urlscan.io logo urlscan.io
SecurityTrails logo

icici.provakil.com Open in urlscan Pro
34.131.24.79  Public Scan

Go To Rescan Add Verdict Report
URL: https://icici.provakil.com/
Submission: On July 13 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 15 HTTP transactions. The main IP is 34.131.24.79, located in New Delhi, India and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is icici.provakil.com.
TLS certificate: Issued by SSL.com RSA SSL subCA on November 6th 2023. Valid for: a year.
This is the only time icici.provakil.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 34.131.24.79 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
15 3
Apex Domain
Subdomains		 Transfer
9 provakil.com
icici.provakil.com
provakil.com
795 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1056
7 KB
15 2
Domain Requested by
5 provakil.com icici.provakil.com
4 icici.provakil.com icici.provakil.com
provakil.com
1 maxcdn.bootstrapcdn.com icici.provakil.com
15 3

This site contains no links.

Subject Issuer Validity Valid
*.provakil.com
SSL.com RSA SSL subCA		 2023-11-06 -
2024-12-06		 a year crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-05-25 -
2024-08-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://icici.provakil.com/
Frame ID: 89E8114F9F5D2D446A79E1C7069A6BB7
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

provakil

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href="[^"]*materialize(?:\.min)?\.css
  • materialize(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

67 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

802 kB
Transfer

1085 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
icici.provakil.com/ 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://icici.provakil.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.131.24.79 New Delhi, India, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.24.131.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ef4c610ac5fdfffbda682b46078562926c49fcaf0f1cca77bd464c56c0992a0e
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: provakil.com *.provakil.com *.cloudfront.net *.razorpay.com fonts.googleapis.com maxcdn.bootstrapcdn.com *.google.com www.googletagmanager.com www.google-analytics.com *.gstatic.com js.driftt.com widget.driftqa.com *.drift.com browser.sentry-cdn.com sibautomation.com *.pipedriveassets.com *.pipedrive.com *.clarity.ms login.microsoftonline.com *.microsoft.com *.live.com ajax.aspnetcdn.com sentry.io *.lfeeder.com *.hotjar.com *.doubleclick.net *.google-analytics.com *.wikimedia.org *.facebook.net *.facebook.com *.brevo.com; default-src 'self' 'unsafe-inline' 'unsafe-eval' data: provakil.com *.provakil.com *.cloudfront.net *.razorpay.com fonts.googleapis.com maxcdn.bootstrapcdn.com *.google.com www.googletagmanager.com www.google-analytics.com *.gstatic.com js.driftt.com widget.driftqa.com *.drift.com browser.sentry-cdn.com sibautomation.com *.pipedriveassets.com *.pipedrive.com *.clarity.ms login.microsoftonline.com *.microsoft.com *.live.com ajax.aspnetcdn.com sentry.io *.lfeeder.com *.hotjar.com *.doubleclick.net *.google-analytics.com *.wikimedia.org *.facebook.net *.facebook.com *.brevo.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
X-Xss-Protection 1 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: provakil.com *.provakil.com *.cloudfront.net *.razorpay.com fonts.googleapis.com maxcdn.bootstrapcdn.com *.google.com www.googletagmanager.com www.google-analytics.com *.gstatic.com js.driftt.com widget.driftqa.com *.drift.com browser.sentry-cdn.com sibautomation.com *.pipedriveassets.com *.pipedrive.com *.clarity.ms login.microsoftonline.com *.microsoft.com *.live.com ajax.aspnetcdn.com sentry.io *.lfeeder.com *.hotjar.com *.doubleclick.net *.google-analytics.com *.wikimedia.org *.facebook.net *.facebook.com *.brevo.com; default-src 'self' 'unsafe-inline' 'unsafe-eval' data: provakil.com *.provakil.com *.cloudfront.net *.razorpay.com fonts.googleapis.com maxcdn.bootstrapcdn.com *.google.com www.googletagmanager.com www.google-analytics.com *.gstatic.com js.driftt.com widget.driftqa.com *.drift.com browser.sentry-cdn.com sibautomation.com *.pipedriveassets.com *.pipedrive.com *.clarity.ms login.microsoftonline.com *.microsoft.com *.live.com ajax.aspnetcdn.com sentry.io *.lfeeder.com *.hotjar.com *.doubleclick.net *.google-analytics.com *.wikimedia.org *.facebook.net *.facebook.com *.brevo.com;
Content-Type
text/html
Date
Sat, 13 Jul 2024 02:46:40 GMT
ETag
W/"65770b06-1fb4"
Last-Modified
Mon, 11 Dec 2023 13:13:42 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding Accept-Encoding
X-XSS-Protection
1 1
materialize.min.css
icici.provakil.com/ 		121 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://icici.provakil.com/materialize.min.css
Requested by
Host: icici.provakil.com
URL: https://icici.provakil.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.131.24.79 New Delhi, India, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.24.131.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
74d21f382f70127ccb1698cbc6a49aa36f782efe310aa7caff8a3377627abcbb
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: provakil.com *.provakil.com *.cloudfront.net *.razorpay.com fonts.googleapis.com maxcdn.bootstrapcdn.com *.google.com www.googletagmanager.com www.google-analytics.com *.gstatic.com js.driftt.com widget.driftqa.com *.drift.com browser.sentry-cdn.com sibautomation.com *.pipedriveassets.com *.pipedrive.com *.clarity.ms login.microsoftonline.com *.microsoft.com *.live.com ajax.aspnetcdn.com sentry.io *.lfeeder.com *.hotjar.com *.doubleclick.net *.google-analytics.com *.wikimedia.org *.facebook.net *.facebook.com *.brevo.com;, default-src 'self' 'unsafe-inline' 'unsafe-eval' data: provakil.com *.provakil.com *.cloudfront.net *.razorpay.com fonts.googleapis.com maxcdn.bootstrapcdn.com *.google.com www.googletagmanager.com www.google-analytics.com *.gstatic.com js.driftt.com widget.driftqa.com *.drift.com browser.sentry-cdn.com sibautomation.com *.pipedriveassets.com *.pipedrive.com *.clarity.ms login.microsoftonline.com *.microsoft.com *.live.com ajax.aspnetcdn.com sentry.io *.lfeeder.com *.hotjar.com *.doubleclick.net *.google-analytics.com *.wikimedia.org *.facebook.net *.facebook.com *.brevo.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Xss-Protection 1, 1

Request headers

Referer
https://icici.provakil.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 13 Jul 2024 02:46:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: provakil.com *.provakil.com *.cloudfront.net *.razorpay.com fonts.googleapis.com maxcdn.bootstrapcdn.com *.google.com www.googletagmanager.com www.google-analytics.com *.gstatic.com js.driftt.com widget.driftqa.com *.drift.com browser.sentry-cdn.com sibautomation.com *.pipedriveassets.com *.pipedrive.com *.clarity.ms login.microsoftonline.com *.microsoft.com *.live.com ajax.aspnetcdn.com sentry.io *.lfeeder.com *.hotjar.com *.doubleclick.net *.google-analytics.com *.wikimedia.org *.facebook.net *.facebook.com *.brevo.com;, default-src 'self' 'unsafe-inline' 'unsafe-eval' data: provakil.com *.provakil.com *.cloudfront.net *.razorpay.com fonts.googleapis.com maxcdn.bootstrapcdn.com *.google.com www.googletagmanager.com www.google-analytics.com *.gstatic.com js.driftt.com widget.driftqa.com *.drift.com browser.sentry-cdn.com sibautomation.com *.pipedriveassets.com *.pipedrive.com *.clarity.ms login.microsoftonline.com *.microsoft.com *.live.com ajax.aspnetcdn.com sentry.io *.lfeeder.com *.hotjar.com *.doubleclick.net *.google-analytics.com *.wikimedia.org *.facebook.net *.facebook.com *.brevo.com;
Last-Modified
Mon, 11 Dec 2023 13:13:41 GMT
Server
nginx
ETag
W/"65770b05-1e50b"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/css
Connection
keep-alive
X-XSS-Protection
1, 1
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 		26 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Requested by
Host: icici.provakil.com
URL: https://icici.provakil.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://icici.provakil.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 02:46:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
863
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
10481133
cdn-cachedat
11/18/2022 06:19:10
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"0831cba6a670e405168b84aa20798347"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
3af916a75e1d48e1e2c7726fdf7b3994
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8a25f1a8dbb91e5e-FRA
cdn-requestpullsuccess
True
jquery.min.js
provakil.com/js/dependencies/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://provakil.com/js/dependencies/jquery.min.js
Requested by
Host: icici.provakil.com
URL: https://icici.provakil.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.131.24.79 New Delhi, India, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.24.131.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: provakil.com *.provakil.com *.cloudfront.net *.razorpay.com fonts.googleapis.com maxcdn.bootstrapcdn.com *.google.com www.googletagmanager.com www.google-analytics.com *.gstatic.com js.driftt.com widget.driftqa.com *.drift.com browser.sentry-cdn.com sibautomation.com *.pipedriveassets.com *.pipedrive.com *.clarity.ms login.microsoftonline.com *.microsoft.com *.live.com ajax.aspnetcdn.com sentry.io *.lfeeder.com *.hotjar.com *.doubleclick.net *.google-analytics.com *.wikimedia.org *.facebook.net *.facebook.com *.brevo.com;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://icici.provakil.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 13 Jul 2024 02:46:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: provakil.com *.provakil.com *.cloudfront.net *.razorpay.com fonts.googleapis.com maxcdn.bootstrapcdn.com *.google.com www.googletagmanager.com www.google-analytics.com *.gstatic.com js.driftt.com widget.driftqa.com *.drift.com browser.sentry-cdn.com sibautomation.com *.pipedriveassets.com *.pipedrive.com *.clarity.ms login.microsoftonline.com *.microsoft.com *.live.com ajax.aspnetcdn.com sentry.io *.lfeeder.com *.hotjar.com *.doubleclick.net *.google-analytics.com *.wikimedia.org *.facebook.net *.facebook.com *.brevo.com;
X-Cache-Status
MISS
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1
Last-Modified
Fri, 12 Jul 2024 14:13:45 GMT
Server
nginx
ETag
W/"155ed-190a74af355"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
materialize.min.js
provakil.com/index/dependencies/ 		162 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://provakil.com/index/dependencies/materialize.min.js
Requested by
Host: icici.provakil.com
URL: https://icici.provakil.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.131.24.79 New Delhi, India, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.24.131.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b96b525d112bc07f647494c8af5b307c71499ff77f590eacef68042ce1d74063
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: provakil.com *.provakil.com *.cloudfront.net *.razorpay.com fonts.googleapis.com maxcdn.bootstrapcdn.com *.google.com www.googletagmanager.com www.google-analytics.com *.gstatic.com js.driftt.com widget.driftqa.com *.drift.com browser.sentry-cdn.com sibautomation.com *.pipedriveassets.com *.pipedrive.com *.clarity.ms login.microsoftonline.com *.microsoft.com *.live.com ajax.aspnetcdn.com sentry.io *.lfeeder.com *.hotjar.com *.doubleclick.net *.google-analytics.com *.wikimedia.org *.facebook.net *.facebook.com *.brevo.com;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://icici.provakil.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 13 Jul 2024 02:46:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: provakil.com *.provakil.com *.cloudfront.net *.razorpay.com fonts.googleapis.com maxcdn.bootstrapcdn.com *.google.com www.googletagmanager.com www.google-analytics.com *.gstatic.com js.driftt.com widget.driftqa.com *.drift.com browser.sentry-cdn.com sibautomation.com *.pipedriveassets.com *.pipedrive.com *.clarity.ms login.microsoftonline.com *.microsoft.com *.live.com ajax.aspnetcdn.com sentry.io *.lfeeder.com *.hotjar.com *.doubleclick.net *.google-analytics.com *.wikimedia.org *.facebook.net *.facebook.com *.brevo.com;
X-Cache-Status
MISS
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1
Last-Modified
Fri, 12 Jul 2024 13:54:06 GMT
Server
nginx
ETag
W/"2894d-190a738f50e"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
provakil-logo.png
provakil.com/images/ent/iocl/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://provakil.com/images/ent/iocl/provakil-logo.png
Requested by
Host: icici.provakil.com
URL: https://icici.provakil.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.131.24.79 New Delhi, India, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.24.131.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
abf6dfa9542c854054afb1b91277512d62fbe85e9f64c6137ce5f5ea806c4338
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: provakil.com *.provakil.com *.cloudfront.net *.razorpay.com fonts.googleapis.com maxcdn.bootstrapcdn.com *.google.com www.googletagmanager.com www.google-analytics.com *.gstatic.com js.driftt.com widget.driftqa.com *.drift.com browser.sentry-cdn.com sibautomation.com *.pipedriveassets.com *.pipedrive.com *.clarity.ms login.microsoftonline.com *.microsoft.com *.live.com ajax.aspnetcdn.com sentry.io *.lfeeder.com *.hotjar.com *.doubleclick.net *.google-analytics.com *.wikimedia.org *.facebook.net *.facebook.com *.brevo.com;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://icici.provakil.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 13 Jul 2024 02:46:41 GMT
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: provakil.com *.provakil.com *.cloudfront.net *.razorpay.com fonts.googleapis.com maxcdn.bootstrapcdn.com *.google.com www.googletagmanager.com www.google-analytics.com *.gstatic.com js.driftt.com widget.driftqa.com *.drift.com browser.sentry-cdn.com sibautomation.com *.pipedriveassets.com *.pipedrive.com *.clarity.ms login.microsoftonline.com *.microsoft.com *.live.com ajax.aspnetcdn.com sentry.io *.lfeeder.com *.hotjar.com *.doubleclick.net *.google-analytics.com *.wikimedia.org *.facebook.net *.facebook.com *.brevo.com;
X-Content-Type-Options
nosniff
Last-Modified
Fri, 12 Jul 2024 13:54:05 GMT
Server
nginx
ETag
W/"37dd-190a738f196"
X-Cache-Status
HIT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14301
X-XSS-Protection
1
icici_bank.png
provakil.com/images/ent/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://provakil.com/images/ent/icici_bank.png
Requested by
Host: icici.provakil.com
URL: https://icici.provakil.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.131.24.79 New Delhi, India, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.24.131.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
32f3cda54077ac3f1df416241a811371def05f2785fddb232866752011a638b5
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: provakil.com *.provakil.com *.cloudfront.net *.razorpay.com fonts.googleapis.com maxcdn.bootstrapcdn.com *.google.com www.googletagmanager.com www.google-analytics.com *.gstatic.com js.driftt.com widget.driftqa.com *.drift.com browser.sentry-cdn.com sibautomation.com *.pipedriveassets.com *.pipedrive.com *.clarity.ms login.microsoftonline.com *.microsoft.com *.live.com ajax.aspnetcdn.com sentry.io *.lfeeder.com *.hotjar.com *.doubleclick.net *.google-analytics.com *.wikimedia.org *.facebook.net *.facebook.com *.brevo.com;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://icici.provakil.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 13 Jul 2024 02:46:41 GMT
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: provakil.com *.provakil.com *.cloudfront.net *.razorpay.com fonts.googleapis.com maxcdn.bootstrapcdn.com *.google.com www.googletagmanager.com www.google-analytics.com *.gstatic.com js.driftt.com widget.driftqa.com *.drift.com browser.sentry-cdn.com sibautomation.com *.pipedriveassets.com *.pipedrive.com *.clarity.ms login.microsoftonline.com *.microsoft.com *.live.com ajax.aspnetcdn.com sentry.io *.lfeeder.com *.hotjar.com *.doubleclick.net *.google-analytics.com *.wikimedia.org *.facebook.net *.facebook.com *.brevo.com;
X-Content-Type-Options
nosniff
Last-Modified
Fri, 12 Jul 2024 14:34:44 GMT
Server
nginx
ETag
W/"5dc7-190a75e28e2"
X-Cache-Status
HIT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24007
X-XSS-Protection
1
background-image.png
provakil.com/images/ent/iocl/ 		597 KB
598 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://provakil.com/images/ent/iocl/background-image.png
Requested by
Host: icici.provakil.com
URL: https://icici.provakil.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.131.24.79 New Delhi, India, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.24.131.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
81c995c4326cee17c958a8102b61c6ed0b5012b0f5fd1464ecb74f759fa137d1
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: provakil.com *.provakil.com *.cloudfront.net *.razorpay.com fonts.googleapis.com maxcdn.bootstrapcdn.com *.google.com www.googletagmanager.com www.google-analytics.com *.gstatic.com js.driftt.com widget.driftqa.com *.drift.com browser.sentry-cdn.com sibautomation.com *.pipedriveassets.com *.pipedrive.com *.clarity.ms login.microsoftonline.com *.microsoft.com *.live.com ajax.aspnetcdn.com sentry.io *.lfeeder.com *.hotjar.com *.doubleclick.net *.google-analytics.com *.wikimedia.org *.facebook.net *.facebook.com *.brevo.com;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://icici.provakil.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 13 Jul 2024 02:46:41 GMT
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: provakil.com *.provakil.com *.cloudfront.net *.razorpay.com fonts.googleapis.com maxcdn.bootstrapcdn.com *.google.com www.googletagmanager.com www.google-analytics.com *.gstatic.com js.driftt.com widget.driftqa.com *.drift.com browser.sentry-cdn.com sibautomation.com *.pipedriveassets.com *.pipedrive.com *.clarity.ms login.microsoftonline.com *.microsoft.com *.live.com ajax.aspnetcdn.com sentry.io *.lfeeder.com *.hotjar.com *.doubleclick.net *.google-analytics.com *.wikimedia.org *.facebook.net *.facebook.com *.brevo.com;
X-Content-Type-Options
nosniff
Last-Modified
Fri, 12 Jul 2024 13:54:05 GMT
Server
nginx
ETag
W/"95331-190a738f192"
X-Cache-Status
HIT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
611121
X-XSS-Protection
1
Roboto-Regular.woff2
icici.provakil.com/fonts/roboto/ 		48 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://icici.provakil.com/fonts/roboto/Roboto-Regular.woff2
Requested by
Host: icici.provakil.com
URL: https://icici.provakil.com/materialize.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.131.24.79 New Delhi, India, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.24.131.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: provakil.com *.provakil.com *.cloudfront.net *.razorpay.com fonts.googleapis.com maxcdn.bootstrapcdn.com *.google.com www.googletagmanager.com www.google-analytics.com *.gstatic.com js.driftt.com widget.driftqa.com *.drift.com browser.sentry-cdn.com sibautomation.com *.pipedriveassets.com *.pipedrive.com *.clarity.ms login.microsoftonline.com *.microsoft.com *.live.com ajax.aspnetcdn.com sentry.io *.lfeeder.com *.hotjar.com *.doubleclick.net *.google-analytics.com *.wikimedia.org *.facebook.net *.facebook.com *.brevo.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Xss-Protection 1

Request headers

Referer
https://icici.provakil.com/materialize.min.css
Origin
https://icici.provakil.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 13 Jul 2024 02:46:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: provakil.com *.provakil.com *.cloudfront.net *.razorpay.com fonts.googleapis.com maxcdn.bootstrapcdn.com *.google.com www.googletagmanager.com www.google-analytics.com *.gstatic.com js.driftt.com widget.driftqa.com *.drift.com browser.sentry-cdn.com sibautomation.com *.pipedriveassets.com *.pipedrive.com *.clarity.ms login.microsoftonline.com *.microsoft.com *.live.com ajax.aspnetcdn.com sentry.io *.lfeeder.com *.hotjar.com *.doubleclick.net *.google-analytics.com *.wikimedia.org *.facebook.net *.facebook.com *.brevo.com;
Last-Modified
Fri, 12 Jul 2024 14:13:41 GMT
Server
nginx
ETag
W/"c054-190a74ae36d"
Content-Type
application/font-woff2
Access-Control-Allow-Origin
Access-Control-Expose-Headers
Cache-Control
public, max-age=31536000
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49236
X-XSS-Protection
1
_csrfToken
icici.provakil.com/api/v2/ 		48 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://icici.provakil.com/api/v2/_csrfToken
Requested by
Host: provakil.com
URL: https://provakil.com/js/dependencies/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.131.24.79 New Delhi, India, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.24.131.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4697a2df094e809c70d8ff3b2ad7c8a2322991533ba00505128fa3c54544b6af
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: provakil.com *.provakil.com *.cloudfront.net *.razorpay.com fonts.googleapis.com maxcdn.bootstrapcdn.com *.google.com www.googletagmanager.com www.google-analytics.com *.gstatic.com js.driftt.com widget.driftqa.com *.drift.com browser.sentry-cdn.com sibautomation.com *.pipedriveassets.com *.pipedrive.com *.clarity.ms login.microsoftonline.com *.microsoft.com *.live.com ajax.aspnetcdn.com sentry.io *.lfeeder.com *.hotjar.com *.doubleclick.net *.google-analytics.com *.wikimedia.org *.facebook.net *.facebook.com *.brevo.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Xss-Protection 1

Request headers

Accept
*/*
Referer
https://icici.provakil.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Dont-Cache
true
Date
Sat, 13 Jul 2024 02:46:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: provakil.com *.provakil.com *.cloudfront.net *.razorpay.com fonts.googleapis.com maxcdn.bootstrapcdn.com *.google.com www.googletagmanager.com www.google-analytics.com *.gstatic.com js.driftt.com widget.driftqa.com *.drift.com browser.sentry-cdn.com sibautomation.com *.pipedriveassets.com *.pipedrive.com *.clarity.ms login.microsoftonline.com *.microsoft.com *.live.com ajax.aspnetcdn.com sentry.io *.lfeeder.com *.hotjar.com *.doubleclick.net *.google-analytics.com *.wikimedia.org *.facebook.net *.facebook.com *.brevo.com;
Server
nginx
ETag
W/"30-F/7a7dOr9n+VKJbEpfu05w"
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Connection
keep-alive
Content-Length
48
X-XSS-Protection
1
favicon.ico
provakil.com/favs/ 		0
0
favicon-32x32.png
provakil.com/favs/ 		0
0
favicon-16x16.png
provakil.com/favs/ 		0
0
favicon-96x96.png
provakil.com/favs/ 		0
0
android-chrome-192x192.png
provakil.com/favs/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
provakil.com
URL
https://provakil.com/favs/favicon.ico
Domain
provakil.com
URL
https://provakil.com/favs/favicon-32x32.png
Domain
provakil.com
URL
https://provakil.com/favs/favicon-16x16.png
Domain
provakil.com
URL
https://provakil.com/favs/favicon-96x96.png
Domain
provakil.com
URL
https://provakil.com/favs/android-chrome-192x192.png

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| _classCallCheck function| _createClass function| getTime function| Vel function| Hammer object| Materialize object| Waves function| validate_field

4 Cookies

Domain/Path Name / Value
provakil.com/ Name: _csrf
Value: -9czbPCp3w45GN8Hs6Uk-G6T
provakil.com/ Name: sails.sid
Value: s%3AMcnR08BP0Qn4Ci0MTt-J7s4HIJIzkbfu.jyh0Q%2FtXG4gp%2FizUVY37jXYPV6qiimLTaZGK1CYzFX4
icici.provakil.com/ Name: _csrf
Value: Qa1P4qsQzan9Q1FxVNjNPjJk
icici.provakil.com/ Name: sails.sid
Value: s%3AOO5myGnt3xluDKZFdpCSGFnf8Fn8nuIf.3LsZ1RJ8B4OytCc9sTUcKvoDfWebsevffV%2BBJ8QZQhg

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: provakil.com *.provakil.com *.cloudfront.net *.razorpay.com fonts.googleapis.com maxcdn.bootstrapcdn.com *.google.com www.googletagmanager.com www.google-analytics.com *.gstatic.com js.driftt.com widget.driftqa.com *.drift.com browser.sentry-cdn.com sibautomation.com *.pipedriveassets.com *.pipedrive.com *.clarity.ms login.microsoftonline.com *.microsoft.com *.live.com ajax.aspnetcdn.com sentry.io *.lfeeder.com *.hotjar.com *.doubleclick.net *.google-analytics.com *.wikimedia.org *.facebook.net *.facebook.com *.brevo.com; default-src 'self' 'unsafe-inline' 'unsafe-eval' data: provakil.com *.provakil.com *.cloudfront.net *.razorpay.com fonts.googleapis.com maxcdn.bootstrapcdn.com *.google.com www.googletagmanager.com www.google-analytics.com *.gstatic.com js.driftt.com widget.driftqa.com *.drift.com browser.sentry-cdn.com sibautomation.com *.pipedriveassets.com *.pipedrive.com *.clarity.ms login.microsoftonline.com *.microsoft.com *.live.com ajax.aspnetcdn.com sentry.io *.lfeeder.com *.hotjar.com *.doubleclick.net *.google-analytics.com *.wikimedia.org *.facebook.net *.facebook.com *.brevo.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
X-Xss-Protection 1 1