urlscan.io logo urlscan.io
SecurityTrails logo

vendostore.com Open in urlscan Pro
54.229.109.4  Public Scan

Go To Rescan Add Verdict Report
URL: https://vendostore.com/a/details?id=84742
Submission: On May 08 via manual from HU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 31 HTTP transactions. The main IP is 54.229.109.4, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is vendostore.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 10th 2023. Valid for: 7 months.
This is the only time vendostore.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    54.229.109.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-109-4.eu-west-1.compute.amazonaws.com
vendostore.com
secure.vend-o.com
2    2600:9000:211e:f200:15:23c2:4a00:21 (United States)

ASN16509 (AMAZON-02, US)
d3ns5crcgwfodk.cloudfront.net
8    2600:9000:223f:b800:4:2669:6700:21 (United States)

ASN16509 (AMAZON-02, US)
d2i4kumhnhdkf0.cloudfront.net
1    2600:9000:223d:200:1c:c432:840:21 (United States)

ASN16509 (AMAZON-02, US)
d65e0wuog4vfl.cloudfront.net
3    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.recaptcha.net
6    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
8 d2i4kumhnhdkf0.cloudfront.net vendostore.com
6 www.gstatic.com www.recaptcha.net
www.gstatic.com
4 www.recaptcha.net vendostore.com
www.gstatic.com
www.recaptcha.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.googletagmanager.com vendostore.com
www.googletagmanager.com
2 d3ns5crcgwfodk.cloudfront.net vendostore.com
2 vendostore.com vendostore.com
1 fonts.gstatic.com www.recaptcha.net
1 secure.vend-o.com www.googletagmanager.com
1 d65e0wuog4vfl.cloudfront.net vendostore.com
31 10

This site contains links to these domains. Also see Links.

Domain
secure.vend-o.com
www.barepass.com
www.vendoservices.com
Subject Issuer Validity Valid
vendostore.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-09-11		 7 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
vend-o.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-09-12		 7 months crt.sh
misc.google.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://vendostore.com/a/details?id=84742
Frame ID: 30C86023F249A41720FE13F79E2C1105
Requests: 16 HTTP requests in this frame

Frame: https://vendostore.com/a/age-verification
Frame ID: 84A2FDD9328F3FD990D0EC35A9865A4A
Requests: 6 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfeYjAUAAAAAAuE3ZPQG0a2KGkKQ8v8eV8pdHuQ&co=aHR0cHM6Ly92ZW5kb3N0b3JlLmNvbTo0NDM.&hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z&size=normal&cb=iaucs5c36o3c
Frame ID: 4A54A8D489437B9B0C6F3591E47E3453
Requests: 8 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z&k=6LfeYjAUAAAAAAuE3ZPQG0a2KGkKQ8v8eV8pdHuQ
Frame ID: A5FC2C8B9C8285E15CEB06DA5B9FF8EB
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bare PassVendoStore

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

31
Requests

100 %
HTTPS

89 %
IPv6

7
Domains

10
Subdomains

10
IPs

3
Countries

1579 kB
Transfer

2748 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request details
vendostore.com/a/ 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vendostore.com/a/details?id=84742
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.109.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-109-4.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
27069ec04e9112ecf0fc2519026530271a308926a7c97db094f1655dc9c3cee7
Security Headers
Name Value
Content-Security-Policy default-src 'self' vend-o.com *.vend-o.com vendoservices.com *.vendoservices.com cdn.vendocdn.com *.quicksight.aws.amazon.com d3ns5crcgwfodk.cloudfront.net d65e0wuog4vfl.cloudfront.net d2i4kumhnhdkf0.cloudfront.net d14k38g86f558b.cloudfront.net 'unsafe-inline' 'unsafe-eval' data: ajax.googleapis.com www.gstatic.com www.google-analytics.com www.googletagmanager.com www.google.com www.recaptcha.net; report-uri https://secure.vend-o.com/api/traffic-tracking/csp
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-security-policy
default-src 'self' vend-o.com *.vend-o.com vendoservices.com *.vendoservices.com cdn.vendocdn.com *.quicksight.aws.amazon.com d3ns5crcgwfodk.cloudfront.net d65e0wuog4vfl.cloudfront.net d2i4kumhnhdkf0.cloudfront.net d14k38g86f558b.cloudfront.net 'unsafe-inline' 'unsafe-eval' data: ajax.googleapis.com www.gstatic.com www.google-analytics.com www.googletagmanager.com www.google.com www.recaptcha.net; report-uri https://secure.vend-o.com/api/traffic-tracking/csp
content-type
text/html; charset=UTF-8
date
Mon, 08 May 2023 13:49:45 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-php-mem
2097152
x-php-mempeak
2097152
x-php-sessid
tj4f5dobr3ro3qk3t7p5vsef2ptd6eeu
x-sites-version
V_20230302.82786542
x-version
V_20230427.225fa330 (pci-app-i-0edff8fcc2cedf550)
x-xss-protection
1; mode=block
5092655f90ee4c40e7a825e52e74a21c.css
d3ns5crcgwfodk.cloudfront.net/compiled-css/ 		17 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3ns5crcgwfodk.cloudfront.net/compiled-css/5092655f90ee4c40e7a825e52e74a21c.css
Requested by
Host: vendostore.com
URL: https://vendostore.com/a/details?id=84742
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:f200:15:23c2:4a00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b09e605bd8bd2a86d14cc50c3615d78914efcb9d8c3fdaf6baf513f031bd22e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vendostore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 19:00:49 GMT
via
1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
last-modified
Tue, 03 Jan 2023 18:17:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
240537
x-amz-server-side-encryption
AES256
etag
"5092655f90ee4c40e7a825e52e74a21c"
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
cache-control
max-age=2592008
accept-ranges
bytes
content-length
17443
x-amz-cf-id
o1-grXDxrEG5N-H15tFgWBoGkQZrVIXQ73Q3pdTXva3ax2X6Z1lTkA==
jquery.3.6.0.min.js
d2i4kumhnhdkf0.cloudfront.net/js/jquery/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2i4kumhnhdkf0.cloudfront.net/js/jquery/jquery.3.6.0.min.js
Requested by
Host: vendostore.com
URL: https://vendostore.com/a/details?id=84742
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:b800:4:2669:6700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0

Request headers

Referer
https://vendostore.com/
Origin
https://vendostore.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 07:17:54 GMT
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 16:07:32 GMT
server
Apache
x-amz-cf-pop
FRA56-P5
age
23511
etag
"15d9c-5fa538dcff900"
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
89500
x-amz-cf-id
6jhWkiEjDOQtzo1_pr1twFoeC7eBPhdX1Ystm862EIy_6eBvT6D5mw==
jqueryui.1.12.1.min.js
d2i4kumhnhdkf0.cloudfront.net/js/jquery/ 		248 KB
248 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2i4kumhnhdkf0.cloudfront.net/js/jquery/jqueryui.1.12.1.min.js
Requested by
Host: vendostore.com
URL: https://vendostore.com/a/details?id=84742
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:b800:4:2669:6700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
0f6098ae735676cc51e9bd52ee8892b827527c445120b0da7914df152a269766

Request headers

Referer
https://vendostore.com/
Origin
https://vendostore.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 06:58:06 GMT
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 16:07:32 GMT
server
Apache
x-amz-cf-pop
FRA56-P5
age
24699
etag
"3df08-5fa538dcff900"
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
253704
x-amz-cf-id
cjA9cFdkfXFRiP_wo8ORZniRnQivhx1YOanKly1I0H0IC4bZKIteEw==
jquery.cycle.all.js
d2i4kumhnhdkf0.cloudfront.net/js/jquery/ 		58 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2i4kumhnhdkf0.cloudfront.net/js/jquery/jquery.cycle.all.js
Requested by
Host: vendostore.com
URL: https://vendostore.com/a/details?id=84742
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:b800:4:2669:6700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
598d3c901982e1565911018bfb6cc1ba11178cf37aea48598f24681bfa6a5128

Request headers

Referer
https://vendostore.com/
Origin
https://vendostore.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 06:58:06 GMT
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 16:07:32 GMT
server
Apache
x-amz-cf-pop
FRA56-P5
age
24699
etag
"e631-5fa538dcff900"
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
58929
x-amz-cf-id
BJKEjwv6EgsgGr3qij7qJDUYFdBfvl5hILXapmdGb5pe9x-T4v5TvQ==
jquery.placeholder.min.js
d2i4kumhnhdkf0.cloudfront.net/js/jquery/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2i4kumhnhdkf0.cloudfront.net/js/jquery/jquery.placeholder.min.js
Requested by
Host: vendostore.com
URL: https://vendostore.com/a/details?id=84742
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:b800:4:2669:6700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
0ca92d6e212b114e22a72ff595917759e61e924c623b2c3ecc04d0410785c335

Request headers

Referer
https://vendostore.com/
Origin
https://vendostore.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 06:58:06 GMT
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 16:07:32 GMT
server
Apache
x-amz-cf-pop
FRA56-P5
age
24699
etag
"665-5fa538dcff900"
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
1637
x-amz-cf-id
kR4aTMR-vOcYOhGqCQ4xiL_iaC2xpRNuGUY07aOqyLS1b3dC46tBkg==
store.js
d2i4kumhnhdkf0.cloudfront.net/js/ 		73 B
417 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d2i4kumhnhdkf0.cloudfront.net/js/store.js
Requested by
Host: vendostore.com
URL: https://vendostore.com/a/details?id=84742
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:b800:4:2669:6700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
01a0efa2ad55fae2387cc522b46e4cc93c56441822c8546b599c6cb596703a0a

Request headers

Referer
https://vendostore.com/
Origin
https://vendostore.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 06:58:06 GMT
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 16:07:32 GMT
server
Apache
x-amz-cf-pop
FRA56-P5
age
24699
etag
"49-5fa538dcff900"
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
73
x-amz-cf-id
deDyyrCBkaz4dsyViX6NrIa1jF1K953EnYe6Mp_pHCjR_x3gzlZgmA==
thumbnail
d65e0wuog4vfl.cloudfront.net/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d65e0wuog4vfl.cloudfront.net/thumbnail?site=84742
Requested by
Host: vendostore.com
URL: https://vendostore.com/a/details?id=84742
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:200:1c:c432:840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
0cd7a239aad6aca820689dca99dc4a2bf4aec05899cf1899c757f11e7d3aa722
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vendostore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-version
V_20230427.225fa330 (pci-app-i-0940e10eac5f3cdae)
strict-transport-security
max-age=31536000
date
Mon, 08 May 2023 13:49:45 GMT
x-content-type-options
nosniff
via
1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
x-php-mem
4194304
x-amz-cf-pop
FRA56-P3
content-security-policy-report-only
default-src 'self' vend-o.com *.vend-o.com vendoservices.com *.vendoservices.com cdn.vendocdn.com *.quicksight.aws.amazon.com d3ns5crcgwfodk.cloudfront.net d65e0wuog4vfl.cloudfront.net d2i4kumhnhdkf0.cloudfront.net d14k38g86f558b.cloudfront.net 'unsafe-inline' 'unsafe-eval' data: ajax.googleapis.com fonts.googleapis.com fonts.gstatic.com www.gstatic.com www.google.com ssl.google-analytics.com www.google-analytics.com www.googletagmanager.com stats.g.doubleclick.net www.recaptcha.net rum-static.pingdom.net rum-collector-2.pingdom.net handshake.probity.io apps.5ca.com; report-uri https://secure.vend-o.com/api/traffic-tracking/csp
x-cache
RefreshHit from cloudfront
x-xss-protection
1; mode=block
pragma
server
Apache
etag
49f03e10f05fb392fc1e50ad5eb6df50
x-php-sessid
m3dldpfq9nqbk6a0tqhv4urmdmkhsco5
content-type
image/jpeg
cache-control
x-php-mempeak
4194304
x-sites-version
V_20230302.82786542
x-amz-cf-id
ii96DQ2oisRrj-ceDbkuz-X5eYxvwLZVwXq9tT9ptdKbDq3h4wAiRg==
expires
js
www.googletagmanager.com/gtag/ 		167 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-879199-9
Requested by
Host: vendostore.com
URL: https://vendostore.com/a/details?id=84742
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
85e292fdfd042543f29babf88247a484b7f17eb608370f6b9b854f6347f4a011
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vendostore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 13:49:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62567
x-xss-protection
0
last-modified
Mon, 08 May 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 08 May 2023 13:49:45 GMT
age-verification
vendostore.com/a/ Frame 84A2 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vendostore.com/a/age-verification
Requested by
Host: vendostore.com
URL: https://vendostore.com/a/details?id=84742
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.109.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-109-4.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
aaf9f6b5b4ffc181ee25065ae68425bbe210b1ed732cc165baf0ef9990785ad9
Security Headers
Name Value
Content-Security-Policy default-src 'self' vend-o.com *.vend-o.com vendoservices.com *.vendoservices.com cdn.vendocdn.com *.quicksight.aws.amazon.com d3ns5crcgwfodk.cloudfront.net d65e0wuog4vfl.cloudfront.net d2i4kumhnhdkf0.cloudfront.net d14k38g86f558b.cloudfront.net 'unsafe-inline' 'unsafe-eval' data: ajax.googleapis.com www.gstatic.com www.google-analytics.com www.googletagmanager.com www.google.com www.recaptcha.net; report-uri https://secure.vend-o.com/api/traffic-tracking/csp
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vendostore.com/a/details?id=84742
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-security-policy
default-src 'self' vend-o.com *.vend-o.com vendoservices.com *.vendoservices.com cdn.vendocdn.com *.quicksight.aws.amazon.com d3ns5crcgwfodk.cloudfront.net d65e0wuog4vfl.cloudfront.net d2i4kumhnhdkf0.cloudfront.net d14k38g86f558b.cloudfront.net 'unsafe-inline' 'unsafe-eval' data: ajax.googleapis.com www.gstatic.com www.google-analytics.com www.googletagmanager.com www.google.com www.recaptcha.net; report-uri https://secure.vend-o.com/api/traffic-tracking/csp
content-type
text/html; charset=UTF-8
date
Mon, 08 May 2023 13:49:45 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-php-mem
4194304
x-php-mempeak
4194304
x-php-sessid
tj4f5dobr3ro3qk3t7p5vsef2ptd6eeu
x-sites-version
V_20230302.82786542
x-version
V_20230427.225fa330 (pci-app-i-0edff8fcc2cedf550)
x-xss-protection
1; mode=block
vendo.svg
d2i4kumhnhdkf0.cloudfront.net/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2i4kumhnhdkf0.cloudfront.net/img/vendo.svg
Requested by
Host: vendostore.com
URL: https://vendostore.com/a/details?id=84742
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:b800:4:2669:6700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
7182d4990cd2ad55a61748551b3c0bdf47d5b7f0411315422cf2e6b06e112e93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vendostore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 05:01:34 GMT
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 16:07:32 GMT
server
Apache
x-amz-cf-pop
FRA56-P5
age
31691
etag
"fe2-5fa538dcff900"
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
4066
x-amz-cf-id
qR6nQ2Lh1Bvl_qDSWXvJXjMku41l8G6FyRZr5PsKV73Bbd47dbkAKw==
js
www.googletagmanager.com/gtag/ 		205 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8VNE378M96&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-879199-9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d7c863edbacf8f07ac47f76683567399fb5fd50ed97dd62cd12560da3ba87030
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vendostore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 13:49:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75014
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 08 May 2023 13:49:45 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-879199-9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vendostore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 08 May 2023 13:05:00 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
2685
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Mon, 08 May 2023 15:05:00 GMT
js
www.googletagmanager.com/gtag/ 		115 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-879199-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-879199-9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e09c6c691f856233bc7ea5f2caac180016991260f6ff58aae31eaa0056b2b116
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vendostore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 13:49:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45811
x-xss-protection
0
last-modified
Mon, 08 May 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 08 May 2023 13:49:45 GMT
collect
www.google-analytics.com/j/ 		1 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1018077601&t=pageview&_s=1&dl=https%3A%2F%2Fvendostore.com%2Fa%2Fdetails%3Fid%3D84742&ul=en-us&de=UTF-8&dt=Bare%20PassVendoStore&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1004897852&gjid=1607775920&cid=2142138771.1683553786&tid=UA-879199-9&_gid=331744017.1683553786&_r=1&gtm=457e3530&jsscut=1&z=545904425
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vendostore.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 May 2023 13:49:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vendostore.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1018077601&t=pageview&_s=1&dl=https%3A%2F%2Fvendostore.com%2Fa%2Fdetails%3Fid%3D84742&ul=en-us&de=UTF-8&dt=Bare%20PassVendoStore&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=1023149759&gjid=255606208&cid=2142138771.1683553786&tid=UA-879199-1&_gid=331744017.1683553786&_r=1&gtm=457e3530&jsscut=1&z=1360240505
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vendostore.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 May 2023 13:49:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vendostore.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
csp
secure.vend-o.com/api/traffic-tracking/ 		0
534 B 		Other
General
Check archive.org
Download Go to
Full URL
https://secure.vend-o.com/api/traffic-tracking/csp
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8VNE378M96&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.109.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-109-4.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vendostore.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Mon, 08 May 2023 13:49:46 GMT
x-version
V_20230427.225fa330 (pci-app-i-0743ebc36d4ad9a2a)
server
Apache
x-php-mem
6291456
x-php-sessid
jdkj9nbehli8nm4qnvu5q5btfi9hnod7
content-type
text/plain;charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
x-php-mempeak
6291456
x-sites-version
V_20230302.82786542
content-length
0
expires
Thu, 19 Nov 1981 08:52:00 GMT
2675dfe80df3e4a8a508225e5a757668.css
d3ns5crcgwfodk.cloudfront.net/compiled-css/ Frame 84A2 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3ns5crcgwfodk.cloudfront.net/compiled-css/2675dfe80df3e4a8a508225e5a757668.css
Requested by
Host: vendostore.com
URL: https://vendostore.com/a/age-verification
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:f200:15:23c2:4a00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56a1fa2b65e111e2709b7f931575c06e21a05773f9c0a03c3e77db5b1c29908c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vendostore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 23:07:35 GMT
via
1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jan 2021 01:19:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
398532
etag
"2675dfe80df3e4a8a508225e5a757668"
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
cache-control
max-age=2592001
accept-ranges
bytes
content-length
3851
x-amz-cf-id
zc5hK2On3OXn0tOIb9-6TrFoPXblrbL3W4rf5MP_I9WSZu-RCUHDqg==
jquery.3.6.0.min.js
d2i4kumhnhdkf0.cloudfront.net/js/jquery/ Frame 84A2 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2i4kumhnhdkf0.cloudfront.net/js/jquery/jquery.3.6.0.min.js
Requested by
Host: vendostore.com
URL: https://vendostore.com/a/age-verification
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:b800:4:2669:6700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0

Request headers

Referer
https://vendostore.com/
Origin
https://vendostore.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 07:17:54 GMT
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 16:07:32 GMT
server
Apache
x-amz-cf-pop
FRA56-P5
age
23512
etag
"15d9c-5fa538dcff900"
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
89500
x-amz-cf-id
CpFS1dGapCOqE537ZD9rkXVACMsore72CZwmuPdqs9dWqKPCAhpxHw==
jqueryui.1.12.1.min.js
d2i4kumhnhdkf0.cloudfront.net/js/jquery/ Frame 84A2 		248 KB
248 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2i4kumhnhdkf0.cloudfront.net/js/jquery/jqueryui.1.12.1.min.js
Requested by
Host: vendostore.com
URL: https://vendostore.com/a/age-verification
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:b800:4:2669:6700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
0f6098ae735676cc51e9bd52ee8892b827527c445120b0da7914df152a269766

Request headers

Referer
https://vendostore.com/
Origin
https://vendostore.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 06:58:06 GMT
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 16:07:32 GMT
server
Apache
x-amz-cf-pop
FRA56-P5
age
24700
etag
"3df08-5fa538dcff900"
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
253704
x-amz-cf-id
iif6wP2Wi1M4q3cEUHoJ30eq0PQ84oJfXAoY44FKn2LsU_EAGaFKPg==
api.js
www.recaptcha.net/recaptcha/ Frame 84A2 		853 B
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api.js
Requested by
Host: vendostore.com
URL: https://vendostore.com/a/age-verification
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e868131f1a5161054b01f38daebb2ef27bd1657019e4762c2a2086d195353d40
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vendostore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 13:49:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
558
x-xss-protection
1; mode=block
expires
Mon, 08 May 2023 13:49:46 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/ Frame 84A2 		408 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/recaptcha__de.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9246476ad494512fd651c54a3243ca5e4ca7012488b5237d1b19c03089dbba50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vendostore.com/
Origin
https://vendostore.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:47:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79353
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
167425
x-xss-protection
0
last-modified
Mon, 01 May 2023 02:02:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 06 May 2024 15:47:13 GMT
anchor
www.recaptcha.net/recaptcha/api2/ Frame 4A54 		53 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfeYjAUAAAAAAuE3ZPQG0a2KGkKQ8v8eV8pdHuQ&co=aHR0cHM6Ly92ZW5kb3N0b3JlLmNvbTo0NDM.&hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z&size=normal&cb=iaucs5c36o3c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6ba950b02462cfed4cdf65c0af8492e2f616fd7b718c7a243ac75d0cddd6ffe8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-enCBVabH-x1qjEjBlQA3_A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vendostore.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
29688
content-security-policy
script-src 'report-sample' 'nonce-enCBVabH-x1qjEjBlQA3_A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 08 May 2023 13:49:46 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/ Frame 4A54 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfeYjAUAAAAAAuE3ZPQG0a2KGkKQ8v8eV8pdHuQ&co=aHR0cHM6Ly92ZW5kb3N0b3JlLmNvbTo0NDM.&hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z&size=normal&cb=iaucs5c36o3c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 09:43:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
187595
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 01 May 2023 02:02:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 05 May 2024 09:43:11 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/ Frame 4A54 		408 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/recaptcha__de.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfeYjAUAAAAAAuE3ZPQG0a2KGkKQ8v8eV8pdHuQ&co=aHR0cHM6Ly92ZW5kb3N0b3JlLmNvbTo0NDM.&hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z&size=normal&cb=iaucs5c36o3c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9246476ad494512fd651c54a3243ca5e4ca7012488b5237d1b19c03089dbba50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:47:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79353
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
167425
x-xss-protection
0
last-modified
Mon, 01 May 2023 02:02:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 06 May 2024 15:47:13 GMT
truncated
/ Frame 4A54 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4A54 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 4A54 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 22:52:35 GMT
x-content-type-options
nosniff
age
140231
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 13 May 2023 22:52:35 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4A54 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfeYjAUAAAAAAuE3ZPQG0a2KGkKQ8v8eV8pdHuQ&co=aHR0cHM6Ly92ZW5kb3N0b3JlLmNvbTo0NDM.&hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z&size=normal&cb=iaucs5c36o3c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
Origin
https://www.recaptcha.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 23:28:35 GMT
x-content-type-options
nosniff
age
138071
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 23:28:35 GMT
bframe
www.recaptcha.net/recaptcha/api2/ Frame A5FC 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z&k=6LfeYjAUAAAAAAuE3ZPQG0a2KGkKQ8v8eV8pdHuQ
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
75222f36ea19825e6e9f300c9b9e82d0c9e334394a9e949e84df49bda131d884
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_p2sP2lOZu0AyPlTx_pdIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vendostore.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1150
content-security-policy
script-src 'report-sample' 'nonce-_p2sP2lOZu0AyPlTx_pdIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 08 May 2023 13:49:46 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
webworker.js
www.recaptcha.net/recaptcha/api2/ Frame 4A54 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfeYjAUAAAAAAuE3ZPQG0a2KGkKQ8v8eV8pdHuQ&co=aHR0cHM6Ly92ZW5kb3N0b3JlLmNvbTo0NDM.&hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z&size=normal&cb=iaucs5c36o3c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ad10a96d76d0545db3cd7ef7c37e917d5ee9f8bc9807a4bc59faa8e527f72a1b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfeYjAUAAAAAAuE3ZPQG0a2KGkKQ8v8eV8pdHuQ&co=aHR0cHM6Ly92ZW5kb3N0b3JlLmNvbTo0NDM.&hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z&size=normal&cb=iaucs5c36o3c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 13:49:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 08 May 2023 13:49:46 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/ Frame A5FC 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z&k=6LfeYjAUAAAAAAuE3ZPQG0a2KGkKQ8v8eV8pdHuQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 09:43:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
187595
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 01 May 2023 02:02:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 05 May 2024 09:43:11 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/ Frame A5FC 		408 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/recaptcha__de.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z&k=6LfeYjAUAAAAAAuE3ZPQG0a2KGkKQ8v8eV8pdHuQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9246476ad494512fd651c54a3243ca5e4ca7012488b5237d1b19c03089dbba50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:47:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79353
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
167425
x-xss-protection
0
last-modified
Mon, 01 May 2023 02:02:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 06 May 2024 15:47:13 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| $ function| jQuery function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

6 Cookies

Domain/Path Name / Value
vendostore.com/ Name: VENDO_SESSION
Value: tj4f5dobr3ro3qk3t7p5vsef2ptd6eeu
.vendostore.com/ Name: _gid
Value: GA1.2.331744017.1683553786
.vendostore.com/ Name: _gat_gtag_UA_879199_9
Value: 1
.vendostore.com/ Name: _gat_gtag_UA_879199_1
Value: 1
.vendostore.com/ Name: _ga_8VNE378M96
Value: GS1.1.1683553785.1.0.1683553785.0.0.0
.vendostore.com/ Name: _ga
Value: GA1.1.2142138771.1683553786

1 Console Messages

Source Level URL
Text
security error URL: https://www.googletagmanager.com/gtag/js?id=G-8VNE378M96&l=dataLayer&cx=c(Line 157)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-8VNE378M96&gtm=45je3530&_p=1018077601&cid=2142138771.1683553786&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683553785&sct=1&seg=0&dl=https%3A%2F%2Fvendostore.com%2Fa%2Fdetails%3Fid%3D84742&dt=Bare%20PassVendoStore&en=page_view&_fv=1&_ss=1' because it violates the following Content Security Policy directive: "default-src 'self' vend-o.com *.vend-o.com vendoservices.com *.vendoservices.com cdn.vendocdn.com *.quicksight.aws.amazon.com d3ns5crcgwfodk.cloudfront.net d65e0wuog4vfl.cloudfront.net d2i4kumhnhdkf0.cloudfront.net d14k38g86f558b.cloudfront.net 'unsafe-inline' 'unsafe-eval' data: ajax.googleapis.com www.gstatic.com www.google-analytics.com www.googletagmanager.com www.google.com www.recaptcha.net". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' vend-o.com *.vend-o.com vendoservices.com *.vendoservices.com cdn.vendocdn.com *.quicksight.aws.amazon.com d3ns5crcgwfodk.cloudfront.net d65e0wuog4vfl.cloudfront.net d2i4kumhnhdkf0.cloudfront.net d14k38g86f558b.cloudfront.net 'unsafe-inline' 'unsafe-eval' data: ajax.googleapis.com www.gstatic.com www.google-analytics.com www.googletagmanager.com www.google.com www.recaptcha.net; report-uri https://secure.vend-o.com/api/traffic-tracking/csp
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d2i4kumhnhdkf0.cloudfront.net
d3ns5crcgwfodk.cloudfront.net
d65e0wuog4vfl.cloudfront.net
fonts.gstatic.com
secure.vend-o.com
vendostore.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
2600:9000:211e:f200:15:23c2:4a00:21
2600:9000:223d:200:1c:c432:840:21
2600:9000:223f:b800:4:2669:6700:21
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2003
2a00:1450:4001:827::200e
2a00:1450:4001:829::2003
54.229.109.4
01a0efa2ad55fae2387cc522b46e4cc93c56441822c8546b599c6cb596703a0a
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0ca92d6e212b114e22a72ff595917759e61e924c623b2c3ecc04d0410785c335
0cd7a239aad6aca820689dca99dc4a2bf4aec05899cf1899c757f11e7d3aa722
0f6098ae735676cc51e9bd52ee8892b827527c445120b0da7914df152a269766
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
27069ec04e9112ecf0fc2519026530271a308926a7c97db094f1655dc9c3cee7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
56a1fa2b65e111e2709b7f931575c06e21a05773f9c0a03c3e77db5b1c29908c
598d3c901982e1565911018bfb6cc1ba11178cf37aea48598f24681bfa6a5128
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ba950b02462cfed4cdf65c0af8492e2f616fd7b718c7a243ac75d0cddd6ffe8
7182d4990cd2ad55a61748551b3c0bdf47d5b7f0411315422cf2e6b06e112e93
75222f36ea19825e6e9f300c9b9e82d0c9e334394a9e949e84df49bda131d884
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0
85e292fdfd042543f29babf88247a484b7f17eb608370f6b9b854f6347f4a011
9246476ad494512fd651c54a3243ca5e4ca7012488b5237d1b19c03089dbba50
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
aaf9f6b5b4ffc181ee25065ae68425bbe210b1ed732cc165baf0ef9990785ad9
ad10a96d76d0545db3cd7ef7c37e917d5ee9f8bc9807a4bc59faa8e527f72a1b
b09e605bd8bd2a86d14cc50c3615d78914efcb9d8c3fdaf6baf513f031bd22e4
d7c863edbacf8f07ac47f76683567399fb5fd50ed97dd62cd12560da3ba87030
e09c6c691f856233bc7ea5f2caac180016991260f6ff58aae31eaa0056b2b116
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e868131f1a5161054b01f38daebb2ef27bd1657019e4762c2a2086d195353d40