devapp.projecttracker.au Open in urlscan Pro
3.24.45.240  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login Show response devapp.projecttracker.au/	71 KB 24 KB	175ms 61ms	Document text/html	3.24.45.240 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://devapp.projecttracker.au/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.24.45.240 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-24-45-240.ap-southeast-2.compute.amazonaws.com Software nginx / Resource Hash 3081cacfc2b4fe95e6f37f3d6b4103279e8b5b8e418a97c41edd65cb4fba2776 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; frame-ancestors 'none'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language en-AU,en;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers age 0 cache-control no-cache, private content-encoding gzip content-security-policy default-src 'self'; script-src 'self' 'unsafe-inline'; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; frame-ancestors 'none'; content-type text/html; charset=UTF-8 date Sun, 23 Jun 2024 22:37:17 GMT server nginx strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding Accept-Encoding x-cache MISS x-content-type-options nosniff x-frame-options DENY x-xss-protection 1; mode=block
GET H2	200	plugins.bundle.css devapp.projecttracker.au/demo1/plugins/global/	449 KB 75 KB	406ms 405ms	Stylesheet text/css	3.24.45.240 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://devapp.projecttracker.au/demo1/plugins/global/plugins.bundle.css Requested by Host: devapp.projecttracker.au URL: https://devapp.projecttracker.au/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.24.45.240 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-24-45-240.ap-southeast-2.compute.amazonaws.com Software nginx / Resource Hash b9443a2a4e77bcb9d4e3a10c400875635c1f784fdf1df53126a76847f2f2c12d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://devapp.projecttracker.au/login Accept-Language en-AU,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 22:37:17 GMT content-encoding gzip last-modified Sun, 24 Oct 2021 09:21:32 GMT server nginx etag W/"6175259c-7021b" vary Accept-Encoding content-type text/css cache-control public, max-age=2592000
GET H2	200	plugins-custom.bundle.css devapp.projecttracker.au/demo1/plugins/global/	78 KB 11 KB	515ms 513ms	Stylesheet text/css	3.24.45.240 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://devapp.projecttracker.au/demo1/plugins/global/plugins-custom.bundle.css Requested by Host: devapp.projecttracker.au URL: https://devapp.projecttracker.au/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.24.45.240 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-24-45-240.ap-southeast-2.compute.amazonaws.com Software nginx / Resource Hash a36385f98e4921b808b80ca362ab1488c93570ddbed183356f1aacbe984dff4e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://devapp.projecttracker.au/login Accept-Language en-AU,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 22:37:17 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 01:52:02 GMT server nginx etag W/"618dc8c2-137c9" vary Accept-Encoding content-type text/css cache-control public, max-age=2592000
GET H2	200	style.bundle.css devapp.projecttracker.au/demo1/css/	1 MB 107 KB	414ms 413ms	Stylesheet text/css	3.24.45.240 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://devapp.projecttracker.au/demo1/css/style.bundle.css Requested by Host: devapp.projecttracker.au URL: https://devapp.projecttracker.au/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.24.45.240 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-24-45-240.ap-southeast-2.compute.amazonaws.com Software nginx / Resource Hash b4b1c9154fd0d57a5435a17d0a0cbf4a22766d15d8dff7a8f153d3c5c7a2d617 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://devapp.projecttracker.au/login Accept-Language en-AU,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 22:37:17 GMT content-encoding gzip last-modified Sun, 30 Jul 2023 10:19:02 GMT server nginx etag W/"64c63916-1266aa" vary Accept-Encoding content-type text/css cache-control public, max-age=2592000
GET H2	200	custom_css.css devapp.projecttracker.au/css/	40 KB 7 KB	19ms 18ms	Stylesheet text/css	3.24.45.240 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://devapp.projecttracker.au/css/custom_css.css?v= Requested by Host: devapp.projecttracker.au URL: https://devapp.projecttracker.au/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.24.45.240 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-24-45-240.ap-southeast-2.compute.amazonaws.com Software nginx / Resource Hash f24e734159255e6bac56a3fe27db6a540c6799a753e08127cb9cc9c7dc936a10 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://devapp.projecttracker.au/login Accept-Language en-AU,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 22:37:17 GMT content-encoding gzip last-modified Tue, 03 Oct 2023 00:16:14 GMT server nginx etag W/"651b5d4e-a002" vary Accept-Encoding content-type text/css cache-control public, max-age=2592000
GET H2	200	plugins.bundle.js Show response devapp.projecttracker.au/demo1/plugins/global/	10 MB 2 MB	33ms 32ms	Script application/javascript	3.24.45.240 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://devapp.projecttracker.au/demo1/plugins/global/plugins.bundle.js Requested by Host: devapp.projecttracker.au URL: https://devapp.projecttracker.au/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.24.45.240 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-24-45-240.ap-southeast-2.compute.amazonaws.com Software nginx / Resource Hash 4e883e051a564698cc1f1363abd090eeaa68e987a4b710383f1d9b1f3c580b09 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://devapp.projecttracker.au/login Accept-Language en-AU,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 22:37:17 GMT content-encoding gzip last-modified Thu, 16 Dec 2021 04:59:36 GMT server nginx etag W/"61bac7b8-a4841c" vary Accept-Encoding content-type application/javascript cache-control public, max-age=2592000
GET H2	200	project_tracker_logo.png devapp.projecttracker.au/demo1/media/logos/	17 KB 17 KB	400ms 400ms	Image image/png	3.24.45.240 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://devapp.projecttracker.au/demo1/media/logos/project_tracker_logo.png Requested by Host: devapp.projecttracker.au URL: https://devapp.projecttracker.au/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.24.45.240 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-24-45-240.ap-southeast-2.compute.amazonaws.com Software nginx / Resource Hash d11c06f77dda9d471014a309d4e8c229cb2c287cf4d5b562f86433ba1cb17a30 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://devapp.projecttracker.au/login Accept-Language en-AU,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 22:37:17 GMT last-modified Fri, 21 Jun 2024 02:41:20 GMT server nginx etag "6674e850-42e3" content-type image/png cache-control public, max-age=2592000 accept-ranges bytes content-length 17123
GET H2	200	scripts.bundle.js Show response devapp.projecttracker.au/demo1/js/	2 MB 506 KB	439ms 439ms	Script application/javascript	3.24.45.240 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://devapp.projecttracker.au/demo1/js/scripts.bundle.js Requested by Host: devapp.projecttracker.au URL: https://devapp.projecttracker.au/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.24.45.240 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-24-45-240.ap-southeast-2.compute.amazonaws.com Software nginx / Resource Hash 56255774c5dba68a00badbf9a3ec6f54d73461552221f72c88eef923c4a6882e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://devapp.projecttracker.au/login Accept-Language en-AU,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 22:37:17 GMT content-encoding gzip last-modified Thu, 16 Dec 2021 04:59:30 GMT server nginx etag W/"61bac7b2-1f3012" vary Accept-Encoding content-type application/javascript cache-control public, max-age=2592000
GET H2	200	widgets.js Show response devapp.projecttracker.au/demo1/js/custom/	309 KB 39 KB	117ms 113ms	Script application/javascript	3.24.45.240 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://devapp.projecttracker.au/demo1/js/custom/widgets.js Requested by Host: devapp.projecttracker.au URL: https://devapp.projecttracker.au/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.24.45.240 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-24-45-240.ap-southeast-2.compute.amazonaws.com Software nginx / Resource Hash c40dc73d08afaf57c58d36639b3287283a6a6501c38384f844597cd6b8cfa4ae Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://devapp.projecttracker.au/login Accept-Language en-AU,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 22:37:17 GMT content-encoding gzip last-modified Sat, 16 Oct 2021 00:13:02 GMT server nginx etag W/"616a190e-4d354" vary Accept-Encoding content-type application/javascript cache-control public, max-age=2592000
GET H2	200	general.js Show response devapp.projecttracker.au/demo1/js/custom/authentication/sign-in/	19 KB 7 KB	11ms 10ms	Script application/javascript	3.24.45.240 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://devapp.projecttracker.au/demo1/js/custom/authentication/sign-in/general.js Requested by Host: devapp.projecttracker.au URL: https://devapp.projecttracker.au/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.24.45.240 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-24-45-240.ap-southeast-2.compute.amazonaws.com Software nginx / Resource Hash 8645ad4e0c8b3f401957514aa73a44aa1545a3a0753234f27a9bef77ae98c21c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://devapp.projecttracker.au/login Accept-Language en-AU,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 22:37:18 GMT content-encoding gzip last-modified Sat, 16 Oct 2021 00:13:02 GMT server nginx etag W/"616a190e-4d8d" vary Accept-Encoding content-type application/javascript cache-control public, max-age=2592000
GET		css fonts.googleapis.com/	0 0
GET		js www.googletagmanager.com/gtag/	0 0
GET		jquery.min.js ajax.googleapis.com/ajax/libs/jquery/3.6.0/	0 0
GET		jquery.cookie.min.js cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/	0 0
GET		lottie-player.js unpkg.com/@lottiefiles/lottie-player@latest/dist/	0 0
GET		41da8c01ae.js kit.fontawesome.com/	0 0
GET		bootstrap-datepicker.min.css cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.8.0/css/	0 0
GET		bootstrap-datepicker.min.js cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.8.0/js/	0 0
GET		toastr.min.css cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/	0 0
GET		pusher.min.js js.pusher.com/7.0/	0 0
GET		css2 fonts.googleapis.com/	0 0
GET		tinymce.min.js cdn.tiny.cloud/1/twqgvdz0z7kbs5b33q2r6a60od8uog0wnn64fa4q1rol6biq/tinymce/6/	0 0
GET		jquery.dataTables.min.css cdn.datatables.net/1.13.7/css/	0 0
GET		jquery-3.5.1.slim.min.js code.jquery.com/	0 0
GET		bootstrap.min.js stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/	0 0
GET		jquery.dataTables.js cdn.datatables.net/1.13.7/js/	0 0
GET		nr-spa-1.260.1.min.js js-agent.newrelic.com/	0 0
GET		nr-spa-1.260.1.min.js js-agent.newrelic.com/	0 0
GET H2	200	favicon.ico devapp.projecttracker.au/demo1/media/logos/	4 KB 2 KB	13ms 12ms	Other image/x-icon	3.24.45.240 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://devapp.projecttracker.au/demo1/media/logos/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.24.45.240 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-24-45-240.ap-southeast-2.compute.amazonaws.com Software nginx / Resource Hash da61b5433394c9aa99e0974eeb0e44bc918c62ef5cb6f8b3d82c37287c602d65 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://devapp.projecttracker.au/login Accept-Language en-AU,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 22:37:18 GMT content-encoding gzip last-modified Sat, 25 Jun 2022 01:54:54 GMT server nginx etag W/"62b66aee-10be" vary Accept-Encoding content-type image/x-icon cache-control public, max-age=2592000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

fonts.googleapis.com

URL

https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700

Domain

www.googletagmanager.com

URL

https://www.googletagmanager.com/gtag/js?id=G-0Y125WMZ55

Domain

ajax.googleapis.com

URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Domain

cdnjs.cloudflare.com

URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js

Domain

unpkg.com

URL

https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js

Domain

kit.fontawesome.com

URL

https://kit.fontawesome.com/41da8c01ae.js

Domain

cdnjs.cloudflare.com

URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.8.0/css/bootstrap-datepicker.min.css

Domain

cdnjs.cloudflare.com

URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.8.0/js/bootstrap-datepicker.min.js

Domain

cdnjs.cloudflare.com

URL

https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/toastr.min.css

Domain

js.pusher.com

URL

https://js.pusher.com/7.0/pusher.min.js

Domain

fonts.googleapis.com

URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700&display=swap

Domain

cdn.tiny.cloud

URL

https://cdn.tiny.cloud/1/twqgvdz0z7kbs5b33q2r6a60od8uog0wnn64fa4q1rol6biq/tinymce/6/tinymce.min.js

Domain

cdn.datatables.net

URL

https://cdn.datatables.net/1.13.7/css/jquery.dataTables.min.css

Domain

code.jquery.com

URL

https://code.jquery.com/jquery-3.5.1.slim.min.js

Domain

stackpath.bootstrapcdn.com

URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js

Domain

cdn.datatables.net

URL

https://cdn.datatables.net/1.13.7/js/jquery.dataTables.js

Domain

js-agent.newrelic.com

URL

https://js-agent.newrelic.com/nr-spa-1.260.1.min.js

Domain

js-agent.newrelic.com

URL

https://js-agent.newrelic.com/nr-spa-1.260.1.min.js

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Naver (Online)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| NREUM object| webpackChunk:NRBA-1.260.1.PROD object| newrelic function| gtag object| dataLayer object| webpackChunk

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			devapp.projecttracker.au/	1970-01-20 21:33:09	Name: XSRF-TOKEN Value: eyJpdiI6ImVDQWE5VGxicHU2eEhLL2h3RHl4dGc9PSIsInZhbHVlIjoidGU3V1U0ZGNjN3B5VFQvQjNScTRkQjc5elpISFl4aENkRERtZHJrbXdWV2h3YnVyNEtTU3pHQjZtaGJQV2JQeElydmNUVE1QeGQwL0laZlFwdUpodXJhOXVLaU13Um02WDBOcXJ6clJ1N0FTNC9wZ2xCSFR1VUZrMWR6MjV4KzYiLCJtYWMiOiJkNmQ0NjI3NTM5N2M2OWQ5MTJkNjNkMjdiN2JiY2NjYmZkZjliNzFiMzQxMjcyNTZiNzQ1NWYyNjU1OTA4ODJhIiwidGFnIjoiIn0%3D
			devapp.projecttracker.au/	1970-01-20 21:33:09	Name: project_tracker_dev_session Value: eyJpdiI6IjRyNWZBamhMZHMyRGhXYWNKRk9SREE9PSIsInZhbHVlIjoiL284ZlYrcmNZV0hGcVM5cTFoY2dvTG9VUGpUV1BzeWg2SVBnY2tlWXJpSTVZbGxFS0x2OWJIbmVtazZ6MzRocy8vbm9uTGtiYVh1NUJuY2tlTHFvWEJieXVHZE5lcG9kUkhwRGF1UkNDeFhhRTRpTUlHMVJ1c2c4ajBUYWxJUjkiLCJtYWMiOiI2ZmE2Nzc1MjEwMzhhYmU2YmUyZDdiZjk1MjU4YTllODlkOTljZjBiNTFjMDVlMGZjOWVhNjg4NzNhZDMzYjM4IiwidGFnIjoiIn0%3D

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://devapp.projecttracker.au/login(Line 30) Message: Refused to load the stylesheet 'https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security	error	URL: https://devapp.projecttracker.au/login Message: Refused to load the script 'https://www.googletagmanager.com/gtag/js?id=G-0Y125WMZ55' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://devapp.projecttracker.au/login Message: Refused to load the script 'https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://devapp.projecttracker.au/login Message: Refused to load the script 'https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://devapp.projecttracker.au/login Message: Refused to load the script 'https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://devapp.projecttracker.au/login Message: Refused to load the script 'https://kit.fontawesome.com/41da8c01ae.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://devapp.projecttracker.au/login(Line 79) Message: Refused to load the stylesheet 'https://cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.8.0/css/bootstrap-datepicker.min.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security	error	URL: https://devapp.projecttracker.au/login Message: Refused to load the script 'https://cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.8.0/js/bootstrap-datepicker.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://devapp.projecttracker.au/login(Line 82) Message: Refused to load the stylesheet 'https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/toastr.min.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security	error	URL: https://devapp.projecttracker.au/login Message: Refused to load the script 'https://js.pusher.com/7.0/pusher.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://devapp.projecttracker.au/login(Line 90) Message: Refused to load the stylesheet 'https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700&display=swap' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security	error	URL: https://devapp.projecttracker.au/login Message: Refused to load the script 'https://cdn.tiny.cloud/1/twqgvdz0z7kbs5b33q2r6a60od8uog0wnn64fa4q1rol6biq/tinymce/6/tinymce.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://devapp.projecttracker.au/login(Line 94) Message: Refused to load the stylesheet 'https://cdn.datatables.net/1.13.7/css/jquery.dataTables.min.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security	error	URL: https://devapp.projecttracker.au/login Message: Refused to load the script 'https://code.jquery.com/jquery-3.5.1.slim.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://devapp.projecttracker.au/login Message: Refused to load the script 'https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://devapp.projecttracker.au/login Message: Refused to load the script 'https://cdn.datatables.net/1.13.7/js/jquery.dataTables.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://devapp.projecttracker.au/login(Line 20) Message: Refused to load the script 'https://js-agent.newrelic.com/nr-spa-1.260.1.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://devapp.projecttracker.au/login(Line 20) Message: Refused to load the script 'https://js-agent.newrelic.com/nr-spa-1.260.1.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.datatables.net
cdn.tiny.cloud
cdnjs.cloudflare.com
code.jquery.com
devapp.projecttracker.au
fonts.googleapis.com
js-agent.newrelic.com
js.pusher.com
kit.fontawesome.com
stackpath.bootstrapcdn.com
unpkg.com
www.googletagmanager.com
ajax.googleapis.com
cdn.datatables.net
cdn.tiny.cloud
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
js-agent.newrelic.com
js.pusher.com
kit.fontawesome.com
stackpath.bootstrapcdn.com
unpkg.com
www.googletagmanager.com
3.24.45.240
3081cacfc2b4fe95e6f37f3d6b4103279e8b5b8e418a97c41edd65cb4fba2776
4e883e051a564698cc1f1363abd090eeaa68e987a4b710383f1d9b1f3c580b09
56255774c5dba68a00badbf9a3ec6f54d73461552221f72c88eef923c4a6882e
8645ad4e0c8b3f401957514aa73a44aa1545a3a0753234f27a9bef77ae98c21c
a36385f98e4921b808b80ca362ab1488c93570ddbed183356f1aacbe984dff4e
b4b1c9154fd0d57a5435a17d0a0cbf4a22766d15d8dff7a8f153d3c5c7a2d617
b9443a2a4e77bcb9d4e3a10c400875635c1f784fdf1df53126a76847f2f2c12d
c40dc73d08afaf57c58d36639b3287283a6a6501c38384f844597cd6b8cfa4ae
d11c06f77dda9d471014a309d4e8c229cb2c287cf4d5b562f86433ba1cb17a30
da61b5433394c9aa99e0974eeb0e44bc918c62ef5cb6f8b3d82c37287c602d65
f24e734159255e6bac56a3fe27db6a540c6799a753e08127cb9cc9c7dc936a10