3e2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://ipg.vandar.app/v3/YD7LEMX9KGJFRRW
Message:
Access to font at 'https://api.vandar.io/fonts/IRANSansWeb.ttf?e9908f05e5771638e40913309b784a17' from origin 'https://ipg.vandar.app' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://dash.vandar.io' that is not equal to the supplied origin.
network error URL: https://api.vandar.io/fonts/IRANSansWeb.ttf?e9908f05e5771638e40913309b784a17
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;