urlscan.io logo urlscan.io
SecurityTrails logo

bd.projek.fyi Open in urlscan Pro
99.83.151.71  Public Scan

Go To Rescan Add Verdict Report
URL: https://bd.projek.fyi/
Submission: On November 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 20 HTTP transactions. The main IP is 99.83.151.71, located in United States and belongs to AMAZON-02, US. The main domain is bd.projek.fyi.
TLS certificate: Issued by R10 on November 24th 2024. Valid for: 3 months.
This is the only time bd.projek.fyi was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 99.83.151.71 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:225... 16509 (AMAZON-02)
1 2 2a02:26f0:350... 20940 (AKAMAI-AS...)
1 2 2a04:4e42:600... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-AS...)
2 142.250.185.227 15169 (GOOGLE)
1 172.217.18.4 15169 (GOOGLE)
1 108.138.26.116 16509 (AMAZON-02)
2 18.244.18.76 16509 (AMAZON-02)
20 12
6    99.83.151.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: a92e093842311e90d.awsglobalaccelerator.com
bd.projek.fyi
api.frontly.ai
1    2a00:1450:400c:c0a::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:225e:7600:1b:348c:b140:93a1 (United States)

ASN16509 (AMAZON-02, US)
r.wdfl.co
2    2a02:26f0:3500:2be::523 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
widget.cloudinary.com
res.cloudinary.com
2    2a04:4e42:600::393 (United States)

ASN54113 (FASTLY, US)
upload-widget.cloudinary.com
2    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a02:26f0:3500:2ab::523 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
res.cloudinary.com
2    142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net
fonts.gstatic.com
1    172.217.18.4 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f4.1e100.net
www.google.com
1    108.138.26.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-116.fra56.r.cloudfront.net
widget.intercom.io
2    18.244.18.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-76.fra56.r.cloudfront.net
js.intercomcdn.com
Apex Domain
Subdomains		 Transfer
5 cloudinary.com
widget.cloudinary.com — Cisco Umbrella Rank: 49878
upload-widget.cloudinary.com — Cisco Umbrella Rank: 41245
res.cloudinary.com — Cisco Umbrella Rank: 2559
44 KB
4 projek.fyi
bd.projek.fyi
2 MB
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2998
287 KB
2 gstatic.com
fonts.gstatic.com
36 KB
2 frontly.ai
api.frontly.ai
9 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
93 KB
2 google.com
accounts.google.com — Cisco Umbrella Rank: 17
www.google.com — Cisco Umbrella Rank: 3
86 KB
1 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 2266
3 KB
1 wdfl.co
r.wdfl.co — Cisco Umbrella Rank: 20355
5 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
20 10
Domain Requested by
4 bd.projek.fyi bd.projek.fyi
2 js.intercomcdn.com widget.intercom.io
2 fonts.gstatic.com fonts.googleapis.com
2 api.frontly.ai bd.projek.fyi
2 res.cloudinary.com bd.projek.fyi
2 www.googletagmanager.com bd.projek.fyi
www.googletagmanager.com
2 upload-widget.cloudinary.com 1 redirects bd.projek.fyi
1 widget.intercom.io bd.projek.fyi
1 www.google.com www.googletagmanager.com
1 widget.cloudinary.com 1 redirects
1 r.wdfl.co bd.projek.fyi
1 fonts.googleapis.com bd.projek.fyi
1 accounts.google.com bd.projek.fyi
20 13

This site contains no links.

Subject Issuer Validity Valid
bd.projek.fyi
R10		 2024-11-24 -
2025-02-22		 3 months crt.sh
accounts.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
r.wdfl.co
Amazon RSA 2048 M02		 2024-08-02 -
2025-08-30		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2023-12-18 -
2025-01-13		 a year crt.sh
api.frontly.ai
R10		 2024-10-25 -
2025-01-23		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.intercom.com
Amazon RSA 2048 M03		 2024-01-15 -
2025-02-11		 a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02		 2024-10-31 -
2025-11-28		 a year crt.sh

This page contains 3 frames:

Primary Page: https://bd.projek.fyi/
Frame ID: 79EEDB7B8B2ED8665A39C67474D73645
Requests: 16 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fbd.projek.fyi
Frame ID: E8076B82A4CA13D3D6DCD5415F576FCD
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.cecfc687.js
Frame ID: 50EEC4EB3CD2FC7AC7F10D2773806B68
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DNeX Group BD

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • r\.wdfl\.co
Overall confidence: 80%
Detected patterns
  • <img[^>]+\.cloudinary\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • r\.wdfl\.co

Page Statistics

20
Requests

95 %
HTTPS

58 %
IPv6

10
Domains

13
Subdomains

12
IPs

3
Countries

3048 kB
Transfer

11732 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://widget.cloudinary.com/v2.0/global/all.js HTTP 302
  • https://upload-widget.cloudinary.com/global/all.js HTTP 301
  • https://upload-widget.cloudinary.com/2.20.20/global/all.js

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bd.projek.fyi/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bd.projek.fyi/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.83.151.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a92e093842311e90d.awsglobalaccelerator.com
Software
nginx /
Resource Hash
36cbccb75a4123d0db3ed68662a91d5af38d9b3baae1a4f886e9eb0b5f260bee
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; connect-src *; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' *.example.com; img-src 'self' https: data:; style-src 'self' https: 'unsafe-inline'; frame-src *; manifest-src 'self' https: blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
default-src 'self' https:; connect-src *; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' *.example.com; img-src 'self' https: data:; style-src 'self' https: 'unsafe-inline'; frame-src *; manifest-src 'self' https: blob:;
Content-Type
text/html; charset=UTF-8
Date
Mon, 25 Nov 2024 19:31:26 GMT
Etag
W/"673e1c2f-4e7"
Last-Modified
Wed, 20 Nov 2024 17:28:15 GMT
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1732563086&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=fR2LGu3QmGry1GZonL8KFEygmplrRAaJojRrpSnNt%2BE%3D"}]}
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1732563086&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=fR2LGu3QmGry1GZonL8KFEygmplrRAaJojRrpSnNt%2BE%3D
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Xss-Protection
1; mode=block
client
accounts.google.com/gsi/ 		226 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: bd.projek.fyi
URL: https://bd.projek.fyi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
13a408be604b43919c3e2b54ca300019d1575b93537ebceb350bec5f9fe522c8
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-7yjlY7izZBNnI9O2cz8LgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bd.projek.fyi/

Response headers

content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-7yjlY7izZBNnI9O2cz8LgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control
private, max-age=1800
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 19:31:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date
Mon, 25 Nov 2024 19:31:26 GMT
x-xss-protection
0
content-type
application/javascript; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server
ESF
x-frame-options
SAMEORIGIN
css2
fonts.googleapis.com/ 		18 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&family=Manrope:wght@300;400;500;700&display=swap
Requested by
Host: bd.projek.fyi
URL: https://bd.projek.fyi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d4bd7e46cdc1759ffda83abdccb1363f3b4dcf7c392a23121a615826da0b992e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bd.projek.fyi/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 19:31:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 19:31:26 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 25 Nov 2024 19:31:26 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
rw.js
r.wdfl.co/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r.wdfl.co/rw.js
Requested by
Host: bd.projek.fyi
URL: https://bd.projek.fyi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7600:1b:348c:b140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44eaa7c7f536af8ad1e4cc16da1eb0dde491b60c3b86140b4ea5d9769593ffc4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bd.projek.fyi/

Response headers

vary
accept-encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"2f268cdb1246b18429fab7032cbf2d63"
age
523
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
9XqLDEte735uSGcs7u1hxdq-eWmJ1SwAiILUXmgRdGEFHGlRai4ulA==
date
Mon, 25 Nov 2024 19:22:44 GMT
content-type
text/javascript
last-modified
Mon, 25 Nov 2024 16:22:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
all.js
upload-widget.cloudinary.com/2.20.20/global/
Redirect Chain
  • https://widget.cloudinary.com/v2.0/global/all.js
  • https://upload-widget.cloudinary.com/global/all.js
  • https://upload-widget.cloudinary.com/2.20.20/global/all.js
135 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upload-widget.cloudinary.com/2.20.20/global/all.js
Requested by
Host: bd.projek.fyi
URL: https://bd.projek.fyi/
Protocol
H2
Server
2a04:4e42:600::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
800eff920e76b3e6162f38cbbb72ed2769caaa07295d413e108003ff0805b810

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bd.projek.fyi/

Response headers

content-encoding
br
etag
"84edcb4a239f313c8eaaf12b6ec3716e"
age
184
x-cache
HIT
date
Mon, 25 Nov 2024 19:31:26 GMT
last-modified
Thu, 14 Nov 2024 13:00:12 GMT
vary
Accept-Encoding
x-cache-hits
3
content-type
text/javascript
x-served-by
cache-fra-eddf8230125-FRA
x-amz-replication-status
COMPLETED
cache-control
public, max-age=3600, immutable
x-timer
S1732563087.773194,VS0,VE0
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
39383
server
AmazonS3

Redirect headers

cache-control
public, s-maxage=365 days, max-age=600
location
https://upload-widget.cloudinary.com/2.20.20/global/all.js
x-timer
S1732563087.715919,VS0,VE0
age
101
via
1.1 varnish
apigw-requestid
B0V2bhf-oAMEMKw=
access-control-allow-origin
*
x-cache
HIT
accept-ranges
bytes
content-length
0
date
Mon, 25 Nov 2024 19:31:26 GMT
x-served-by
cache-fra-eddf8230125-FRA
x-cache-hits
3
main.b1f3b2e0.js
bd.projek.fyi/static/js/ 		10 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://bd.projek.fyi/static/js/main.b1f3b2e0.js
Requested by
Host: bd.projek.fyi
URL: https://bd.projek.fyi/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.83.151.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a92e093842311e90d.awsglobalaccelerator.com
Software
nginx /
Resource Hash
15f9dbb164ed852758c278e6c75f76bb2984b00395a1109ceebf65aa6c3d2f7d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; connect-src *; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' *.example.com; img-src 'self' https: data:; style-src 'self' https: 'unsafe-inline'; frame-src *; manifest-src 'self' https: blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bd.projek.fyi/

Response headers

Content-Encoding
gzip
Etag
W/"673e1c2f-9cb269"
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1732563086&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=fR2LGu3QmGry1GZonL8KFEygmplrRAaJojRrpSnNt%2BE%3D"}]}
X-Content-Type-Options
nosniff
Date
Mon, 25 Nov 2024 19:31:26 GMT
Content-Type
application/x-javascript
Last-Modified
Wed, 20 Nov 2024 17:28:15 GMT
Vary
Accept-Encoding
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1732563086&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=fR2LGu3QmGry1GZonL8KFEygmplrRAaJojRrpSnNt%2BE%3D
Content-Security-Policy
default-src 'self' https:; connect-src *; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' *.example.com; img-src 'self' https: data:; style-src 'self' https: 'unsafe-inline'; frame-src *; manifest-src 'self' https: blob:;
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Connection
keep-alive
Via
1.1 vegur
X-Xss-Protection
1; mode=block
Server
nginx
main.a5e6ba8c.css
bd.projek.fyi/static/css/ 		61 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bd.projek.fyi/static/css/main.a5e6ba8c.css
Requested by
Host: bd.projek.fyi
URL: https://bd.projek.fyi/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.83.151.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a92e093842311e90d.awsglobalaccelerator.com
Software
nginx /
Resource Hash
ffca7d19e747e1d3b78a5e3a93ac9c73d1fa4b223d20d63e32fe1fc223b74a59
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; connect-src *; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' *.example.com; img-src 'self' https: data:; style-src 'self' https: 'unsafe-inline'; frame-src *; manifest-src 'self' https: blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bd.projek.fyi/

Response headers

Content-Encoding
gzip
Etag
W/"673e1c2f-f2fd"
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1732563086&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=fR2LGu3QmGry1GZonL8KFEygmplrRAaJojRrpSnNt%2BE%3D"}]}
X-Content-Type-Options
nosniff
Date
Mon, 25 Nov 2024 19:31:26 GMT
Content-Type
text/css
Last-Modified
Wed, 20 Nov 2024 17:28:15 GMT
Vary
Accept-Encoding
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1732563086&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=fR2LGu3QmGry1GZonL8KFEygmplrRAaJojRrpSnNt%2BE%3D
Content-Security-Policy
default-src 'self' https:; connect-src *; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' *.example.com; img-src 'self' https: data:; style-src 'self' https: 'unsafe-inline'; frame-src *; manifest-src 'self' https: blob:;
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Connection
keep-alive
Via
1.1 vegur
X-Xss-Protection
1; mode=block
Server
nginx
gtm.js
www.googletagmanager.com/ 		262 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WN26R9XL&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: bd.projek.fyi
URL: https://bd.projek.fyi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e7066a365183f8507a2631a8e1058d46f91e3a19378fef5675812e8df8db87f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bd.projek.fyi/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 25 Nov 2024 19:31:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 19:31:30 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 25 Nov 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
94984
x-xss-protection
0
server
Google Tag Manager
bd.projek.fyi.json
res.cloudinary.com/frontly/raw/upload/v1717391911/client_branding/ 		0
557 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://res.cloudinary.com/frontly/raw/upload/v1717391911/client_branding/bd.projek.fyi.json
Requested by
Host: bd.projek.fyi
URL: https://bd.projek.fyi/static/js/main.b1f3b2e0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:2ab::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bd.projek.fyi/

Response headers

strict-transport-security
max-age=604800
x-request-id
c543140e018b46611d2ae96b5326fcf2
cache-control
private, no-transform, max-age=0, no-cache
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag
timing-allow-origin
*
content-transfer-encoding
binary
accept-ranges
bytes
x-cld-error
Resource not found - client_branding/bd.projek.fyi.json
access-control-allow-origin
*
content-length
0
server-timing
cld-akam;dur=484;cpu=311;start=2024-11-25T19:31:30.260Z;desc=miss,rtt;dur=12,cloudinary;dur=84;start=2024-11-25T19:31:30.544Z,cld-id;desc=c543140e018b46611d2ae96b5326fcf2,cld-error;desc="Resource not found - client_branding/bd.projek.fyi.json"
date
Mon, 25 Nov 2024 19:31:30 GMT
content-type
image/gif
content-disposition
inline
server
Cloudinary
/
api.frontly.ai/anonymous_config/ 		9 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.frontly.ai/anonymous_config/?domain=bd.projek.fyi
Requested by
Host: bd.projek.fyi
URL: https://bd.projek.fyi/static/js/main.b1f3b2e0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.83.151.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a92e093842311e90d.awsglobalaccelerator.com
Software
gunicorn /
Resource Hash
48f00ded3686fe971a1a4ae1f9f6c4097b368e5bdfaf05c6c5a6988c310626bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Authorization
Token undefined
Referer
https://bd.projek.fyi/

Response headers

Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1732563090&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=bsEnlS8jq1aNDPzl8MAz2Uavc0BtKGB%2BxGKtdut6jgA%3D"}]}
X-Content-Type-Options
nosniff
Date
Mon, 25 Nov 2024 19:31:31 GMT
Content-Type
application/json
Vary
Accept, origin
X-Frame-Options
DENY
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1732563090&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=bsEnlS8jq1aNDPzl8MAz2Uavc0BtKGB%2BxGKtdut6jgA%3D
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Cross-Origin-Opener-Policy
same-origin
Connection
keep-alive
Referrer-Policy
same-origin
Allow
GET, POST, HEAD, OPTIONS
Via
1.1 vegur
Access-Control-Allow-Origin
*
Content-Length
8794
Server
gunicorn
/
api.frontly.ai/anonymous_config/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.frontly.ai/anonymous_config/?domain=bd.projek.fyi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.83.151.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a92e093842311e90d.awsglobalaccelerator.com
Software
gunicorn /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://bd.projek.fyi
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
accept, authorization, content-type, user-agent, x-csrftoken, x-requested-with
Access-Control-Allow-Methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Cross-Origin-Opener-Policy
same-origin
Date
Mon, 25 Nov 2024 19:31:30 GMT
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Referrer-Policy
same-origin
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1732563090&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=bsEnlS8jq1aNDPzl8MAz2Uavc0BtKGB%2BxGKtdut6jgA%3D"}]}
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1732563090&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=bsEnlS8jq1aNDPzl8MAz2Uavc0BtKGB%2BxGKtdut6jgA%3D
Server
gunicorn
Vary
origin
Via
1.1 vegur
X-Content-Type-Options
nosniff
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&family=Manrope:wght@300;400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bd.projek.fyi
Referer
https://fonts.googleapis.com/

Response headers

age
540768
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 19 Nov 2025 13:18:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Nov 2024 13:18:42 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fbd.projek.fyi%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=368920351.1732563090&auid=2108424212.1732563090&npa=1&gtm=45He4bk0v9196427727za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732563090262&tfd=4702&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WN26R9XL&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bd.projek.fyi/

Response headers
sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame E807 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fbd.projek.fyi
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WN26R9XL&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 19:31:30 GMT
expires
Tue, 25 Nov 2025 19:31:30 GMT
last-modified
Tue, 19 Nov 2024 10:38:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
yj7svpiv
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/yj7svpiv
Requested by
Host: bd.projek.fyi
URL: https://bd.projek.fyi/static/js/main.b1f3b2e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-116.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3398481e2e86a69a2a95096d7d49d85141fb7de6fc2e010accb66bdf944e44a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bd.projek.fyi/

Response headers

content-encoding
gzip
x-amz-version-id
5gTdXQ7uN3LPidMCtnoRxhMeUr6Flkpn
etag
"a6161b1dfcb5039de677de40ec3340ec"
age
97
alt-svc
h3=":443"; ma=86400
x-cache
Error from cloudfront
x-amz-cf-id
G_9D2gF5DNHpdSGoO5bkBfaAPm3fOWRkIW_E3f09w1BXF9E1GqzbOQ==
date
Mon, 25 Nov 2024 19:29:56 GMT
content-type
application/javascript; charset=UTF-8
vary
accept-encoding, Origin
last-modified
Fri, 22 Nov 2024 15:02:38 GMT
cache-control
max-age=300, s-maxage=300, public
cross-origin-resource-policy
cross-origin
via
1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
2668
x-amz-cf-pop
FRA56-P7
server
AmazonS3
x-amz-server-side-encryption
AES256
blank-fav.png
bd.projek.fyi/ 		98 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bd.projek.fyi/blank-fav.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.83.151.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a92e093842311e90d.awsglobalaccelerator.com
Software
nginx /
Resource Hash
66d68d12f517d7ecd03a0c74ab13ab357f869c674b36523c62706481ca51d0b6
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; connect-src *; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' *.example.com; img-src 'self' https: data:; style-src 'self' https: 'unsafe-inline'; frame-src *; manifest-src 'self' https: blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bd.projek.fyi/

Response headers

Etag
"673e1b4a-62"
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1732563090&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=rOxRKl1Iuf0slAsFk0gOpInxYM9RsNlZgbtt95zm7xo%3D"}]}
X-Content-Type-Options
nosniff
Date
Mon, 25 Nov 2024 19:31:30 GMT
Content-Type
image/png
Last-Modified
Wed, 20 Nov 2024 17:24:26 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1732563090&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=rOxRKl1Iuf0slAsFk0gOpInxYM9RsNlZgbtt95zm7xo%3D
Content-Security-Policy
default-src 'self' https:; connect-src *; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' *.example.com; img-src 'self' https: data:; style-src 'self' https: 'unsafe-inline'; frame-src *; manifest-src 'self' https: blob:;
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Connection
keep-alive
Via
1.1 vegur
Accept-Ranges
bytes
Content-Length
98
X-Xss-Protection
1; mode=block
Server
nginx
DNeX_logo_umz859.png
res.cloudinary.com/frontly/image/upload/v1732451753/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/frontly/image/upload/v1732451753/DNeX_logo_umz859.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:2be::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
6c4148d24c7e4735f1e5e78f7afc9b691231a2eadf64354dd139191bbc48254c
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bd.projek.fyi/

Response headers

strict-transport-security
max-age=604800
x-request-id
0a43c6ccd38f75cb1d48fcdfbc731570
cache-control
public, no-transform, immutable, max-age=2592000
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
timing-allow-origin
*
etag
"f4c570843135e85a092658122a3cf424"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
server-timing
cld-akam;dur=218;cpu=52;start=2024-11-25T19:31:31.265Z;desc=miss,rtt;dur=12,content-info;desc="width=654,height=275,bytes=3774,o=1,ef=(17)",cloudinary;dur=77;start=2024-11-25T19:31:31.357Z
content-length
3774
date
Mon, 25 Nov 2024 19:31:31 GMT
content-type
image/png
last-modified
Sun, 24 Nov 2024 12:35:54 GMT
server
Cloudinary
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&family=Manrope:wght@300;400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bd.projek.fyi
Referer
https://fonts.googleapis.com/

Response headers

age
582526
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 19 Nov 2025 01:42:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Nov 2024 01:42:45 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
frame-modern.cecfc687.js
js.intercomcdn.com/ Frame 50EE 		471 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.cecfc687.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/yj7svpiv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-76.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a996d350a66a76b6b7ba3a00faef40013096ed7768042d38840198885d0ea205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-amz-version-id
WwFCz7sr5NmQTCxqogr.yfJaZxkCiSdr
etag
"1178aa2c0dc4eab03218e9f2a58f52a1"
age
1731
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
_e3A6WLsP63zylBRN9S-RduhR0di_n3-WXzRSzKrOibTOGEU3KsLtw==
date
Mon, 25 Nov 2024 19:02:41 GMT
content-type
application/javascript; charset=UTF-8
vary
accept-encoding
last-modified
Fri, 22 Nov 2024 14:59:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy
cross-origin
via
1.1 6f1a8e219f50f958f5a2fbc9c84af776.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
145070
x-amz-cf-pop
FRA56-P11
server
AmazonS3
x-amz-server-side-encryption
AES256
vendor-modern.5c288613.js
js.intercomcdn.com/ Frame 50EE 		456 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.5c288613.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/yj7svpiv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-76.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad0e16e3e83936688a11f292ef26cd62ff0b2125053c37e9cc8ac41b24f44342
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-amz-version-id
h1xPpu.NIF_ABzUbMHqf__h1gz4NgrBN
etag
"cfcbe890471af67f5140f9f36766a673"
age
1893
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
YOpLfwo0VWNZndFLcjjIfKfxU8jFmyiQ4PaKsBbhJk9u0dmh2bKjbw==
date
Mon, 25 Nov 2024 18:59:59 GMT
content-type
application/javascript; charset=UTF-8
vary
accept-encoding
last-modified
Fri, 22 Nov 2024 14:59:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy
cross-origin
via
1.1 6f1a8e219f50f958f5a2fbc9c84af776.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
147369
x-amz-cf-pop
FRA56-P11
server
AmazonS3
x-amz-server-side-encryption
AES256

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 string| _rwq function| rewardful object| default_gsi object| _F_toggles object| google object| cloudinary boolean| _rewardful_loaded function| Rewardful string| __reactRouterVersion function| _ object| TreemapSquared function| SVG object| Apex function| ApexCharts function| setImmediate function| clearImmediate object| dataLayer object| closure_lm_555417 function| Intercom object| google_tag_manager object| google_tag_data function| __intercomAssignLocation function| __intercomReloadLocation

2 Cookies

Domain/Path Name / Value
.projek.fyi/ Name: mp_24b88f3ea98cee756872d3abb2d7da40_mixpanel
Value: %7B%22distinct_id%22%3A%20%22%24device%3A19364cebab011b8-02b63be334af5f-16462c6e-1d4c00-19364cebab111b8%22%2C%22%24device_id%22%3A%20%2219364cebab011b8-02b63be334af5f-16462c6e-1d4c00-19364cebab111b8%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.projek.fyi/ Name: _gcl_au
Value: 1.1.2108424212.1732563090

2 Console Messages

Source Level URL
Text
network error URL: https://res.cloudinary.com/frontly/raw/upload/v1717391911/client_branding/bd.projek.fyi.json
Message:
Failed to load resource: the server responded with a status of 404 ()
recommendation verbose URL: https://bd.projek.fyi/
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https:; connect-src *; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' *.example.com; img-src 'self' https: data:; style-src 'self' https: 'unsafe-inline'; frame-src *; manifest-src 'self' https: blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api.frontly.ai
bd.projek.fyi
fonts.googleapis.com
fonts.gstatic.com
js.intercomcdn.com
r.wdfl.co
res.cloudinary.com
upload-widget.cloudinary.com
widget.cloudinary.com
widget.intercom.io
www.google.com
www.googletagmanager.com
108.138.26.116
142.250.185.227
172.217.18.4
18.244.18.76
2600:9000:225e:7600:1b:348c:b140:93a1
2a00:1450:4001:800::200a
2a00:1450:4001:81c::2008
2a00:1450:400c:c0a::54
2a02:26f0:3500:2ab::523
2a02:26f0:3500:2be::523
2a04:4e42:600::393
99.83.151.71
13a408be604b43919c3e2b54ca300019d1575b93537ebceb350bec5f9fe522c8
15f9dbb164ed852758c278e6c75f76bb2984b00395a1109ceebf65aa6c3d2f7d
36cbccb75a4123d0db3ed68662a91d5af38d9b3baae1a4f886e9eb0b5f260bee
44eaa7c7f536af8ad1e4cc16da1eb0dde491b60c3b86140b4ea5d9769593ffc4
48f00ded3686fe971a1a4ae1f9f6c4097b368e5bdfaf05c6c5a6988c310626bf
66d68d12f517d7ecd03a0c74ab13ab357f869c674b36523c62706481ca51d0b6
6c4148d24c7e4735f1e5e78f7afc9b691231a2eadf64354dd139191bbc48254c
800eff920e76b3e6162f38cbbb72ed2769caaa07295d413e108003ff0805b810
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
a996d350a66a76b6b7ba3a00faef40013096ed7768042d38840198885d0ea205
ad0e16e3e83936688a11f292ef26cd62ff0b2125053c37e9cc8ac41b24f44342
d4bd7e46cdc1759ffda83abdccb1363f3b4dcf7c392a23121a615826da0b992e
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7066a365183f8507a2631a8e1058d46f91e3a19378fef5675812e8df8db87f1
f3398481e2e86a69a2a95096d7d49d85141fb7de6fc2e010accb66bdf944e44a
ffca7d19e747e1d3b78a5e3a93ac9c73d1fa4b223d20d63e32fe1fc223b74a59