Why Target Vendor Portal Resets Connections on Sequoia
Target’s vendor portal is hosted on Google’s GCP with Cloudflare as the CDN layer. The portal enforces TLS 1.3 with ECH for all vendor logins. When vendors access the portal from macOS Safari on networks with SSL inspection (common in Asia and Eastern Europe), the ISP gateway resets the ECH-enabled ClientHello, causing the TLS handshake to fail.
Google Cloud Load Balancer’s TLS configuration supports TLS 1.2 fallback, but Cloudflare’s edge configuration requires ECH for TLS 1.3 and only falls back to TLS 1.2 when the client explicitly signals TLS 1.2 support. ISP gateways that strip this signal cause Cloudflare to assume TLS 1.3-only support, which fails due to ECH incompatibility.
Browser Integrity Sync and GCP Load Balancing
Target’s vendor portal uses browser integrity sync across GCP’s global load balancing infrastructure. When the TLS handshake is interrupted, the integrity sync fails, and GCP’s security layer blocks the vendor’s access, requiring re-authentication.
Fixing Target Vendor Portal Connection Resets
Using Chrome with QUIC Disabled
Target’s Cloudflare configuration supports HTTP/3 (QUIC), which can be blocked by ISP gateways. Download Chrome → Settings → Advanced → System → disable Use QUIC protocol. Access Target Vendor Portal in Chrome — with QUIC disabled, Chrome uses HTTP/2 over TCP, which ISP gateways handle reliably.
Clearing All Browser State for Target
Open Safari → Clear History → All History. Then Settings → Privacy → Manage Website Data → remove all Target entries. Restart Safari and access the vendor portal — the fresh TLS session negotiates a new handshake with Cloudflare’s edge nodes, bypassing any corrupted session state.
Checking Target Platform Status
Search “is the platform down right now” for Target vendor portal status. If an active incident is reported, the connection reset is infrastructure-driven and no client-side fix will resolve it until Target’s IT team restores normal operation.
Call to Action
Use the webs.ninja network lab to run a TLS handshake diagnostic for Target’s vendor portal. The diagnostic identifies whether the reset is caused by your ISP’s gateway, a Cloudflare edge node failure, or Target’s GCP infrastructure, directing the fix to the correct layer.