urlscan.io logo urlscan.io
SecurityTrails logo

oauth.vendit.dev Open in urlscan Pro
195.134.168.11  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://oauth.vendit.dev/
Effective URL: https://oauth.vendit.dev/Identity/Account/Login
Submission: On March 15 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 18 HTTP transactions. The main IP is 195.134.168.11, located in Arnhem, Netherlands and belongs to REDHOSTING-AS, NL. The main domain is oauth.vendit.dev.
TLS certificate: Issued by Vendit on December 14th 2020. Valid for: 2 years.
This is the only time oauth.vendit.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 195.134.168.11 39647 (REDHOSTIN...)
2 152.199.19.160 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
18 4
Apex Domain
Subdomains		 Transfer
15 vendit.dev
oauth.vendit.dev
2 MB
2 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 590
15 KB
1 gstatic.com
fonts.gstatic.com
16 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
18 4
Domain Requested by
15 oauth.vendit.dev 1 redirects oauth.vendit.dev
2 ajax.aspnetcdn.com oauth.vendit.dev
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com oauth.vendit.dev
18 4

This site contains links to these domains. Also see Links.

Domain
www.vendit.nl
Subject Issuer Validity Valid
Test Environment
Vendit		 2020-12-14 -
2022-12-14		 2 years crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2021-08-06 -
2022-08-06		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://oauth.vendit.dev/Identity/Account/Login
Frame ID: 00D4EDD4636DFBD2B1A887236F6468F1
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

VenditIdentity v4.3.2 - Inloggen

Page URL History Show full URLs

  1. https://oauth.vendit.dev/ HTTP 302
    https://oauth.vendit.dev/Identity/Account/Login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

22 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

2009 kB
Transfer

2028 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://oauth.vendit.dev/ HTTP 302
    https://oauth.vendit.dev/Identity/Account/Login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Login
oauth.vendit.dev/Identity/Account/
Redirect Chain
  • https://oauth.vendit.dev/
  • https://oauth.vendit.dev/Identity/Account/Login
38 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oauth.vendit.dev/Identity/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.134.168.11 Arnhem, Netherlands, ASN39647 (REDHOSTING-AS, NL),
Reverse DNS
exchange.vendit.nl
Software
/
Resource Hash
66c417a529201f77c5a713bebc1ec01961722ba5ed81a6b60989bdf8cb4d5ddf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache, no-store
pragma
no-cache
content-type
text/html; charset=utf-8
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
date
Tue, 15 Mar 2022 10:57:37 GMT
content-length
38874

Redirect headers

location
/Identity/Account/Login
strict-transport-security
max-age=31536000
date
Tue, 15 Mar 2022 10:57:37 GMT
content-length
0
vendors.bundle.css
oauth.vendit.dev/css/ 		358 KB
359 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oauth.vendit.dev/css/vendors.bundle.css
Requested by
Host: oauth.vendit.dev
URL: https://oauth.vendit.dev/Identity/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.134.168.11 Arnhem, Netherlands, ASN39647 (REDHOSTING-AS, NL),
Reverse DNS
exchange.vendit.nl
Software
/
Resource Hash
169bc425f2cd3187bb81ec4358175acdc7cd6e457274472fe871daee0ae4d6e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://oauth.vendit.dev/Identity/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
etag
"1d83847667441c9"
last-modified
Tue, 15 Mar 2022 08:33:52 GMT
accept-ranges
bytes
date
Tue, 15 Mar 2022 10:57:37 GMT
content-length
367049
content-type
text/css
app.bundle.css
oauth.vendit.dev/css/ 		239 KB
239 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oauth.vendit.dev/css/app.bundle.css
Requested by
Host: oauth.vendit.dev
URL: https://oauth.vendit.dev/Identity/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.134.168.11 Arnhem, Netherlands, ASN39647 (REDHOSTING-AS, NL),
Reverse DNS
exchange.vendit.nl
Software
/
Resource Hash
4f7353915968ed1f9aba22d2843e537aba31cd910f2335c2ffa302f7d72c03fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://oauth.vendit.dev/Identity/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
etag
"1d838476672642b"
last-modified
Tue, 15 Mar 2022 08:33:52 GMT
accept-ranges
bytes
date
Tue, 15 Mar 2022 10:57:37 GMT
content-length
244779
content-type
text/css
cust-theme-3.css
oauth.vendit.dev/css/themes/ 		97 KB
97 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oauth.vendit.dev/css/themes/cust-theme-3.css
Requested by
Host: oauth.vendit.dev
URL: https://oauth.vendit.dev/Identity/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.134.168.11 Arnhem, Netherlands, ASN39647 (REDHOSTING-AS, NL),
Reverse DNS
exchange.vendit.nl
Software
/
Resource Hash
aad774fb2c73d96c80256ba74bf7b42f2b7b87831c8d127d9e1e75a539b55217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://oauth.vendit.dev/Identity/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
etag
"1d8384766705a3f"
last-modified
Tue, 15 Mar 2022 08:33:52 GMT
accept-ranges
bytes
date
Tue, 15 Mar 2022 10:57:37 GMT
content-length
98879
content-type
text/css
skin-master.css
oauth.vendit.dev/css/skins/ 		58 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oauth.vendit.dev/css/skins/skin-master.css
Requested by
Host: oauth.vendit.dev
URL: https://oauth.vendit.dev/Identity/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.134.168.11 Arnhem, Netherlands, ASN39647 (REDHOSTING-AS, NL),
Reverse DNS
exchange.vendit.nl
Software
/
Resource Hash
4c4a53b213aab7f7ace3a3c5aecf5d10bffc7b420064add9c6da1cc308a24354
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://oauth.vendit.dev/Identity/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
etag
"1d83847667130a7"
last-modified
Tue, 15 Mar 2022 08:33:52 GMT
accept-ranges
bytes
date
Tue, 15 Mar 2022 10:57:37 GMT
content-length
59559
content-type
text/css
site.css
oauth.vendit.dev/css/ 		9 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oauth.vendit.dev/css/site.css
Requested by
Host: oauth.vendit.dev
URL: https://oauth.vendit.dev/Identity/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.134.168.11 Arnhem, Netherlands, ASN39647 (REDHOSTING-AS, NL),
Reverse DNS
exchange.vendit.nl
Software
/
Resource Hash
883b7079a3b3eed24905bfb2dc9959d0e72aff29e954207a2779d19656be0cbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://oauth.vendit.dev/Identity/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
etag
"1d838476671fa1b"
last-modified
Tue, 15 Mar 2022 08:33:52 GMT
accept-ranges
bytes
date
Tue, 15 Mar 2022 10:57:37 GMT
content-length
8731
content-type
text/css
select2.bundle.css
oauth.vendit.dev/css/formplugins/select2/ 		34 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oauth.vendit.dev/css/formplugins/select2/select2.bundle.css
Requested by
Host: oauth.vendit.dev
URL: https://oauth.vendit.dev/Identity/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.134.168.11 Arnhem, Netherlands, ASN39647 (REDHOSTING-AS, NL),
Reverse DNS
exchange.vendit.nl
Software
/
Resource Hash
f3599133ac0fa4f4cf9358dd7dc919151c627d3131c38d1c73e302c6a963fabf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://oauth.vendit.dev/Identity/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
etag
"1d83847667150c2"
last-modified
Tue, 15 Mar 2022 08:33:52 GMT
accept-ranges
bytes
date
Tue, 15 Mar 2022 10:57:37 GMT
content-length
35010
content-type
text/css
logo_vendit.png
oauth.vendit.dev/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oauth.vendit.dev/img/logo_vendit.png
Requested by
Host: oauth.vendit.dev
URL: https://oauth.vendit.dev/Identity/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.134.168.11 Arnhem, Netherlands, ASN39647 (REDHOSTING-AS, NL),
Reverse DNS
exchange.vendit.nl
Software
/
Resource Hash
f3f64512b6f47b3f304ec594b58866a41942b9da8c461254087bb14c480dd477
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://oauth.vendit.dev/Identity/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
etag
"1d838476671d6b2"
last-modified
Tue, 15 Mar 2022 08:33:52 GMT
accept-ranges
bytes
date
Tue, 15 Mar 2022 10:57:37 GMT
content-length
3762
content-type
image/png
cover-Vendit.png
oauth.vendit.dev/img/card-backgrounds/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oauth.vendit.dev/img/card-backgrounds/cover-Vendit.png
Requested by
Host: oauth.vendit.dev
URL: https://oauth.vendit.dev/Identity/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.134.168.11 Arnhem, Netherlands, ASN39647 (REDHOSTING-AS, NL),
Reverse DNS
exchange.vendit.nl
Software
/
Resource Hash
36966cf30ee8bcdae313ad4f288834f0ceab86c2b77cad2738e6de8b9ab8c9af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://oauth.vendit.dev/Identity/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
etag
"1d8384766707bde"
last-modified
Tue, 15 Mar 2022 08:33:52 GMT
accept-ranges
bytes
date
Tue, 15 Mar 2022 10:57:37 GMT
content-length
107486
content-type
image/png
vendit_logo_dark.png
oauth.vendit.dev/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oauth.vendit.dev/img/vendit_logo_dark.png
Requested by
Host: oauth.vendit.dev
URL: https://oauth.vendit.dev/Identity/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.134.168.11 Arnhem, Netherlands, ASN39647 (REDHOSTING-AS, NL),
Reverse DNS
exchange.vendit.nl
Software
/
Resource Hash
e3ff69b50e13537273cbe7d356081a95841fc7d835baae85f5748fe82c123800
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://oauth.vendit.dev/Identity/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
etag
"1d838476671ff71"
last-modified
Tue, 15 Mar 2022 08:33:52 GMT
accept-ranges
bytes
date
Tue, 15 Mar 2022 10:57:37 GMT
content-length
10097
content-type
image/png
vendors.bundle.js
oauth.vendit.dev/js/ 		786 KB
786 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oauth.vendit.dev/js/vendors.bundle.js
Requested by
Host: oauth.vendit.dev
URL: https://oauth.vendit.dev/Identity/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.134.168.11 Arnhem, Netherlands, ASN39647 (REDHOSTING-AS, NL),
Reverse DNS
exchange.vendit.nl
Software
/
Resource Hash
a6206696b7ff486ab997af3c7497b087e5ff9417258d9974352175c55fcbcdb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://oauth.vendit.dev/Identity/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
etag
"1d83847667d9e55"
last-modified
Tue, 15 Mar 2022 08:33:52 GMT
accept-ranges
bytes
date
Tue, 15 Mar 2022 10:57:37 GMT
content-length
804437
content-type
application/javascript
app.bundle.js
oauth.vendit.dev/js/ 		68 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oauth.vendit.dev/js/app.bundle.js
Requested by
Host: oauth.vendit.dev
URL: https://oauth.vendit.dev/Identity/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.134.168.11 Arnhem, Netherlands, ASN39647 (REDHOSTING-AS, NL),
Reverse DNS
exchange.vendit.nl
Software
/
Resource Hash
f264e407225292ae7c54847c9bfc954de5ba11203023f1f0f0a799e342d981b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://oauth.vendit.dev/Identity/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
etag
"1d838476670d6cf"
last-modified
Tue, 15 Mar 2022 08:33:52 GMT
accept-ranges
bytes
date
Tue, 15 Mar 2022 10:57:37 GMT
content-length
69327
content-type
application/javascript
site.js
oauth.vendit.dev/js/ 		230 B
283 B 		Script
General
Check archive.org
Download Go to
Full URL
https://oauth.vendit.dev/js/site.js
Requested by
Host: oauth.vendit.dev
URL: https://oauth.vendit.dev/Identity/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.134.168.11 Arnhem, Netherlands, ASN39647 (REDHOSTING-AS, NL),
Reverse DNS
exchange.vendit.nl
Software
/
Resource Hash
33f35692fd57e7407f9a7a650fcc5cc12b828824f44f8f2c4d133323d87b3c11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://oauth.vendit.dev/Identity/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
etag
"1d838476671d8e6"
last-modified
Tue, 15 Mar 2022 08:33:52 GMT
accept-ranges
bytes
date
Tue, 15 Mar 2022 10:57:37 GMT
content-length
230
content-type
application/javascript
select2.bundle.js
oauth.vendit.dev/js/formplugins/select2/ 		169 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oauth.vendit.dev/js/formplugins/select2/select2.bundle.js
Requested by
Host: oauth.vendit.dev
URL: https://oauth.vendit.dev/Identity/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.134.168.11 Arnhem, Netherlands, ASN39647 (REDHOSTING-AS, NL),
Reverse DNS
exchange.vendit.nl
Software
/
Resource Hash
ba0664111e4e0041b30b0c1bff832f841284e46be67344b9f4c2a7f9da2865a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://oauth.vendit.dev/Identity/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
etag
"1d8384766737dfe"
last-modified
Tue, 15 Mar 2022 08:33:52 GMT
accept-ranges
bytes
date
Tue, 15 Mar 2022 10:57:37 GMT
content-length
173566
content-type
application/javascript
jquery.validate.min.js
ajax.aspnetcdn.com/ajax/jquery.validate/1.17.0/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jquery.validate/1.17.0/jquery.validate.min.js
Requested by
Host: oauth.vendit.dev
URL: https://oauth.vendit.dev/Identity/Account/Login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B5F) /
Resource Hash
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://oauth.vendit.dev/
Origin
https://oauth.vendit.dev
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 10:57:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19393805
x-cache
HIT
content-length
9409
x-xss-protection
1; mode=block
last-modified
Mon, 31 Jul 2017 18:09:21 GMT
server
ECAcc (ama/8B5F)
etag
"bec5c2228ad31:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
jquery.validate.unobtrusive.min.js
ajax.aspnetcdn.com/ajax/jquery.validation.unobtrusive/3.2.9/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jquery.validation.unobtrusive/3.2.9/jquery.validate.unobtrusive.min.js
Requested by
Host: oauth.vendit.dev
URL: https://oauth.vendit.dev/Identity/Account/Login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B0C) /
Resource Hash
a5aa31a5cb77de463d7e9425be00bc2289231aaf22a9869515ac2014f83ca33d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://oauth.vendit.dev/
Origin
https://oauth.vendit.dev
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 10:57:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Apr 2018 18:07:18 GMT
server
ECAcc (ama/8B0C)
age
23021766
etag
"bc773470adcad31:0"
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
5763
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Requested by
Host: oauth.vendit.dev
URL: https://oauth.vendit.dev/css/formplugins/select2/select2.bundle.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
db5f411f7205ec2bbbc73f359461682f01f5dab26cebfa18c2c3cdebefa4d38c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://oauth.vendit.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Mar 2022 10:48:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 15 Mar 2022 10:57:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Mar 2022 10:57:38 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oauth.vendit.dev
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 09:48:03 GMT
x-content-type-options
nosniff
age
349775
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 11 Mar 2023 09:48:03 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored object| classHolder object| themeSettings string| themeURL string| themeOptions undefined| cssfile function| saveSettings function| resetSettings function| getUrlParameter function| detectIE function| rgb2hex object| Pace object| paceOptions function| $ function| jQuery function| Popper object| bootstrap object| bootbox object| Waves object| myapp_config object| initApp object| layouts object| color

1 Cookies

Domain/Path Name / Value
oauth.vendit.dev/ Name: .AspNetCore.Antiforgery.niPrdauJdYg
Value: CfDJ8P32UK8KZEpNusir8D2Ee-NDu7FOkagzgzbGGFPl0T0RtdHov8KyCmPdxjXa1BMp94fTf_jMRhkbQ5_ZI4R_isGue7YOR4LsES_jIdd5GAXRsnVkqJNOytbGmZu4eqhVzMUz_K-P5IBBQ8zvPC7xKys

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
fonts.googleapis.com
fonts.gstatic.com
oauth.vendit.dev
152.199.19.160
195.134.168.11
2a00:1450:4001:803::2003
2a00:1450:4001:803::200a
169bc425f2cd3187bb81ec4358175acdc7cd6e457274472fe871daee0ae4d6e7
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50
33f35692fd57e7407f9a7a650fcc5cc12b828824f44f8f2c4d133323d87b3c11
36966cf30ee8bcdae313ad4f288834f0ceab86c2b77cad2738e6de8b9ab8c9af
4c4a53b213aab7f7ace3a3c5aecf5d10bffc7b420064add9c6da1cc308a24354
4f7353915968ed1f9aba22d2843e537aba31cd910f2335c2ffa302f7d72c03fd
66c417a529201f77c5a713bebc1ec01961722ba5ed81a6b60989bdf8cb4d5ddf
883b7079a3b3eed24905bfb2dc9959d0e72aff29e954207a2779d19656be0cbe
a5aa31a5cb77de463d7e9425be00bc2289231aaf22a9869515ac2014f83ca33d
a6206696b7ff486ab997af3c7497b087e5ff9417258d9974352175c55fcbcdb2
aad774fb2c73d96c80256ba74bf7b42f2b7b87831c8d127d9e1e75a539b55217
ba0664111e4e0041b30b0c1bff832f841284e46be67344b9f4c2a7f9da2865a2
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
db5f411f7205ec2bbbc73f359461682f01f5dab26cebfa18c2c3cdebefa4d38c
e3ff69b50e13537273cbe7d356081a95841fc7d835baae85f5748fe82c123800
f264e407225292ae7c54847c9bfc954de5ba11203023f1f0f0a799e342d981b0
f3599133ac0fa4f4cf9358dd7dc919151c627d3131c38d1c73e302c6a963fabf
f3f64512b6f47b3f304ec594b58866a41942b9da8c461254087bb14c480dd477