pantherafinance.com.au Open in urlscan Pro
13.107.213.52 

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	404	Primary Request customers Show response pantherafinance.com.au/	3 KB 4 KB	398ms 269ms	Document text/html	13.107.213.52 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://pantherafinance.com.au/customers?r=97178768 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.213.52 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 6ffa9a48840519c43910e6a283c41604713af9474c2819103ce436447ce143eb Security Headers Name Value Content-Security-Policy connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/;default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :method GET :authority pantherafinance.com.au :scheme https :path /customers?r=97178768 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers content-length 2877 content-type text/html x-ms-error-code WebContentNotFound x-ms-request-id 8232f083-c01e-0016-7025-a3a772000000 x-ms-version 2018-03-28 x-cache CONFIG_NOCACHE content-security-policy connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/;default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; x-permitted-cross-domain-policies none x-frame-options SAMEORIGIN x-xss-protection 1; mode=block x-content-type-options nosniff referrer-policy strict-origin strict-transport-security max-age=31536000; includeSubDomains; preload permissions-policy accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() x-azure-ref 0CRw2YQAAAAArdzf7n6G4SqWvEr5lUUisQlJVMzBFREdFMDQxNQA3ZTE4ZjUyMy0xOWQwLTQyMDEtYWFiZS1hYzk0N2JkYWViZmQ= date Mon, 06 Sep 2021 13:47:52 GMT
GET H2	200	2.1881a404.chunk.css pantherafinance.com.au/static/css/	2 KB 2 KB	264ms 261ms	Stylesheet text/css	13.107.213.52 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://pantherafinance.com.au/static/css/2.1881a404.chunk.css Requested by Host: pantherafinance.com.au URL: https://pantherafinance.com.au/customers?r=97178768 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.213.52 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash ee6b5abe1fd4bac80488823ad791fb935721a446807f7d94fda5fd5fbd3d0206 Security Headers Name Value Content-Security-Policy connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/;default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /static/css/2.1881a404.chunk.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority pantherafinance.com.au referer https://pantherafinance.com.au/ :scheme https sec-fetch-site same-origin :method GET Referer https://pantherafinance.com.au/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers content-security-policy connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/;default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; x-content-type-options nosniff x-permitted-cross-domain-policies none content-md5 Ui49ZITgsPWmKoWRowIq2Q== x-cache CONFIG_NOCACHE x-ms-version 2018-03-28 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 1695 x-xss-protection 1; mode=block referrer-policy strict-origin last-modified Thu, 02 Sep 2021 04:28:44 GMT x-frame-options SAMEORIGIN date Mon, 06 Sep 2021 13:47:52 GMT x-azure-ref 0CRw2YQAAAAAgnWPIDvhySbt4ZMrJMTR5QlJVMzBFREdFMDQxNQA3ZTE4ZjUyMy0xOWQwLTQyMDEtYWFiZS1hYzk0N2JkYWViZmQ= content-type text/css x-ms-request-id 8232f17f-c01e-0016-5325-a3a772000000 permissions-policy accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() etag "0x8D96DCA268A26D5" accept-ranges bytes
GET H2	200	config.js Show response pantherafinance.com.au/	956 B 1 KB	1006ms 1003ms	Script application/x-javascript	13.107.213.52 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://pantherafinance.com.au/config.js Requested by Host: pantherafinance.com.au URL: https://pantherafinance.com.au/customers?r=97178768 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.213.52 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a98746ba585091c40feedc5b94347e6b6d15df6db33049fd2554bb4ae933d955 Security Headers Name Value Content-Security-Policy connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/;default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /config.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority pantherafinance.com.au referer https://pantherafinance.com.au/ :scheme https sec-fetch-site same-origin :method GET Referer https://pantherafinance.com.au/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers content-security-policy connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/;default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; x-content-type-options nosniff x-permitted-cross-domain-policies none content-md5 rRyVP7/kHPD7/kx5aZMDkg== x-cache CONFIG_NOCACHE x-ms-version 2018-03-28 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 956 x-xss-protection 1; mode=block referrer-policy strict-origin last-modified Thu, 02 Sep 2021 04:28:44 GMT x-frame-options SAMEORIGIN date Mon, 06 Sep 2021 13:47:53 GMT x-azure-ref 0CRw2YQAAAADWnzc6Ju/DRZN5CNPQuiaYQlJVMzBFREdFMDQxNQA3ZTE4ZjUyMy0xOWQwLTQyMDEtYWFiZS1hYzk0N2JkYWViZmQ= content-type application/x-javascript x-ms-request-id 676cfdd8-e01e-0097-3525-a307a8000000 permissions-policy accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() etag "0x8D96DCA268C712C" accept-ranges bytes
GET H2	200	2.14aad503.chunk.js Show response pantherafinance.com.au/static/js/	3 MB 3 MB	1076ms 1073ms	Script application/x-javascript	13.107.213.52 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://pantherafinance.com.au/static/js/2.14aad503.chunk.js Requested by Host: pantherafinance.com.au URL: https://pantherafinance.com.au/customers?r=97178768 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.213.52 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 21a851b7bf0209ca91c1813dcc27525cb02d08a836b4dc72d52c899e576ebe0d Security Headers Name Value Content-Security-Policy connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/;default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /static/js/2.14aad503.chunk.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority pantherafinance.com.au referer https://pantherafinance.com.au/ :scheme https sec-fetch-site same-origin :method GET Referer https://pantherafinance.com.au/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers content-security-policy connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/;default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; x-content-type-options nosniff x-permitted-cross-domain-policies none content-md5 nM+0di5F+nWiJZKuwz9cgA== x-cache CONFIG_NOCACHE x-ms-version 2018-03-28 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 2982710 x-xss-protection 1; mode=block referrer-policy strict-origin last-modified Thu, 02 Sep 2021 04:28:44 GMT x-frame-options SAMEORIGIN date Mon, 06 Sep 2021 13:47:53 GMT x-azure-ref 0CRw2YQAAAABreqvIwC2zQpa9bLLcK0U1QlJVMzBFREdFMDQxNQA3ZTE4ZjUyMy0xOWQwLTQyMDEtYWFiZS1hYzk0N2JkYWViZmQ= content-type application/x-javascript x-ms-request-id f29171ba-701e-00aa-7725-a371b3000000 permissions-policy accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() etag "0x8D96DCA26A9E98D" accept-ranges bytes
GET H2	200	main.4e2b0264.chunk.js Show response pantherafinance.com.au/static/js/	1 MB 1 MB	1075ms 1072ms	Script application/x-javascript	13.107.213.52 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://pantherafinance.com.au/static/js/main.4e2b0264.chunk.js Requested by Host: pantherafinance.com.au URL: https://pantherafinance.com.au/customers?r=97178768 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.213.52 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash bbf00861c5e0dbe04851eca4f58f3e5690dcf4b5517df683f2ec32eb5ca33b27 Security Headers Name Value Content-Security-Policy connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/;default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /static/js/main.4e2b0264.chunk.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority pantherafinance.com.au referer https://pantherafinance.com.au/ :scheme https sec-fetch-site same-origin :method GET Referer https://pantherafinance.com.au/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers content-security-policy connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/;default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; x-content-type-options nosniff x-permitted-cross-domain-policies none content-md5 QjoyuWeIbqaF4M7gouLkJA== x-cache CONFIG_NOCACHE x-ms-version 2018-03-28 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 1170440 x-xss-protection 1; mode=block referrer-policy strict-origin last-modified Thu, 02 Sep 2021 04:28:44 GMT x-frame-options SAMEORIGIN date Mon, 06 Sep 2021 13:47:53 GMT x-azure-ref 0CRw2YQAAAAAtdz4fOUf8QLfNNimDm+90QlJVMzBFREdFMDQxNQA3ZTE4ZjUyMy0xOWQwLTQyMDEtYWFiZS1hYzk0N2JkYWViZmQ= content-type application/x-javascript x-ms-request-id f8de6616-501e-002b-4025-a3d169000000 permissions-policy accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() etag "0x8D96DCA269CEEE0" accept-ranges bytes
GET H2	200	loader.js Show response go.yabbr.io/	579 B 1 KB	1590ms 1468ms	Script application/javascript	65.9.55.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://go.yabbr.io/loader.js Requested by Host: pantherafinance.com.au URL: https://pantherafinance.com.au/customers?r=97178768 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.55.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Yabbr / Resource Hash 266b59b0a45c87e5b6aed139bb67d81a7f8a1662ec6e0ce7e958ab08989603c9 Security Headers Name Value Content-Security-Policy default-src https:; connect-src https: wss:; font-src https: data:; img-src https: data:; media-src blob: https:; object-src 'none'; script-src 'self' https://*.yabbr.io https://*.equifaxengage.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/charts/ https://snap.licdn.com; style-src https: 'unsafe-inline'; report-uri https://d3hgbgl45ueh08.cloudfront.net/log/csp Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://pantherafinance.com.au/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers content-security-policy default-src https:; connect-src https: wss:; font-src https: data:; img-src https: data:; media-src blob: https:; object-src 'none'; script-src 'self' https://*.yabbr.io https://*.equifaxengage.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/charts/ https://snap.licdn.com; style-src https: 'unsafe-inline'; report-uri https://d3hgbgl45ueh08.cloudfront.net/log/csp via 1.1 c1a2760c3f8e9ff8c3652b4d6ff3a906.cloudfront.net (CloudFront) x-content-type-options nosniff x-amz-cf-pop ARN54-C1 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront date Mon, 06 Sep 2021 13:47:56 GMT content-length 579 x-xss-protection 1; mode=block referrer-policy no-referrer, strict-origin-when-cross-origin last-modified Thu, 10 Oct 2019 05:35:07 GMT server Yabbr x-frame-options DENY etag "a3b90f568b4d9e6e9a4fc72edf0316d6" strict-transport-security max-age=63072000; includeSubdomains; preload x-amz-version-id gkSwfoLxIck9bus_sE9UwWgsWoC.MDu5 cache-control no-cache accept-ranges bytes content-type application/javascript x-amz-cf-id 7Ie9RmpZP5387_BdvGZt0oCLiCU8twD2RhMeCKrZ0eorWQdcawgAuw==
GET H2	200	app-bootstrap.js Show response go.yabbr.io/js/ Frame 9677	132 B 1 KB	1196ms 1195ms	Script application/javascript	65.9.55.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://go.yabbr.io/js/app-bootstrap.js Requested by Host: go.yabbr.io URL: https://go.yabbr.io/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.55.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Yabbr / Resource Hash aa0ae7831ec574e00d74abaed480a8f72a909141453d75452e9603b05458e9a4 Security Headers Name Value Content-Security-Policy default-src https:; connect-src https: wss:; font-src https: data:; img-src https: data:; media-src blob: https:; object-src 'none'; script-src 'self' https://*.yabbr.io https://*.equifaxengage.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/charts/ https://snap.licdn.com; style-src https: 'unsafe-inline'; report-uri https://d3hgbgl45ueh08.cloudfront.net/log/csp Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers content-security-policy default-src https:; connect-src https: wss:; font-src https: data:; img-src https: data:; media-src blob: https:; object-src 'none'; script-src 'self' https://*.yabbr.io https://*.equifaxengage.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/charts/ https://snap.licdn.com; style-src https: 'unsafe-inline'; report-uri https://d3hgbgl45ueh08.cloudfront.net/log/csp via 1.1 c1a2760c3f8e9ff8c3652b4d6ff3a906.cloudfront.net (CloudFront) x-content-type-options nosniff x-amz-cf-pop ARN54-C1 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront date Mon, 06 Sep 2021 13:47:57 GMT content-length 132 x-xss-protection 1; mode=block referrer-policy no-referrer, strict-origin-when-cross-origin last-modified Thu, 10 Oct 2019 05:43:22 GMT server Yabbr x-frame-options DENY etag "a0e1317140631ad3f909e49e608878e3" strict-transport-security max-age=63072000; includeSubdomains; preload x-amz-version-id W00NLXnaPSr6S40e5UOReayGb3a0sKzW cache-control no-cache accept-ranges bytes content-type application/javascript x-amz-cf-id cyLfhnr-Wg78XJbUJ2dUC5bHCvhDIODHi25SH4TR_w6W9URCPvkOAA==
GET H2	200	app-bundle.js Show response go.yabbr.io/js/ Frame 9677	2 MB 622 KB	1200ms 1199ms	Script application/javascript	65.9.55.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://go.yabbr.io/js/app-bundle.js Requested by Host: go.yabbr.io URL: https://go.yabbr.io/js/app-bootstrap.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.55.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Yabbr / Resource Hash edbc15f704ec9d4b6ad91172fabcba93970cb2b28814ecf0d29be42ba82d22cc Security Headers Name Value Content-Security-Policy default-src https:; connect-src https: wss:; font-src https: data:; img-src https: data:; media-src blob: https:; object-src 'none'; script-src 'self' https://*.yabbr.io https://*.equifaxengage.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/charts/ https://snap.licdn.com; style-src https: 'unsafe-inline'; report-uri https://d3hgbgl45ueh08.cloudfront.net/log/csp Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-amz-version-id bWY2bQBHuFFBEszU3g.siTEHR4LuBilu content-encoding gzip vary Accept-Encoding x-amz-cf-pop ARN54-C1 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront date Mon, 06 Sep 2021 13:47:59 GMT x-xss-protection 1; mode=block referrer-policy no-referrer, strict-origin-when-cross-origin last-modified Fri, 03 Sep 2021 04:14:29 GMT server Yabbr x-frame-options DENY etag W/"dd380fc49b56dfb46afdad386a9a4e9f" strict-transport-security max-age=63072000; includeSubdomains; preload content-type application/javascript via 1.1 c1a2760c3f8e9ff8c3652b4d6ff3a906.cloudfront.net (CloudFront) cache-control no-cache content-security-policy default-src https:; connect-src https: wss:; font-src https: data:; img-src https: data:; media-src blob: https:; object-src 'none'; script-src 'self' https://*.yabbr.io https://*.equifaxengage.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/charts/ https://snap.licdn.com; style-src https: 'unsafe-inline'; report-uri https://d3hgbgl45ueh08.cloudfront.net/log/csp x-amz-cf-id ARZ4HSeSZO47rCAiGVIyBoSZGGCVRJaOkr9mrucRBaupWdJ-pYvbBw== x-content-type-options nosniff
GET H3-29	200	css2 fonts.googleapis.com/ Frame 9677	6 KB 651 B	23ms 21ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@300;500;700&display=swap Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f29ba42be1ab734dfd8f031794323cc50040545b8952b78c4deb312c53cf1cd0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 06 Sep 2021 11:57:57 GMT server ESF date Mon, 06 Sep 2021 13:47:58 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 06 Sep 2021 13:47:58 GMT
GET H2	200	widget Show response api.yabbr.io/2019-01-23/organisations/29f9e16d4cb3d8fdcad686a38c745af5eda51886e99ee70b85e7ef989ace3d79/ Frame 9677	8 KB 4 KB	1328ms 1228ms	XHR application/json	65.9.55.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.yabbr.io/2019-01-23/organisations/29f9e16d4cb3d8fdcad686a38c745af5eda51886e99ee70b85e7ef989ace3d79/widget?lang=en&1630936078945 Requested by Host: go.yabbr.io URL: https://go.yabbr.io/js/app-bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.55.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 18ba3ef20b72fcf46290b4ee1d9a4719ea927cb154b18c172c0be1af7c2b98c3 Security Headers Name Value Content-Security-Policy default-src https:; connect-src https: wss:; font-src https: data:; img-src https: data:; media-src blob: https:; object-src 'none'; script-src 'self' https://*.yabbr.io https://*.equifaxengage.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/charts/ https://snap.licdn.com; style-src https: 'unsafe-inline'; report-uri https://d3hgbgl45ueh08.cloudfront.net/log/csp Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Mon, 06 Sep 2021 13:48:00 GMT content-encoding gzip x-content-type-options nosniff x-amzn-remapped-server Yabbr x-amz-cf-pop ARN54-C1 x-amzn-requestid 7325a42f-8571-43b1-bbfa-563643d6e512 x-cache Miss from cloudfront x-amz-apigw-id FPlSiE2PSwMFVgw= x-xss-protection 1; mode=block access-control-allow-origin * referrer-policy no-referrer, strict-origin-when-cross-origin x-frame-options DENY x-amzn-trace-id Root=1-61361c10-221232f75549559d4e279313;Sampled=0 strict-transport-security max-age=63072000; includeSubdomains; preload access-control-allow-methods DELETE,GET,HEAD,OPTIONS,POST,PUT,PATCH content-type application/json via 1.1 92d4c1e39a34b2240dece0172216b542.cloudfront.net (CloudFront) vary Accept-Encoding cache-control max-age=0 content-security-policy default-src https:; connect-src https: wss:; font-src https: data:; img-src https: data:; media-src blob: https:; object-src 'none'; script-src 'self' https://*.yabbr.io https://*.equifaxengage.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/charts/ https://snap.licdn.com; style-src https: 'unsafe-inline'; report-uri https://d3hgbgl45ueh08.cloudfront.net/log/csp access-control-allow-headers Authorization,Content-Type,X-Api-Key,X-MFA,X-Organisation,X-Token x-amz-cf-id HU6nak6HQN43z4JQol9HaSbgezg1MpTOb_0WPIhPiEEflCXH4IxCIA==
GET H2	200	/ Show response go.yabbr.io/socket.io/ Frame 9677	96 B 808 B	1313ms 1225ms	XHR text/plain	65.9.55.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://go.yabbr.io/socket.io/?EIO=4&transport=polling&t=NkxNP-X Requested by Host: go.yabbr.io URL: https://go.yabbr.io/js/app-bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.55.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 2a22d2999b837dc767a6343711432b5ec876e3611d3ce240361f789cd5cba6c2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff Request headers Accept */* Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Mon, 06 Sep 2021 13:48:01 GMT via 1.1 ddf05588239a53ffcc4f78bf3b76aac4.cloudfront.net (CloudFront) x-content-type-options nosniff x-amz-cf-pop ARN54-C1 strict-transport-security max-age=31536000; includeSubdomains x-cache Miss from cloudfront content-type text/plain; charset=UTF-8 access-control-allow-origin https://pantherafinance.com.au access-control-allow-credentials true vary Origin content-length 96 x-amz-cf-id 7mVPuJkV5ucNerYzvdHNjlM4M-ElPH_J1HYkPZGCjuWIiHKPv5gNig==
GET H2	200	pf_web_bubble_offline.png go.yabbr.io/clients/ Frame 9677	22 KB 23 KB	1181ms 1181ms	Image image/png	65.9.55.88 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://go.yabbr.io/clients/pf_web_bubble_offline.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.55.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Yabbr / Resource Hash af8bfb394718edcb866d2d0517957d4992896b67246f0dbebc8bfdd202f5db11 Security Headers Name Value Content-Security-Policy default-src https:; connect-src https: wss:; font-src https: data:; img-src https: data:; media-src blob: https:; object-src 'none'; script-src 'self' https://*.yabbr.io https://*.equifaxengage.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/charts/ https://snap.licdn.com; style-src https: 'unsafe-inline'; report-uri https://d3hgbgl45ueh08.cloudfront.net/log/csp Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers content-security-policy default-src https:; connect-src https: wss:; font-src https: data:; img-src https: data:; media-src blob: https:; object-src 'none'; script-src 'self' https://*.yabbr.io https://*.equifaxengage.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/charts/ https://snap.licdn.com; style-src https: 'unsafe-inline'; report-uri https://d3hgbgl45ueh08.cloudfront.net/log/csp via 1.1 c1a2760c3f8e9ff8c3652b4d6ff3a906.cloudfront.net (CloudFront) x-content-type-options nosniff x-amz-cf-pop ARN54-C1 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront date Mon, 06 Sep 2021 13:48:02 GMT content-length 22495 x-xss-protection 1; mode=block referrer-policy no-referrer, strict-origin-when-cross-origin last-modified Fri, 30 Oct 2020 01:52:56 GMT server Yabbr x-frame-options DENY etag "a9595a027c45e1e1d9536501304f3c87" strict-transport-security max-age=63072000; includeSubdomains; preload x-amz-version-id AdjGMlE8Tyl7wBami0sq_SuVUgY.Vaq7 cache-control no-cache accept-ranges bytes content-type image/png x-amz-cf-id 7oWhbxoGGchKhTz-pIu4A0-g6QgkahdD4Q9C94QjV5HmFk-sXd2bnQ==
POST H2	200	/ Show response go.yabbr.io/socket.io/ Frame 9677	2 B 701 B	1243ms 1243ms	XHR text/html	65.9.55.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://go.yabbr.io/socket.io/?EIO=4&transport=polling&t=NkxNQJ7&sid=qgG1cdmMd237yO9EAHdg Requested by Host: go.yabbr.io URL: https://go.yabbr.io/js/app-bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.55.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff Request headers Accept */* Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-type text/plain;charset=UTF-8 Response headers date Mon, 06 Sep 2021 13:48:02 GMT via 1.1 ddf05588239a53ffcc4f78bf3b76aac4.cloudfront.net (CloudFront) x-content-type-options nosniff x-amz-cf-pop ARN54-C1 strict-transport-security max-age=31536000; includeSubdomains x-cache Miss from cloudfront content-type text/html access-control-allow-origin https://pantherafinance.com.au access-control-allow-credentials true vary Origin content-length 2 x-amz-cf-id DVdFd448cPniQJR55z9zGUFrbLqPcc4LQcW8ZzfiiKxRuzkyXk1l6g==
GET H2	200	/ Show response go.yabbr.io/socket.io/ Frame 9677	32 B 746 B	1230ms 1223ms	XHR text/plain	65.9.55.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://go.yabbr.io/socket.io/?EIO=4&transport=polling&t=NkxNQJ9&sid=qgG1cdmMd237yO9EAHdg Requested by Host: go.yabbr.io URL: https://go.yabbr.io/js/app-bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.55.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 2c5c5ef25cefff160873d12234f8af9bd6a6ad3b074efdb4d2c23ee6b3f5ccc2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff Request headers Accept */* Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Mon, 06 Sep 2021 13:48:02 GMT via 1.1 ddf05588239a53ffcc4f78bf3b76aac4.cloudfront.net (CloudFront) x-content-type-options nosniff x-amz-cf-pop ARN54-C1 strict-transport-security max-age=31536000; includeSubdomains x-cache Miss from cloudfront content-type text/plain; charset=UTF-8 access-control-allow-origin https://pantherafinance.com.au access-control-allow-credentials true vary Origin content-length 32 x-amz-cf-id zJE8Myfp2XLxKtxDGjjn9jycRWYWnvmjHFwDMAWYCDOq6o600PB8Lw==
POST H2	200	/ Show response go.yabbr.io/socket.io/ Frame 9677	2 B 695 B	1243ms 1243ms	XHR text/html	65.9.55.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://go.yabbr.io/socket.io/?EIO=4&transport=polling&t=NkxNQcg&sid=qgG1cdmMd237yO9EAHdg Requested by Host: go.yabbr.io URL: https://go.yabbr.io/js/app-bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.55.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff Request headers Accept */* Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-type text/plain;charset=UTF-8 Response headers date Mon, 06 Sep 2021 13:48:03 GMT via 1.1 ddf05588239a53ffcc4f78bf3b76aac4.cloudfront.net (CloudFront) x-content-type-options nosniff x-amz-cf-pop ARN54-C1 strict-transport-security max-age=31536000; includeSubdomains x-cache Miss from cloudfront content-type text/html access-control-allow-origin https://pantherafinance.com.au access-control-allow-credentials true vary Origin content-length 2 x-amz-cf-id j5Lu3-BOoneZqeL4IReJEG1eU9CVLGb9TtuMdWXZWkuJrdqxOiZPsQ==

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| config function| yabbr object| webpackJsonppanthera-client undefined| s object| w object| f object| j object| y string| d function| setImmediate function| clearImmediate object| regeneratorRuntime function| __assign function| __extends number| 2f1acc6c3a606b082e5eef5e54414ffb function| openYabbrWidget

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	connect-src 'self' https://*.pantherafinance.com.au https://*.yabbr.io/ wss://go.yabbr.io/ https://www.google-analytics.com https://stats.g.doubleclick.net https://*.visualstudio.com/;frame-src 'self' https://www.google.com/recaptcha/;img-src 'self' data: https://go.yabbr.io/ https://seal.godaddy.com/ https://www.google-analytics.com https://www.google.com/ https://yabbr.chat/ https://www.google.com.au/ https://maps.gstatic.com/ https://*.cloudfront.net/;default-src 'self';font-src 'self' https://go.yabbr.io/ https://fonts.gstatic.com/;style-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://fonts.googleapis.com/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://go.yabbr.io/ https://seal.godaddy.com/ https://*.google-analytics.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.yabbr.io
fonts.googleapis.com
go.yabbr.io
pantherafinance.com.au
13.107.213.52
2a00:1450:4001:82f::200a
65.9.55.40
65.9.55.88
18ba3ef20b72fcf46290b4ee1d9a4719ea927cb154b18c172c0be1af7c2b98c3
21a851b7bf0209ca91c1813dcc27525cb02d08a836b4dc72d52c899e576ebe0d
266b59b0a45c87e5b6aed139bb67d81a7f8a1662ec6e0ce7e958ab08989603c9
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a22d2999b837dc767a6343711432b5ec876e3611d3ce240361f789cd5cba6c2
2c5c5ef25cefff160873d12234f8af9bd6a6ad3b074efdb4d2c23ee6b3f5ccc2
6ffa9a48840519c43910e6a283c41604713af9474c2819103ce436447ce143eb
a98746ba585091c40feedc5b94347e6b6d15df6db33049fd2554bb4ae933d955
aa0ae7831ec574e00d74abaed480a8f72a909141453d75452e9603b05458e9a4
af8bfb394718edcb866d2d0517957d4992896b67246f0dbebc8bfdd202f5db11
bbf00861c5e0dbe04851eca4f58f3e5690dcf4b5517df683f2ec32eb5ca33b27
edbc15f704ec9d4b6ad91172fabcba93970cb2b28814ecf0d29be42ba82d22cc
ee6b5abe1fd4bac80488823ad791fb935721a446807f7d94fda5fd5fbd3d0206
f29ba42be1ab734dfd8f031794323cc50040545b8952b78c4deb312c53cf1cd0